• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Office 2010 Encryption Setting: AES-256 or Default?

TJCS

TJCS

Senior member
I always thought Office 2010 and Office 2007 both uses the same default cryptographic service provider: Microsoft Enhanced RSA and AES Cryptographic Provider, AES-128, 128-bit. But what Microsoft states here seems to hint that Office 2010 uses a more advance encryption format than Office 2007:

It is important to realize that, when you set CompatMode to 0(required to change encryption to AES-256), Office 2010 uses an Office 2007 compatible encryption format, instead of the enhanced security that is provided by default when you use Office 2010 to encrypt Open XML Format files.
Click to expand...


I currently have Excel 2010 set to use Microsoft Enhanced RSA and AES Cryptographic Provider, AES-256, 256-bit. And I want to know if this is the most secure encryption algorithm available for Office 2010 or should i leave the Office 2010 encryption at default(or some other algorithm...)?
 
I Agree. After actually figuring out how to increase Office 2010 Encryption to AES-256, I told a friend of mine that I can do it for all his computers at his company, but now I am not so sure if it is worth the hassle.
 
There seems to be very little documentation in the "enhanced security" in office 2010, but I found this security firm's blog interesting:

In Office 2007, ECMA-376 with SHA-1 hash and AES-128 encryption is implemented. The number of hash rounds is 50000 that makes password recovery really difficult and slow. Office 2010 also uses SHA-1 and AES-128, but the number of hash rounds is now 100000. Therefore password recovery for new Office files will be two times slower.
- Source
Click to expand...
 
Last edited:
My bad, there is actually a page that has an overview of the security enhancement in office 2010 found here.
 
I have only been able to set Office 2010 to AES-256 Encryption by running in Office 2007 compatibility format, if anyone know how to do it without using the Office 2007 format please let me know thanks.
 
Last edited:
You must log in or register to reply here.

TRENDING THREADS

Back
Top