Skip Links

Microsoft Office 2013's enhanced protection scheme cracked ahead of official launch

Russian corporate security and IT audit firm ElcomSoft claims to have developed tools with the ability to recover plain-text passwords used to encrypt documents in Microsoft Office 2013.

By Marco Chiappetta on Wed, 10/03/12 - 5:11pm.

In addition to a host of improvements and other changes, Microsoft beefed up the encryption scheme used to secure users’ data in Office 2013. With Office 2010, Microsoft used an SHA-1 class algorithm with a 128-bit key to encrypt plain-text password-protected documents. With Office 2013, though, Microsoft has moved to a technically more secure SHA-2 class SHA512 algorithm to calculate the hash values for the encryption keys, but it appears even that wasn’t enough. ElcomSoft, a privately owned company headquartered in Moscow, has announced that it has already developed tools to crack Microsoft’s latest protection schemes. Shocking, I know.

A post on the ElcomSoft Advance Password Cracking blog claims that the company’s Advanced Office Password Recovery and Distributed Password Recovery tools now have the ability to crack Office 2013 plain text passwords, just weeks before the productivity suite’s official release. The post isn’t very detailed and doesn’t explain exactly how ElcomSoft pulled it off, but it does say that it is not strictly a brute force method. In fact, ElcomSoft claims that brute force attacks on Office 2013’s encryption scheme are virtually useless.

According to the blog post,“brute-forcing SHA512 hashes with 256-bit encryption key is a dead end,” presumably due to the immense amount of time it would take to crack the 64-bit words used by SHA-512. “Smart password attacks are pretty much the only way to go with Office 2013.”

ElcomSoft’s Advanced Office and Distributed Password Recovery tools can already crack Office 2013 passwords. (Image source: ElcomSoft)

ElcomSoft goes on to say that their tools rely on a variety of smart attacks, which include a combination of dictionary attacks, masks and advanced permutations, and that the tools currently run on standard CPUs. ElcomSoft has been known to leverage the highly-parallel nature of GPUs to accelerate password cracking, but their current tools do not. A future version likely will leverage GPUs, but for now CPUs alone can get the job done.

Despite Microsoft’s efforts to beef up security in Office 2013, is anyone really surprised Office’s encryption scheme has already been cracked? Clearly, it’s going to be harder for unsophisticated crackers to break more advanced algorithms with relatively simple brute-force methods that would take countless hours of compute time to complete. But I’m of the opinion that where there’s a will there’s a way, and if talented, smart, determined coders/engineers/hackers wants to crack a password, they’ll find a way to do it. Especially when it’s up to fallible humans to design and implement the protection schemes in the first place.