openoffice-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dennis E. Hamilton" <dennis.hamil...@acm.org>
Subject RE: A Question about Open Office Password Protected Text Documenets
Date Fri, 10 Jun 2016 17:55:23 GMT


> -----Original Message-----
> From: Damjan Jovanovic [mailto:damjan@apache.org]
> Sent: Friday, June 10, 2016 07:29
> To: Apache OO <dev@openoffice.apache.org>
> Subject: Re: A Question about Open Office Password Protected Text
> Documenets
> 
> Hi Roger
> 
> If you saved them in OpenOffice's default format, OpenDocument (.odt /
> .ods
> / .odb etc.), then yes. Password protection is part of the OpenDocument
> standard, and should be supported by us and other OpenDocument software
> such as AbiWord, Gnumeric, Microsoft Office, etc. for a long time. The
> encryption techniques are all well documented and use common well
> established ciphers, hash functions and password strengthening
> procedures.
> 
> With long term storage, the problem won't be data becoming inaccessible
> due
> to encryption (provided you remember your passwords), so much as the
> opposite problem, of data becoming too easily accessible, since older
> versions of OpenDocument used weaker encryption ciphers, potentially
> making
> document encryption too easy to crack by future weaknesses discovered in
> those ciphers and with more powerful computers in the future.
[orcmid] 

There is a misunderstanding here.  The problem of using the latest-and-greatest (i.e, based
on AES) supported encryptions is that older versions of software won't be able to open it
and versions that have not upgraded their support or for which there is an interoperability
defect won't open it either.

We ran into this recently where users of Mac OSX could no longer open some password-protected
files. 

It is not in our power to offer a guarantee about this.  At the moment, the basic cryptography
used since ODF 1.0 is working.  There is no way that the project can assert that this will
apply in perpetuity and that software to accomplish it will always be available.  That is
beyond our means.

Finally, the use of better hash algorithms and AES as a check-box item do *not* eliminate
the known exposure of ODF documents to cryptographic attack and decryption by an adversary.
 ODF encryption should *never* be used for highly-confidential documents, especially files
subject to security-classification regimes of governments or other entities.  I don't belief
any such agency would permit ODF encryption to be used; encryption would be accomplished by
other means. 

The reasons for that are quite simple:

 1. All ODF encryption is password-based.  That is the greatest single vulnerability, especially
if the same password is used on multiple documents.  There are extremely well-known and highly-available
means for attacking encryptions using memorable passwords.  This vulnerability trumps everything.
 This is something the software does not control and cannot mitigate much.  Note that advertised
password-recovery software *does* succeed against password-protected ODF documents on occasion.
 The advances in computer performance (especially graphics processors) ensure that the number
of passwords that are defeated by such software will only increase.

 2. Because the encryption is of a static, persistent document, the attack can be conducted
off-line for a sustained time and using coordinated crowd-sourced attacks.  Advances in technology
have neutralized the measures used to make attacking of the password computationally difficult.
 This means that documents retaining long-duration secrets are the most vulnerable if not
adequately protected against disclosure.

 3. The particular encryption approach (not the low-level choice of the stream-level encryption
algorithm) leaks information about the original ODF document to the point where some unencrypted
information may be determined by means other than actually having to decrypt it.  That revelation
can be used to expedite attack on the password used for the unknown parts.

As a final thought.  It is revealing that Microsoft Office will not produce ODF documents
that are saved with a password, although it will otherwise support ODF format.  In addition,
the software refuses to open such documents, although it certainly could go that far, in principle.
 So there is no means to rescue password-saved ODF documents in the most widely-available
ODF-supporting software on the planet.

 - Dennis
> 
> Regards
> Damjan
> 
> On Fri, Jun 10, 2016 at 3:42 PM, Roger Bentley
> <roger.bentley@outlook.com>
> wrote:
> 
> > Dear Sir/Madam
> >
> > I have a large number of important documents that I have created over
> the
> > years in Open Office, which were created as password protected
> documents.
> >
> > Is there any likelihood in the future of any ‘redundancy’ or suchlike
> > where these documents would be no longer accessible by future then
> current
> > software etc?  Or will the files always remain safe, in that there
> will
> > always be an Open Office allied program capable of unlocking their
> password
> > protected format?
> >
> > I will be very grateful of your reply.
> >
> > With sincere regards
> >
> > Roger Bentley


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org


Mime
View raw message