none
Getting EcrptionVerifier.Salt in Powerpoint 2003 Binary RRS feed

  • Question

  • Quick question how do I get to EcrptionVerifier.Salt if the password that I have needs to use the Salt to decrypt the CryptSession10Container.data in which the Salt is located?  Isn't this chicken and egg scenario?  Per http://msdn.microsoft.com/en-us/library/dd951371(v=office.12).aspx : The data field of this CryptSession10Container record MUST be encrypted as specified in [MS-OFFCRYPTO] section 2.3.5.1.

    Please help.

    Thank you in advance.


    Norman
    Monday, January 23, 2012 4:34 PM

Answers

  • Hi Norman,

     

    If I understand your question, from [MS-PPT] 2.3.37 CryptSession10Containter, the encrypted parts of an encrypted document MUST be decrypted according to the following rules:

    • A password hash MUST be generated from a password and the data.EncryptionVerifier.Salt field as specified in [MS-OFFCRYPTO] section 2.3.5.5.

    Section 2.3.5.5 points to the [MS-OFFCRYPTO] EncryptionVerifier structure in section 2.3.3, which states:

     

    ·         Salt (16 bytes): An array of bytes that specifies the salt value used during password hash generation. It MUST NOT be the same data used for the verifier stored encrypted in the EncryptedVerifier field.

     

    The same section further details the process by which the EncryptionVerifier structure must be set.

     

    I hope this helps.

    Regards,
    Mark Miller
    Escalation Engineer
    US-CSS DSC PROTOCOL TEAM

    Wednesday, February 1, 2012 5:16 PM

All replies

  • Hi nmfuko,

    Thank you for your question.  A colleague will contact you soon to investigate this issue.

    Regards,
    Mark Miller
    Escalation Engineer
    US-CSS DSC PROTOCOL TEAM

    Monday, January 23, 2012 8:36 PM
  • Hi Mark,

    Thank you for the updated, I will be waiting for your colleague's response.

    Norman


    Norman
    Tuesday, January 24, 2012 5:32 PM
  • Hi Norman,

    I will investigate this and follow up with you with an answer.

    Regards,
    Mark Miller
    Escalation Engineer
    US-CSS DSC PROTOCOL TEAM

    Tuesday, January 24, 2012 5:34 PM
  • Ok, thank you Mark!


    Norman
    Tuesday, January 24, 2012 6:41 PM
  • Hi Mark!

    Any news?


    Norman
    Wednesday, January 25, 2012 2:32 PM
  • Hi nmfuko,

    I will post when I have an update.  Thank you for your patience.

    Regards,
    Mark Miller
    Escalation Engineer
    US-CSS DSC PROTOCOL TEAM

    Wednesday, January 25, 2012 2:37 PM
  • Hi Norman,

     

    If I understand your question, from [MS-PPT] 2.3.37 CryptSession10Containter, the encrypted parts of an encrypted document MUST be decrypted according to the following rules:

    • A password hash MUST be generated from a password and the data.EncryptionVerifier.Salt field as specified in [MS-OFFCRYPTO] section 2.3.5.5.

    Section 2.3.5.5 points to the [MS-OFFCRYPTO] EncryptionVerifier structure in section 2.3.3, which states:

     

    ·         Salt (16 bytes): An array of bytes that specifies the salt value used during password hash generation. It MUST NOT be the same data used for the verifier stored encrypted in the EncryptedVerifier field.

     

    The same section further details the process by which the EncryptionVerifier structure must be set.

     

    I hope this helps.

    Regards,
    Mark Miller
    Escalation Engineer
    US-CSS DSC PROTOCOL TEAM

    Wednesday, February 1, 2012 5:16 PM