Thread: How can I decrypt a Microsoft Word document for which I have the key?
View Single Post
  #6   Report Post  
Posted to microsoft.public.word.docmanagement
 
Posts: n/a
Default How can I decrypt a Microsoft Word document for which I have the key?
Tony Jollans wrote:
Modern Word security is fairly effective. I don't know exactly how it works
but, as far as I understand, it can not be broken and all that the myriad
products available for download and/or purchase do is a full frontal assault
with a sledgehammer - they keep trying passwords until they find one that
works (which might take days or weeks depending on the complexity of the
original password). I have no idea what you have found that you think is an
encryption key but what you would need would be a *de*cryption key
(essentially a password); without that I don't think you have made any
progress.

Perhaps, then, I'm a little confused. Say I write a memo in Microsoft
Word, then protect it with a password to open. The document is now
"protected" in that it needs a password to open the file but isn't that
just a convenient mechanism for decryption? That is, to really protect
the document, the file itself must be inaccessible (encrypted?) and the
password to open it is merely a user interface technique to give one
user access to the encrypted information.

I was under the impression that there are two "levels" of security in
Microsoft Word documents: 1) the password can brute-forced and that
will open the document via the so-called natural attempt of opening the
document and 2) the document, the file itself, is encrypted so that
another user could manipulate the document through any other (perhaps
non-GUI) means. When I talk of having the encryption key, what I mean
is that through a brute-force (keyspace-attack) search on the document
itself I was able to discern the 40-bit value used as the encryption
key. Whether or not that's helpful at all is another story.



General 'netiquette' on all forums in which I participate is that breaking
security is not an acceptable subject for disussion. Any information posted
is public and open to misuse whether or not your own situation is genuine.
There may be dedicated security forums somewhere on the net where you could
learn about general encryption/decryption techniques, I don't know, but you
are unlikely to get any real help here even if, which I doubt, any is
actually available. A password is what you need - without one you cannot
read the document which, I'm sure, is welcome news to most users.

--
Enjoy,
Tony

I understand--a sensitive subject and a public forum don't often mix
well. Sounds to me like the classic case of those who know don't talk
and, you know the rest. That's okay though. I do appreciate your
reply and will continue to educate myself elsewhere. Also thanks for
the gentle nudge on security-related netiquette.

-Meitar

Reply With QuoteReply With Quote