Title :
On the security of key derivation functions in office
Author :
Zhou, Jun ; Chen, Jie ; Pan, Kun ; Zhao, Cuicui ; Li, Xiaochao
Author_Institution :
Dept. of Electron. Eng., Xiamen Univ., Xiamen, China
Abstract :
In Microsoft Office, the file security is mainly protected by user authentication and files encryption. The cryptographic keys are usually derived from a password. Thus, password based key derivation function (PBKDF) is the core of the security scheme. However, the security of the PBKDF of Office is not yet ensured. In this paper, the PBKDF algorithm is analyzed through the game-playing approach and upper bounded of the Adversary´s Advantage over the KDF and random function. Based on that, we discussed the practical safety of the Office encrypted files, and show that Office is secure when the user password is longer than 6 characters.
Keywords :
cryptography; game theory; word processing; Microsoft Office; PBKDF algorithm; adversary advantage; cryptographic keys; file security; files encryption; game-playing approach; key derivation functions security; password based key derivation function; random function; user authentication; Authentication; Dictionaries; Encryption; Games; Message authentication; Adversary´s Advantage; Key Derivation Functions; Message Authentication Code; Provable Security; Random Oracle Model;
Conference_Titel :
Anti-Counterfeiting, Security and Identification (ASID), 2012 International Conference on
Conference_Location :
Taipei
Print_ISBN :
978-1-4673-2144-0
Electronic_ISBN :
2163-5048
DOI :
10.1109/ICASID.2012.6325279
