Browse by Tags

Tagged Content List
  • Blog Post: Office 2007 SP2 Encryption Settings

    Now that we've actually shipped SP2, some of you may be curious about how to use the shiny new encryption. Here's the registry settings: Registry keys Base keys (also corresponding Policy keys) HKCU\Software\Microsoft\Office\12.0\<appname>\Security\Crypto ...
  • Blog Post: Legacy RC4 Example on Codeplex

    Just a quick note on this – a customer had a question about the old RC4 40-bit encryption yesterday, and this prodded me into taking some memory dumps of intermediate steps and figuring out where my own example code wasn't working. Fortunately, it wasn't really a problem with the documentation – I'd...
  • Blog Post: MS-Offcrypto Example Update

    Just a quick note that I've updated the examples. I added an example for the CAPI RC4 encryption that does work. Along the way, I got smarter about managed C++ and C# interop, which turned out to be a bit of an adventure. I didn't find the documentation on MSDN exceptionally helpful in this area. Maybe...
  • Blog Post: MS-Offcrypto Examples

    In response to some questions I've gotten about details of MS-OFFCRYPTO, I've created a CodePlex project to contain sample code demonstrating the documentation. You can find it at http://www.codeplex.com/offcrypto . I had originally wanted to include sample code in MS-OFFCRYPTO itself, but we couldn...
  • Blog Post: Office Crypto KDF Details

    I've gotten a couple of questions asking how our key derivation function works. The technique is very similar to that described in RFC 2898, also known as PKCS #5. There are two key derivation functions (KDF) documented in this RFC – PBKDF1 and PBKDF2. Our KDF implementation is very similar to PBKDF1...
  • Blog Post: New, Improved Office Crypto

    If you're enough of an Office crypto geek to stay on top of the most recent changes in MS-OFFCRYPTO, you already know about some of this, but my assumption is that most people aren't going to want to parse something that hard to read. What we're doing is introducing some substantial improvements in our...
  • Blog Post: MS-OFFCRYPTO, W7 Engineering blog, etc

    We have a new version of MS-OFFCRYPTO out. The big change is that how CryptDeriveKey was documented on MSDN was incorrect, we copied it, which made our document also incorrect. As it turns out, CryptDeriveKey always uses the same code path for AES as it does as if the hash output is shorter than the...
  • Blog Post: Office Crypto Follies

    What I've been working on lately that has kept me from doing nearly anything else can be found at: http://msdn.microsoft.com/en-us/library/cc313071.aspx MS-OFFCRYPTO is very detailed documentation of exactly how we do cryptography for binary and OOXML documents. Overall, it covers: IRM ...
Page 1 of 1 (8 items)