This article describes changes in encryption file properties in Microsoft Office 2003 and Microsoft Office XP. Earlier versions of Office do not encrypt file properties. Office encrypts file properties by using supported algorithms. The "More Information" section of this article presents general information about encryption in Office.

Encryption, or cryptography, is the technology of storing information in a form that allows only authorized persons to understand and use it. If an unauthorized person views the information, this person only sees sequences of garbled characters and symbols.

An encryption system is used to translate the stored information that is in an unreadable state into a readable form (decryption), such as text or a picture.

One type of cipher or algorithm that is used in encryption is called a stream cipher. A stream cipher uses a device called a bit-stream generator to produce a stream of binary digits. This stream of bits is called a cryptographic bit-stream. The cryptographic bit-stream is combined with the plain text to produce the cipher text. The algorithm can be used in reverse, combining the cryptographic bit-stream with the cipher text to produce the plain text.

Office uses RC4 stream ciphers. RC4 is a stream cipher symmetric key algorithm that was developed by Ronald Rivest in 1987.

RC4 uses a variable key length, from 1 to 256 bytes, to initialize a 256-byte state table. The state table is used for subsequent generation of pseudo-random bytes and then for generation of a pseudo-random stream. Each element in the state table is swapped at least one time.

Because of past export restrictions, the RC4 key is often limited to 40 bits, but it is sometimes used as a 128-bit key. RC4 is capable of using keys between 1 and 2048 bits. RC4 is used in many commercial software packages.

How to Encrypt an Office Document

1. Open the document, and then click Options on the Tools menu.
2. Click the Security tab, and then click Advanced.
3. Select an encryption type, and then click OK.
4. Type a password in the Password to open box, and then click OK.
5. Type your password again in the Confirm Password dialog box, and then click OK.

Note The document will not be encrypted until you protect the document with a password.

Additionally, the Encryption dialog box will display all the encryption types that are available on the computer, including those from the operating system, Microsoft Internet Explorer, and those that are installed with third-party programs. Therefore, you may have some encryption types that are listed in the Encryption dialog box that are not documented in this article.

Encryption Types That You May See Listed in Office

Microsoft Office 97/Microsoft Office 2000 Compatible Encryption

The default encryption method for Word 2003 and Word 2002 is the Office 97/Office 2000 Compatible encryption method. This is the Office-proprietary encryption that is supported by Microsoft Word 97 and Microsoft Word 2000. Office 97/Office 2000 Compatible, a proprietary predecessor to the CryptoAPI method from Microsoft Internet Explorer continues to be the default password algorithm to ensure backward compatibility and international document portability.

Key Length: The Office 97/Office 2000 Compatible encryption method does not support changing the key length, so this control is unavailable, and no number is displayed.

Weak Encryption (XOR)

This method equates to the Office 4.x XOR encryption algorithms that are supported by earlier versions of Word and Microsoft Excel and that are still used in Office 2000 when the system locale is France. This is a fast, simple algorithm, but it does not offer the best security.

Key Length: Weak Encryption (XOR) does not support changing the key length, so this control is unavailable, and no number is displayed.

Microsoft Base Cryptographic Provider

The Microsoft Base Cryptographic Provider is the initial cryptographic service provider (CSP). It is a general-purpose provider that supports digital signatures and data encryption. This provider is included with the Microsoft Windows NT, Microsoft Windows 2000, Microsoft Windows 95, and Microsoft Windows 98 operating systems. It is also included with Internet Explorer version 3.0 or later.

Key Length: 40-56 (Default 40)

Microsoft Base DSS and Diffie-Hellman Cryptographic Provider

The Microsoft Base DSS and Diffie-Hellman Cryptographic Provider supports Diffie-Hellman (D-H) key exchange (a 40-bit Data Encryption Standard derivative), Secure Hash Algorithm (SHA) hashing, Digital Signature Standard (DSS) data signing, and DSS signature verification. The Microsoft Base DSS and Diffie-Hellman Cryptographic Provider can be exported to other countries and is included with the Windows 95, Windows 98, Windows NT, and Windows 2000 operating systems.

Key Length: 40-56 (Default 40)

Microsoft Enhanced DSS and Diffie-Hellman SChannel Cryptographic Provider

The Microsoft DSS and Diffie-Hellman SChannel Cryptographic Provider supports hashing, DSS data signing, generating Diffie-Hellman (D-H) keys, exchanging D-H keys, and exporting a D-H key. This cryptographic service provider supports key derivation for the SSL3 and TLS1 protocols. It can be exported to other countries and is included with Windows 2000 and later.

Key Length: 40-128 (Default 40)

Microsoft DSS Cryptographic Provider

The Microsoft DSS Cryptographic Provider supports hashing, data signing, and signature verification by using the Secure Hash Algorithm (SHA) and Digital Signature Standard (DSS) algorithms. The Microsoft DSS Cryptographic Provider can be exported outside North America and is included with the Windows 95, Windows 98, Windows NT, and Windows 2000 operating systems.

Key Length: 40-56 (Default 40)

Microsoft Enhanced Cryptographic Provider

The Microsoft Enhanced Cryptographic Provider, which is called the Enhanced Provider, supports the same capabilities as the Microsoft Base Cryptographic Provider, which is called the Base Provider. The Enhanced Provider supports stronger security through longer keys and additional algorithms.

Key Length: 40-128 (Default 128)

Microsoft Strong Cryptographic Provider

The Microsoft Strong Cryptographic Provider is available in the United States and Canada with Windows 2000 and later. When available, it is used as the default RSA Full cryptographic service provider. It supports all the algorithms of the Microsoft Enhanced Cryptographic Provider and all the same key lengths. For backward compatibility, it uses the same default key lengths as the Microsoft Base Cryptographic Provider.

Key Length: 40-128 (Default 128)

Glossary

Cipher: Cryptographic algorithm that is used for encryption and decryption.

Encryption: Method used to scramble the content of a file or data packet to make the data unreadable without the decryption key.

Encryption, 40-bit: A medium level of encryption. Uses a 40-bit key to scramble the content of a file or data packet to make the data unreadable without the decryption key.

Encryption, 128-bit: A high level of encryption. Uses a 128-bit key to scramble the content of a file or data packet to make the data unreadable without the decryption key.

RC4: Ron's code # 4 or Rivest.

XOR: The XOR function is also known as the exclusive OR function. An exclusive OR means A or B, but not both. For example, if A is true, and B is false, then A XOR B is true. But if both A and B are true, then A XOR B is false.

Symmetric key algorithm: An algorithm that uses the same key to encrypt and decrypt.

Stream cipher: An algorithm that encrypts data 1 byte at a time.

State table: A table that is initialized from 1 to 256 bytes. The bytes in the table are used for the subsequent generation of Pseudo-Random bytes. The Pseudo-Random stream that is generated is XORed with the plain text to give the cipher text.

Pseudo-Random Numbers: Computers normally cannot generate really random numbers, but frequently computers are used to generate sequences of pseudo-random numbers. These pseudo-random numbers are generated by some algorithm, but, for all practical purposes, they appear to be actually random.