[BBLISA] Password-protected PDF file?
Steve Revilak
steve at srevilak.net
Sun Feb 17 10:58:18 EST 2013
>From: Scott Ehrlich <srehrlich at gmail.com>
>How safe is a password-protected PDF file sent via email?
>
>I've never run a sniffer to see what could be learned from doing this.
>
>Thanks.
>
>Scott
As far as I know, pdfs have two types of password protections. One
governs what the viewer is allowed to do with the document (print,
copy text, etc); the other is used to encrypt the pdf's content.
From what I've read, the first type is easy to get around. The second
depends on the encryption algorithm.
Page 55 of
https://wwwimages2.adobe.com/content/dam/Adobe/en/devnet/pdf/pdfs/PDF32000_2008.pdf
describes the encryption in pdfs. It looks like RC4 or AES, using key
lengths of 40--128 bits.
The default is 40 bits, which is pretty weak by today's standards.
Given only -sOwnerPassword= and -sUserPassword=, ghostscript seems to
use 40 bits; but you can ask for 128 bits with by adding
-dKeyLength=128 -dEncryptionR=3.
In summary, the password protection allows you to encrypt the pdf.
The amount of protection you get depends on the key length you choose.
Steve
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
Url : http://www.bblisa.org/pipermail/bblisa/attachments/20130217/5ff6e88e/attachment.pgp
More information about the bblisa
mailing list