ns/odf/1.2/security# |
tools for document interoperability |
|
|
nfoWorks > ns> odf> 1.2> security> Package Security Enhancements |
1. Overview<manifest:encryption-data> provisions for encryption of ODF packages. The nfoware-defined enhancements reduce the attack surface. They are not particularly strong countermeasures: they do little to impede readily-available "password-recovery" software that succeeds by attacking the password directly. 1.1 In the password-based encryption of ODF 1.0/1.1/1.2 documents there are two hazards involving message-digest algorithms: <manifest:encryption-data> manifest:checksum attribute value is a digital hash of (the beginning of) the unencrypted file. This discloses information about the unencrypted file and makes it easy to detect encryptions of files for which the plaintext may already be known. 1.1.2 User-entered passwords are transformed into a start key using a message digest algorithm. The algorithm is typically SHA1 (default) or SHA256. This start key is then used in the encryption of each file in the package. Although the password itself is usually the weakest point in the encryption, the start key is also subject to attack, such as attempting known hash values. 1.2 In ODF 1.2 the <manifest:encryption-data> manifest:checksum-type attribute identifies the procedure by which the manifest:checksum value (1.1.1) is derived. Six algorithms are allowed: SHA1, SHA1-1k (on first 1k bytes only), SHA256, SHA256-1k (recommended), SHA512, and RIPEMD-160. ODF 1.2 consumers are required to support SHA1-1k and SHA256-1k. 1.3 In ODF 1.2 the <manifest:start-key-generation> manifest:start-key-generation-name attribute identifies the procedure by which the start key for a given package file encryption is derived (1.1.2). Four algorithms are allowed: SHA1, SHA256 (recommended), SHA512, and RIPEMD-160. ODF 1.2 consumers are required to support SHA1 (default) and SHA256. {EdNote: Definition of local names and identifiers for the extended procedures will be provided as provisional use becomes appropriate.
|
0.03 2017-06-14 20:24 -0700 |