It is important to separate the use of passwords to set protections from use of a password to encrypt the document.
Only "Save with Password" provides cryptographic security of the document. The "Save with Password" encryption is difficult to attack. The password is usually the weakest point and the password may fall to a variety of attacks that use pre-computed dictionaries of SHA1 digests and other brute-force techniques. It is also possible that an attack may break the encryption without discovering the password itself. All of these attacks are believed to required great effort. In general, one should expect that a password used in "Save with Password" is not discoverable unless it is carelessly chosen or heavily reused. The harder the password is to attack, the harder it is to recover, of course. In contrast, all of the protection settings are insecure. The protections are trivial to remove. It can be done by any knowledgeable user with a Zip utility and an XML editor. It is not necessary to know the password to remove the protection. However, all passwords used in making protection settings should be considered compromised. That is because the document stores an SHA1 or other unsalted hash in "plain view" in the document. These hashes are cracked with ease using conventional systems. A password used to set a protection should not be used for any more-private purpose. In particular, if the same passwords are used for protections on unencrypted documents and for saving with password (encryption), the encryption can be broken directly using the SHA1 digest from the protection setting. Protection settings are on spreadsheet fields and sheets. There are protection settings on text as well. The protection against altering change-tracking and the protection for keeping a document read-only are all of this kind. The protection is useful for avoiding mistaken alterations. It is easy for all of these protections to be removed, the document altered, and the protections restored with the very same unlocking password without ever having to know the password. A digital signature can prevent the document from undetected alterations, but that doesn't work for turnaround documents where some alterations are meant to be allowed. There is more explanation of the use and risk of protections, and their removal, here: <https://tools.oasis-open.org/version-control/svn/oic/Advisories/00009-ProtectionKeySafety/trunk/description.html> A proposal for more-reliable security of protection passwords (but not the protections themselves) is before the OASIS ODF TC: <https://www.oasis-open.org/committees/document.php?document_id=46220>. - Dennis -----Original Message----- From: Dr. R. O Stapf [mailto:[email protected]] Sent: Tuesday, October 16, 2012 06:30 To: [email protected] Subject: Re: [libreoffice-users] Re: how to crack a PW in LO? you are perfectly right about this!!! On 16.10.2012 22:22, Andrew Douglas Pitonyak wrote: > Unless you have a lot of time to kill (days, weeks, months, etc), you are > much better off not > forgetting your password. -- For unsubscribe instructions e-mail to: [email protected] Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette List archive: http://listarchives.libreoffice.org/global/users/ All messages sent to this list will be publicly archived and cannot be deleted -- For unsubscribe instructions e-mail to: [email protected] Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette List archive: http://listarchives.libreoffice.org/global/users/ All messages sent to this list will be publicly archived and cannot be deleted
