[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [office] Passwords
On Tue, 2006-28-11 at 14:04 -0500, Patrick Durusau wrote: > Not exactly. > > If the file associations are not editable by the user, limiting opening > of the file to the use of an ODF compliant application and they are > denied access to a DOS command window (with edit or something similar) > it can be made relatively secure. Well, it seems unlikely that a user would be in an environment that lets them read the XML contents but not edit them. But I can think of another reason to use hash though: To protect the password itself, in the event that the document owner chooses to use the same password elsewhere (which is common). So, we want a hash that is pre-image resistant. SHA1 qualifies for now, but I do note that RSA expects to see pre-image attacks in the next 5-10 years. Are we satisfied with that or should we ask for something higher? Maybe we can take a middle position and say that SHA1 is allowed but we recommend applications to move to something else in the future. The spec could say something like this: -------- The hash can be any of: SHA1, SHA-256, SHA-512 and WHIRLPOOL. The committee notes that SHA1 is included for compatibility with current applications but recommends moving to one of the other algorithms in the coming years. -------- I think that's a reasonable balance. It doesn't cause immediate hassle for developers. But what will we do, say, 8 years from now, when SHA1 is no longer considered acceptable? Do we change the spec to disallow SHA1? If so, then some old documents will become invalid. This is a general problem with any hash or encryption algorithm; one day Blowfish might be broken and we may have to choose a different algorithm. Best, Daniel. -- "I AM in shape. Round IS a shape."
This is a digitally signed message part