Microsoft Office Word utilizes the encryption algorithm knows as RC4.
This encryption method is also found in older Microsoft Office suits like Office 97, 2000 and even 2003. It is also knows as ARC4 or ARCFOUR and is the most widely used software stream cipher and is used in popular protocols such as Secure Sockets Layer (SSL) (to protect Internet traffic) and WEP (to secure wireless networks).
While remarkable for its simplicity and speed in software, RC4 has weaknesses that argue against its use in new systems. It is especially vulnerable when the beginning of the output keystream is not discarded, or nonrandom or related keys are used; some ways of using RC4 can lead to very insecure cryptosystems such as WEP . There are 3 password types that can be set in Microsoft Word:
The second and the third type of passwords were developed by Microsoft for convenient shared use of documents rather than for their protection. There's no encryption of documents that are protected by such passwords, and Microsoft Office protection system saves a hash sum of a password in a document's header where it can be easily accessed and removed by the specialized software or online services like remove-password.com. Password to open a document offers much tougher protection that had been steadily enhanced in the subsequent editions of Microsoft Office.
Word 95 and all the preceding editions had the weakest protection that utilized a conversion of a password to a 16-bit key.
Key length in Word 97 and 2000 was strengthened up to 40 bit. However, modern cracking software allows removing such a password very quickly - a persistent cracking process takes one week at most. Use of rainbow tables by online services like remove-password.com can not only remove a password, but also find an actual password that was used by a user to encrypt the document using brute-force attack approach. Statistically, the possibility of recovering the password depends on the password strength.
Word's 2003/XP default protection remained the same but an option that allowed advanced users choosing a Cryptographic Service Provider was added. If a strong CSP is chosen, guaranteed document decryption becomes unavailable, and therefore a password can't be removed from the document. Nonetheless, a password can be fairly quickly picked with brute-force attack, because its speed is still high regardless of the CSP selected. Moreover, since the CSPs are not active by the default, their use is limited to advanced users only.
Word 2007 offers a significantly more secure document protection which utilizes the modern Advanced Encryption Standard that converts a password to a 128-bit key using a SHA-1 hash function 50000 times. It makes password removal impossible (as of today, no computer that can pick the key in reasonable amount of time exists), and drastically slows the brute-force attack speed down to several hundreds of passwords/second.
Word's 2010 protection algorithm was not changed apart from increasing number of SHA-1 conversions up to 100000 times, and consequently, the brute-force attack speed decreased two times more.
Weak Encryption (XOR)
This method equates to the Office 4.x XOR encryption algorithms that are supported by earlier versions of Word and Microsoft Excel and that are still used in Office 2000 when the system locale is France. This is a fast, simple algorithm, but it does not offer the best security. Our service can remove this type of password / encryption.
Key Length: Weak Encryption (XOR) does not support changing the key length, so this control is unavailable, and no number is displayed.
Microsoft Base Cryptographic Provider
The Microsoft Base Cryptographic Provider is the initial cryptographic service provider (CSP). It is a general-purpose provider that supports digital signatures and data encryption. This provider is included with the Microsoft Windows NT, Microsoft Windows 2000, Microsoft Windows 95, and Microsoft Windows 98 operating systems. It is also included with Internet Explorer version 3.0 or later. Our service can remove this type of password / encryption.
Key Length: 40-56 (Default 40)
Microsoft Base DSS and Diffie-Hellman Cryptographic Provider
The Microsoft Base DSS and Diffie-Hellman Cryptographic Provider supports Diffie-Hellman (D-H) key exchange (a 40-bit Data Encryption Standard derivative), Secure Hash Algorithm (SHA) hashing, Digital Signature Standard (DSS) data signing, and DSS signature verification. The Microsoft Base DSS and Diffie-Hellman Cryptographic Provider can be exported to other countries and is included with the Windows 95, Windows 98, Windows NT, and Windows 2000 operating systems. Our service can remove this type of password / encryption.
Key Length: 40-56 (Default 40)