[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] Updated: (OFFICE-3709) ODF 1.3: PackageEncryption Enhancements
[ http://tools.oasis-open.org/issues/browse/OFFICE-3709?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dennis Hamilton updated OFFICE-3709: ------------------------------------ Summary: ODF 1.3: Package Encryption Enhancements (was: ODF 1.3: Package Encryption Start-Key Enhancement) Proposal: [Updated 2011-08-04] Version 1.01 body of the proposal is maintained at http://www.oasis-open.org/committees/document.php?document_id=43085 , with specification of explicit changes to the text of these sections of ODF 1.2 for incorporation in ODF 1.3 CSD01 part 3: A. Rationale B. Proposed Changes 1. Front Page 2. Normative References 3. Section 4.8.3 manifest:checksum-type 4. Section 4.8.6 manifest:start-key-generation-name C. Deployment Considerations The proposal adds one new URI for a method that appends the manifest:salt to the user-specified password for digesting as the start key. The proposal adds a second new method that produces a manifest:checksum value that carries a salt and uses HMAC-SHA1 to produce the value for verifying that the decryption is correct. was: Version 1.00 body of the proposal is maintained at http://www.oasis-open.org/committees/document.php?document_id=43049 , with specification of explicit changes to the text of these sections of ODF 1.2 for incorporation in ODF 1.3 CSD01 part 3: 1. Front Page 2. Section 4.8.6 manifest:start-key-generation-name The proposal adds one new URI for a method that appends the manifest:salt to the user-specified password for digesting as the start key. Description: In the default encryption method for packages, the same start-key, the SHA1 digest of the user-entered-password, is used for all key generations for encrypting the individual parts of the package. Although the start-key is a secret, its successful attack permits decryption of the entire package. This proposal adds a method by which the start key is different for every key generation, relying on the cryptographically-random and different manifest:salt that is created for each key generation. This means that successful attack of one start key does not provide the start key for any of the other encryptions. Note: This procedure does not materially impact attacks on the user-specified password, which remain at least as vulnerable as memorable passwords generally are. In addition, the proposal adds an additional manifest:checksum-type that is salted in a way that avoids production of duplicate checksums for the same-plaintext files in different encrypted documents, reducing any attack surface that the detection of same-plaintext files may offer.. was: In the default encryption method for packages, the same start-key, the SHA1 digest of the user-entered-password, is used for all key generations for encrypting the individual parts of the package. Although the start-key is a secret, its successful attack permits decryption of the entire package. This proposal adds a method by which the start key is different for every key generation, relying on the cryptographically-random and different manifest:salt that is created for each key generation. This means that successful attack of one start key does not provide the start key for any of the other encryptions. Note: This procedure does not materially impact attacks on the user-specified password, which remain at least as vulnerable as memorable passwords generally are. The proposal title and the proposal statement have been changed to cover both manifest:checksum-type and manifest:start-key-generation-name being enhanced. > ODF 1.3: Package Encryption Enhancements > ---------------------------------------- > > Key: OFFICE-3709 > URL: http://tools.oasis-open.org/issues/browse/OFFICE-3709 > Project: OASIS Open Document Format for Office Applications (OpenDocument) TC > Issue Type: Improvement > Components: Packaging, Part 3 (Packages), Security > Affects Versions: ODF 1.2 > Environment: This is an enhancement, described in terms of changes to OpenDocument-v1.2-cs01-part3 > Reporter: Dennis Hamilton > Assignee: Dennis Hamilton > Fix For: ODF 1.3 CSD 01 > > > In the default encryption method for packages, the same start-key, the SHA1 digest of the user-entered-password, is used for all key generations for encrypting the individual parts of the package. Although the start-key is a secret, its successful attack permits decryption of the entire package. > This proposal adds a method by which the start key is different for every key generation, relying on the cryptographically-random and different manifest:salt that is created for each key generation. This means that successful attack of one start key does not provide the start key for any of the other encryptions. > Note: This procedure does not materially impact attacks on the user-specified password, which remain at least as vulnerable as memorable passwords generally are. > In addition, the proposal adds an additional manifest:checksum-type that is salted in a way that avoids production of duplicate checksums for the same-plaintext files in different encrypted documents, reducing any attack surface that the detection of same-plaintext files may offer.. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]