http://infoworld.com/article/05/01/19/HNmsofficeflaw_1.html
http://eprint.iacr.org/2005/007.pdf
When you encrypt a file in MS Office, the program hashes the
user-supplied password and an IV to produce an RC4 key. However, if
you create a second version of the document, it doesn't generate a new
IV. The consequences are obvious to readers of this list....
--Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
