1

I stumbled upon Microsoft Office's feature of file encryption. For storing sensitive data in the cloud, e.g. DropBox, this sounds like a nice feature. Reading that the encryption is AES-128 in CBC mode by default, it seems to provide a decent level of confidentiality, even though are still some open details.

Of course usual symmetric encryption does not provide integrity, but as I know Microsoft I wouldn't be too surprised to learn that they actually also meant some kind of integrity protection by naming it encryption. However, this lead me to the following question I wasn't able to find an answer to.

Does the encryption of Microsoft Office guarantee integrity of the saved data?

PS: I already read this question, but it is only concerned with confidentiality.

Dave
  • 113
  • 4
  • Integrity in what sense? The only way to **meaningfully** change the document is to decrypt it, which would require the original key, at which point you could reencrypt it. You _can_ still MAC with a symetric key, which is likely done, although the only other attack would be to randomly mutate the encrypted document, which is going to result in a "corrupted" document. – Clockwork-Muse Nov 29 '18 at 22:48
  • That is a common miunderstanding. In particular the CBC mode is vulnerable to such attacks. The most pupular and recent example for this is the EFAIL attack: https://www.efail.de/ – Dave Nov 30 '18 at 08:12
  • Ah, I see what you mean about being able to use CBC to insert attack text. – Clockwork-Muse Nov 30 '18 at 17:33

1 Answers1

2

Based on the latest MS Office spec, "agile encryption" uses a SHA1-based HMAC for message authentication:

https://interoperability.blob.core.windows.net/files/MS-OFFCRYPTO/[MS-OFFCRYPTO].pdf

Office 2016 appears to use agile encryption by default:

https://docs.microsoft.com/en-us/DeployOffice/security/cryptography-and-encryption-in-office

ConsideredHarmful
  • 345
  • 1
  • 4
  • Sorry it took me so long to accept this answer. Nevertheless, this was exactly what I was looking for. Thank you! – Dave Apr 14 '19 at 11:45