Why We Don't Decrypt Excel/Word 2007-2021 Files

“You decrypt Excel/Word 97-2003 files online, but not Microsoft Office 2007-2016 documents. Why won't you make rainbow tables for modern Microsoft Office formats?”, asked a user.

Simply, this is impossible. And here is why…

When it is impossible to decrypt an Excel or Word file

The answer lies in the encryption algorithms for different Microsoft Office versions and key length (by default) with which the document data is encrypted:

  • Excel/Word 97-2003: RC4 algorithm (stream cipher), 40-bit key length – 240 key options
  • Excel/Word XP-2003: RC4 algorithm (stream cipher), 128-bit key length – 2128 key options
  • Excel/Word 2007-2010: AES algorithm (block cipher), 128-bit key length – 2128 key options
  • Excel/Word 2013-2021: AES algorithm (block cipher), 256-bit key length – 2256 key options

The Microsoft Office 97-2003 stream cipher permits (almost always) extracting unambiguously from any document a common part, and the rather short (40-bit) encryption key permits computing the correspondence “encryption key => common part from the document” for all possible options. This is the first stage of creation of a rainbow table. In essence, after obtaining this computed data once, it is possible to take simply the required correspondence and decrypt any document without a password.

But the size of this data is too large. Therefore, in the second stage, the data is compressed by additional computations to an acceptable size — the rainbow table — an excellent example of a compromise of time and memory.

Now, finding in the table a suitable encryption key, it is possible to decrypt instantly any Excel/Word 97-2003 document (actually not always but in 99.9% of cases, but the error can be neglected). The AccessBack.com and Passcovery Suite (Ultimate License) service operate in this manner:

Rainbow tables for Excel/Word in operation

Everything changes in principle with AES block code which is used in Microsoft Office 2007-2021. All data of the document is encrypted using 16-byte blocks, and it is impossible to extract the common parts necessary for creation of the necessary correspondences. And in these Microsoft Office versions, the encryption key length was increased…

Decrypting Excel/Word files without rainbow tables

In fact, using rainbow tables is not totally 100% successful, but 99.9%. The algorithm for creating rainbow tables permits the absence of a vanishingly small number of “key => data” correspondences. In that case, a “key search”, a consecutive search of encryption keys for Excel/Word 97-2003, helps. AccentOPR and Passcovery Suite provide such a capability:

Excel/Word decryption with Accent OFFICE Password Recovery

Key search guarantees decryption of the Excel/Word file and successful 100% removal of the password from the document, since all possible variants of the key – 240 values – are covered.

And what about 128 bit encryption in Excel/Word XP/2003?..

It is also impossible to construct rainbow tables for this, but for other reasons.

Even if we exclude the change in principle of the algorithm for encrypting Microsoft Office XP-2003, which does not permit using rainbow tables, the invention is all the same impracticable – we simply do not have enough time to construct rainbow tables.

To calculate the rainbow table data, it is necessary to handle all possible values of the encryption key (in fact, several times more). And if the search for variants for 40-bit keys (~242 values) takes one week of continuous computations, search for values for a 128-bit key is a factor of 2128/240=3.0948501e+26 times more. That is 309485009999999936272792512 weeks, or 5951634807692306466784471 years…

Breaking Microsoft Office passwords

Based on everything, the conclusion is that calculating rainbow tables for Microsoft Office 2007-2021 is impossible. Passwords for such files must be restored. And to achieve success, any useful dodges are used:

  • Extended mask attack when it is possible to specify admissible symbols for each position of the generated password
  • Dictionary attack with mutations when it is possible to set rules to change the words which are read out from dictionaries
  • Acceleration of password search on a GPU when the password search speed increases by factors of ten (depending on type and numbers of GPUs)

All these capabilities for Microsoft Office 2007-2021 documents are in Passcovery programs:

AccentOPR Logo 48 Accent OFFICE Password Recovery
for Microsoft Office and OpenOffice/LibreOffice of all versions
Passcovery's Accent OFFICE Password Recovery for Microsoft Office and OpenOffice/LibreOffice
Passcovery's AccentOPR for Microsoft Office 6-2021
Passcovery Suite Logo Passcovery Suite
for Microsoft Office, OpenOffice/LibreOffice, Adobe PDF, ZIP/WinZip, RAR/WinRAR, TrueCrypt, Apple iOS, BlackBerry OS, WPA/WPA2
Accent OFFICE Password Recovery от Пасковери для Microsoft Office и OpenOffice/LibreOffice
Passcovery Suite an all-in-one password recovery software
denglad Author: Denis Gladysh, co-owner, and head of Passcovery – a provider of high-speed GPU-accelerated software solutions for recovering passwords for popular file formats; author of the first versions of Accent OFFICE Password Recovery, created in 1999.

Three key points about Excel and Word decryption

  1. Open the file you want to encrypt in Microsoft Word
  2. Go to «File»→«Info»
  3. Click «Protect Document» and select the «Encrypt with Password» option in the drop-down menu
  4. Enter the password to encrypt the document and click «OK». Make sure you memorize the password or write it down somewhere so you won't have to spend you time and nerves hacking it later
  5. Re-enter the password to confirm it, click «OK» again and save the file. That is it. The Word document is now encrypted with your password
  1. Open your password protected Excel workbook file
  2. Go to «File» → «Info» and click on «Protect Workbook»
  3. In the drop-down menu click on «Encrypt with Password»
  4. Erase the set password, click «OK» and save the Excel workbook. This will decrypt the file and remove the password

For more on recovery of lost passwords go here

  1. Go to AccessBack.com
  2. Go to your password-locked file, enter the email address to send the resulting file to and upload the file by clicking «Upload»
  3. You will then receive a screenshot of the data from your encrypted document. That is how you make sure that the file has been successfully decrypted
  4. Once you are sure you need the file decrypted go to the payment section
  5. Get an exact copy of your file decrypted and without password protection. It's that simple

It only works for .xls/.doc files created as compatible with Microsoft Office 97-2003