Xref: utzoo comp.os.msdos.apps:229 sci.crypt:3387 Path: utzoo!utgpu!news-server.csri.toronto.edu!mailrus!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!ncar!mephisto!rutgers!njin!princeton!cs!cs.Princeton.EDU!nfs From: nfs@cs.Princeton.EDU (Norbert Schlenker) Newsgroups: comp.os.msdos.apps,sci.crypt Subject: Re: Word Perfect "locked document encryption" is trivial to break Summary: A few trivial corrections Keywords: Word Perfect locked document useless Message-ID: <2332@rossignol.Princeton.EDU> Date: 29 Aug 90 21:11:33 GMT References: <12163@hoptoad.uucp> Sender: news@cs.Princeton.EDU Followup-To: comp.os.msdos.apps Organization: Dept. of Computer Science, Princeton University Lines: 56 In article <12163@hoptoad.uucp> gnu@hoptoad.uucp (John Gilmore) writes: >One thing that came up at Crypto '90 was a short paper from Ms. Helen >Bergen at Queensland U. in Australia. She noticed the 'locked >document' commands in Word Perfect, used by all the secretaries in her >dept., and looked to see how strong it was... > >Quote from letter received from WordPerfect Pacific: > >They confirmed that people have written programs to break the password. >However, WordPerfect Corporation does not have such a program and >therefore has no way of breaking it. They also pointed out that very >few users would know how to write such a program. They won't need to write it, will they? After all, very few users would know how to write WordPerfect. They just buy it shrinkwrapped. >It is possible that the manual may be amended in a future edition to >clarify the protection that a password gives. They recommend that >anyone concerned about security may want to take higher precautions >than the password protection. Oh, jolly good! After all, there is "absolutely no way to retrieve the document" according to the WP manual. I have a friend who works on a contract basis for a large Wall Street law firm supporting WP on a LAN. He's very interested in the program that I cobbled up in two hours from the Bergen/Caelli paper. I plan to share in the profits :-) And now to the paper itself: > FILE SECURITY IN WORDPERFECT 5.0 > > H.A. Bergen School of Computing Science > W.J. Caelli Information Security Research Centre >... > * BYTES 22 - 31. Of these 10 bytes, 22, 23, 28 are file and system >dependent, but bytes 24, 26, 29, 30, 31 are constant with value 00. Hmmm. What about bytes 25 and 27? Also, I should report that my version of WP 5.0 has a nonzero byte in byte 26. > * BYTES 32 - 39 were constant for files prepared on the three >different systems and contained > > 42 00 00 00 02 00 56 00 My WP 5.0 has different values (usually FF FF instead of 02 00) in bytes 36 and 37. All in all, a fine article. I probably shouldn't offer, but anyone who wants my ugly C hack for a decoder, including atrocious interactive dialogue to resolve ambiguities in the key via human guessing, should send me email. Norbert