10

To what extent can the native file encryption provided by Microsoft Office 2013 (Word, Powerpoint, Excel, etc.) be relied upon to maintain the confidentiality of documents, especially within the context of a Windows OS?

It also appears as though encryption does not remove metadata, such as the file's date of creation or date of last edit, and the frequent backups taken by Windows would leave me wondering whether or not an unencrypted version of the file is floating around somewhere on the system.

Can Microsoft Office 2013's native file encryption be relied upon, should an alternative tool (such as 7-zip) be used, or is the ultimate solution full-disk encryption?

nitrl
  • 3,003
  • 4
  • 20
  • 23

2 Answers2

7

When applications process data, they need it unencrypted in RAM, and the data will be copied to many places, including the hard disk as temporary files, or as part of the virtual memory mechanism, or hibernation. If you need to ensure that, once the machine has been powered down, its contents cannot be retrieved by an attacker with full physical access to the machine (the "stolen laptop" scenario), then full-disk encryption is required, with the following caveats:

  • When we say "full", we mean "full". The disk containing the operating system core files should also be encrypted, and the areas for virtual memory as well. That's what TrueCrypt calls system encryption.

  • This is valid only for a powered-down machine, not a system in "suspended" or "hibernated state".

  • Even after power down, some data which was in RAM could still be readable for a few minutes; this is the cold boot attack. For most usage scenarios, this is not a hard problem, but it still pays to keep that point in mind.

File-based encryption tools (e.g. what 7-zip offers) are meant for protections of files in transit, e.g. when the file is to be sent as an attachment to an email, or stored on a USB key. This is not the same attack scenario.

Tom Leek
  • 168,808
  • 28
  • 337
  • 475
  • I would like to add, if the attacker is prepared and comes with some liquid nitrogen, he can maintain the state of the memory modules for several hours before they degrade too much to rip the encryption key in a cold boot attack. Though truecrypt and such deliberately scrub that area of RAM on proper shutdown. – ewanm89 Apr 11 '13 at 22:40
  • For the in-transit scenario, where the attacker has only the file on a USB stick, say, and there's a reasonable password on a Word document, how secure is that file? – Joshua Frank Jul 25 '18 at 16:59
3

Can it be relied upon? Sure. Can it be relied on for certain situations? It depends on the situations and what you are wanting to protect against.

I don't think the file encryption was ever meant for long term secure storage, but more for a way to protect the contents in transit.

Steve
  • 15,155
  • 3
  • 37
  • 66
  • This is really weird as Microsoft calls it at-rest encryption: http://ligman.me/2txxLic – NH. Jul 21 '17 at 17:25