Usage of Block key for password encryption in office 2010 ??? RRS feed

  • Question



     I am working on password decryption of office 2010. I have already done office 2007 decryption. I have already gone through MS-OFFCRYPTO. But I have some problems:


    1) In case of generating encryption Key,

    The initial password hash is generated as the following.

     H0 = H(salt + password)

    The salt used MUST be generated randomly.  The hash is then iterated using the following approach:

     Hn = H(iterator + Hn-1)

    Where iterator is an unsigned 32-bit value which is initially set to 0x00000000, and is then incremented monotonically on each iteration until PasswordKey.spinCount iterations have been performed. The value of the iterator on the last iteration MUST be one less than PasswordKey.spinCount.

    The final hash data which is used for an encryption key is then generated using the following method:

     Hfinal = H(Hn + block_key

    Where block_key represents an array of bytes used to prevent two different blocks from encrypting to the same cipher text.

    2) In case of Initialization vector: another block key is used.

    IV= Salt key+Block key

    i) Are the both block keys same or different ?

    ii) From where I can get the block keys ?


    Can anyone please help me out of this problem. Your help is heartly appreciated.


    • Edited by Sam_dev Monday, January 2, 2012 8:10 AM
    Monday, January 2, 2012 8:09 AM


All replies

  • Hi Sam_dev:

    I have alerted open specification team regarding your inquiry. a member of the team will be in touch soon.

    Regards, Obaid Farooqi
    Monday, January 2, 2012 8:21 PM
  • Hiii Obaid, 

    Thanks for your response, The document which I am following for this encryption is  http://ebookbrowse.com/ms-offcrypto-pdf-d12613233. You can check it out. Please reply me ASAP. I am waiint for your precious reply.



    Tuesday, January 3, 2012 2:51 AM
  • Hi Sam_dev, I am the engineer who will be working with you on this issue. I am currently researching the problem and will provide you with an update soon. Thank you for your patience.
    Josh Curry (jcurry) | Escalation Engineer | Open Specifications Support Team
    Tuesday, January 3, 2012 4:44 PM
  • Hi Sam_dev, when generating the Encryption Key or Initialization Vector, the block_key used in the hashing algorithm will always be the block number being decrypted.  For example, when decrypting the first 4k block the block_key will be 0, the second will be 1, etc… The value is an 8-byte unsigned integer that is then stored in an 8-byte byte array in little endian order before being passed to the hashing algorithm.
    Josh Curry (jcurry) | Escalation Engineer | Open Specifications Support Team
    Thursday, January 5, 2012 8:05 PM
  • Hello Jcurry,
    Thanks for your response but I think you are getting me wrong, i am not trying to decrypt the content of the office 2010 file. I am working on an application for passowrd verifier of office 2010, In which i will compare the hash of the password (given by user) with the hash of the file using Agile encryption algorithm.waiting for your quick response.
    Friday, January 6, 2012 4:06 AM
  • Hello JCurry,

    Waiting for your response, Please reply me ASAP.



    Tuesday, January 10, 2012 4:23 AM
  • Hi Sam_dev, I am still looking into this issue. I hope to have more information for you soon. Your patience is greatly appreciated.
    Josh Curry (jcurry) | Escalation Engineer | Open Specifications Support Team
    Tuesday, January 10, 2012 2:45 PM
  • Hi Sam_dev, please take a look at the following thread and let me know if it answers your question as well.



    Josh Curry (jcurry) | Escalation Engineer | Open Specifications Support Team
    Thursday, January 12, 2012 4:46 PM