3

What algorithm does Outlook 2010 use for it it's pst encryption?

I am hoping it is AES 128 or 256....

Cheers

squillman
  • 37,618
  • 10
  • 90
  • 145
user25862
  • 43
  • 1
  • 5
  • This isn't really an answer as such, so I won't post it as one. The PST file format is now openly documented and can be downloaded from [this page](http://msdn.microsoft.com/en-us/library/ff385210%28v=office.12%29.aspx). – Ben Pilbrow Feb 01 '11 at 18:32

2 Answers2

7

PSTs are not encrypted the way you would think. They do not use a standard encryption scheme, but a custom one. From the PST specification. http://msdn.microsoft.com/en-us/library/ff385210%28office.12%29.aspx

4.1 Strength of Encoded PST Data Blocks

This protocol uses two keyless cipher algorithms to encode the data blocks in the PST. These algorithms only provide data obfuscation and can be conveniently decoded once the exact encoding algorithm is understood.

Moreover, only end-user data blocks are encoded in the PST. All the other infrastructure information, including the header, allocation metadata pages and BTree pages are stored without obfuscation.

In summary, the strength of the encoded PST data blocks provides no additional security beyond data obfuscation.

4.2 Strength of PST Password

The PST Password, which is stored as a property value in the Message store, is a superficial mechanism that requires the client implementation to enforce the stored password. Because the password itself is not used as a key to the encoding and decoding cipher algorithms, it does not provide any security benefit to preventing the PST data to be read by unauthorized parties.

Moreover, the password is stored as a CRC-32 hash of the original password string, which is prone to collisions and is relatively weak against a brute-force approach.

Microsoft say

We recommend that you use Encrypting File System (EFS) or Windows BitLocker Drive Encryption to help secure the data in a .pst file. The Compressible Encryption and High Encryption options provide only a basic level of security.

from http://support.microsoft.com/kb/829971

paulmorriss
  • 277
  • 1
  • 3
  • 15
Joe Doyle
  • 1,681
  • 14
  • 15
1

Wikipedia, man:

Microsoft (MS) offers three values for the encryption setting: none, compressible, and high. None encryption is easy because the .pst file contains data in plaintext, and a simple text editor will show the contents.

Compressible encryption is a simple byte-substitution cipher with a fixed substitution table. Of course, since the table is fixed, it is also widely known. Attackers can simply decipher the data and see the computer's plaintext.

High (sometimes called "better") encryption is similar to a WWII German Enigma cipher with three fixed rotors, which are widely known. If the key, which is the value of an internal identifier, is known, attackers can simply decipher the data and see the computer's plaintext.

So, is this something you're trying to do for home use, or are you trying to rollout encryption to your users? Why specifically just to their PST files; what specific problem are you trying to solve?

mfinni
  • 35,711
  • 3
  • 50
  • 86