The Microsoft Excel File Format - OpenOffice.org
The Microsoft Excel File Format - OpenOffice.org
The Microsoft Excel File Format - OpenOffice.org
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
4.19 <strong>File</strong> Protection<br />
4.19 <strong>File</strong> Protection<br />
A file might be protected with a password against modifying (write protection), or against opening at all (read/write<br />
protection). <strong>The</strong>se passwords are set in the Save-As dialogue of <strong>Excel</strong>.<br />
• Write protection (BIFF3-BIFF8): <strong>The</strong> WRITEPROT record marks the file to be protected against modifying. <strong>The</strong><br />
password to unprotect the file is stored in the FILESHARING record. Write protection does not cause to encrypt the<br />
file.<br />
• Read/write protection (BIFF2-BIFF8): A FILEPASS record occurs containing stream encryption information, which<br />
includes the encrypted password. All following records are encrypted (➜4.19.1).<br />
Definition: <strong>File</strong> Protection Block<br />
<strong>The</strong> records of the <strong>File</strong> Protection Block describe the file protection and are the first records in a file (➜4.2).<br />
Structure of the <strong>File</strong> Protection Block:<br />
○<br />
WRITEPROT<br />
<strong>File</strong> is write protected (BIFF3-BIFF8, ➜5.113), password in<br />
FILESHARING<br />
○ FILEPASS <strong>File</strong> is read/write-protected, encryption information (➜5.43)<br />
○ WRITEACCESS User name (BIFF3-BIFF8, ➜5.112)<br />
○ FILESHARING <strong>File</strong> sharing options (BIFF3-BIFF8, ➜5.44)<br />
4.19.1 BIFF2-BIFF5 XOR Stream Encryption<br />
Encryption takes place for the contents of a record. <strong>The</strong> record header (record identifier and size) is not encrypted. <strong>The</strong>re<br />
are a few records or data fields that are never encrypted either:<br />
• <strong>The</strong> entire BOF record (➜5.8)<br />
• <strong>The</strong> entire INTERFACEHDR record<br />
• <strong>The</strong> stream position field in the SHEET record (➜5.95)<br />
Stream encryption takes place in several steps:<br />
4) get the password from the user<br />
5) create hash value (16-bit, ➜4.18.4) and encryption key (16-bit, see below) from the password<br />
6) store hash value and encryption key in FILEPASS record (➜5.43)<br />
7) create the 128-bit sized key sequence from password and encryption key (see below)<br />
8) encrypt all following records using the key sequence (see below)<br />
Stream decryption works similar to encryption:<br />
9) get the password from the user<br />
10) create hash value (16-bit, ➜4.18.4) and encryption key (16-bit, see below) from the password<br />
11) compare with values contained in FILEPASS record<br />
12) if password is correct, create the 128-bit sized key sequence from password and encryption key (see below)<br />
13) decrypt all following records using the key sequence (see below)<br />
117