Jun Zhou, Jing Chen, Kun Pan, Cuicui Zhao, Xiaochao Li
{"title":"浅谈办公中密钥派生功能的安全性","authors":"Jun Zhou, Jing Chen, Kun Pan, Cuicui Zhao, Xiaochao Li","doi":"10.1109/ICASID.2012.6325279","DOIUrl":null,"url":null,"abstract":"In Microsoft Office, the file security is mainly protected by user authentication and files encryption. The cryptographic keys are usually derived from a password. Thus, password based key derivation function (PBKDF) is the core of the security scheme. However, the security of the PBKDF of Office is not yet ensured. In this paper, the PBKDF algorithm is analyzed through the game-playing approach and upper bounded of the Adversary's Advantage over the KDF and random function. Based on that, we discussed the practical safety of the Office encrypted files, and show that Office is secure when the user password is longer than 6 characters.","PeriodicalId":408223,"journal":{"name":"Anti-counterfeiting, Security, and Identification","volume":"33 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-10-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"On the security of key derivation functions in office\",\"authors\":\"Jun Zhou, Jing Chen, Kun Pan, Cuicui Zhao, Xiaochao Li\",\"doi\":\"10.1109/ICASID.2012.6325279\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In Microsoft Office, the file security is mainly protected by user authentication and files encryption. The cryptographic keys are usually derived from a password. Thus, password based key derivation function (PBKDF) is the core of the security scheme. However, the security of the PBKDF of Office is not yet ensured. In this paper, the PBKDF algorithm is analyzed through the game-playing approach and upper bounded of the Adversary's Advantage over the KDF and random function. Based on that, we discussed the practical safety of the Office encrypted files, and show that Office is secure when the user password is longer than 6 characters.\",\"PeriodicalId\":408223,\"journal\":{\"name\":\"Anti-counterfeiting, Security, and Identification\",\"volume\":\"33 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-10-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Anti-counterfeiting, Security, and Identification\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICASID.2012.6325279\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Anti-counterfeiting, Security, and Identification","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICASID.2012.6325279","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
On the security of key derivation functions in office
In Microsoft Office, the file security is mainly protected by user authentication and files encryption. The cryptographic keys are usually derived from a password. Thus, password based key derivation function (PBKDF) is the core of the security scheme. However, the security of the PBKDF of Office is not yet ensured. In this paper, the PBKDF algorithm is analyzed through the game-playing approach and upper bounded of the Adversary's Advantage over the KDF and random function. Based on that, we discussed the practical safety of the Office encrypted files, and show that Office is secure when the user password is longer than 6 characters.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
