[16733] in cryptography@c2.net mail archive
Microsoft reuses RC4 keys in Office
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Wed Jan 26 19:50:45 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: cryptography@metzdowd.com
Date: Fri, 21 Jan 2005 10:46:36 -0500
http://infoworld.com/article/05/01/19/HNmsofficeflaw_1.html
http://eprint.iacr.org/2005/007.pdf
When you encrypt a file in MS Office, the program hashes the
user-supplied password and an IV to produce an RC4 key. However, if
you create a second version of the document, it doesn't generate a new
IV. The consequences are obvious to readers of this list....
--Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
