PDF encryption and decryption (I)-Analysis of PDF encryption dictionary objects
0 keywordsPDF encryption has two passwords: Owner (to set the PDF document permission or change the permission) password and user password. In this document, the master (permission) password and user password are translated, I think the permission password is better, so it is called the permission password. After the file is encrypted, a new object named encryption dictionaries object is generated. This document describes the encryption dictionary object. The items in the encryption dictionary object are called the encryption dictionary object items. In addition, we try to explain in Chinese as much as possible in Chinese. If some key English words do not have good Chinese counterparts, we will retain the original English statement.
1. Several Common PDF security questionsRecently, someone often asked several questions about PDF encryption and decryption. If you are familiar with the PDF specification, you may think these questions are simple or even silly. But almost everyone has such a stage, from ignorance to knowledge, to ignorance ,..., One by one. At the beginning of the article, I asked a question and then gave a simple answer. If you think this will help you understand PDF encryption and decryption, I will be very happy if you need to learn more about PDF encryption and decryption, you can continue to follow the series of articles. Of course, most of the content in these articles can be found in the PDF specification. Here, I just use my personal understanding to help you understand and apply it more quickly. 2.
Q: PDFWhat encryption algorithms are there?Currently, two encryption algorithms are used for PDF files: RC4 and AES. In earlier versions of PDF, the content is encrypted using the RC4 encryption algorithm. The encryption length is (40-128 bits), and the AES encryption algorithm (BITs) is introduced from ), the corresponding reader has javasbat7.0. Therefore, the encryption algorithm in PDF is fixed and there is no third encryption algorithm. For more information about RC4 and AES, visit the relevant website. For more information, see references. 2.
Q: Why is my PDFPermission settings have been set and printing is blocked, but why can someone easily crack them?A: For an inappropriate example, This is just "anti-gentleman, not a villain ". However, many people misunderstand the permission settings for PDF files. If the file content has been encrypted after permission settings, you must enter a password. A typical example is http://www.kenwong.cn/post/how-to-use-gmail-to-break-pdf-restrictions.html. Gmail is indeed a huge bug. This is a clear violation of the PDF specification. At this point, Gmail is too rigorous. Fortunately, it can be corrected in time. The permission settings in PDF are only a string of characters. Some of these characters are used to indicate whether the PDF allows or disables an operation, the file is encrypted only when the permission password is not enabled, however, you can obtain the encryption key by encrypting the dictionary object and the rules for generating the encryption key in PDF (the next article will explain in detail) to decrypt the file content, if you save it as a new file after decryption, you can modify or remove the string and related information, and the permissions for PDF files are unrestricted. If you want to ensure that the file content is encrypted, you only need to set the open password. 2.
Q: Why am I still cracked when I set a password?A: If you set a password, the file content is encrypted at this time. To open such files, you must obtain an encrypted password. If the password is still cracked, it is probably because the password you set is too simple and the length is relatively small, in this case, the password dictionary can be used for brute force cracking. How is it cracked? When the PDF file is encrypted, you enter an open password, for example, 123456, instead of directly using the password you entered as the key for PDF encryption, A conversion process is required to obtain the encryption key. How can we determine whether the password you entered is correct? That's because when you encrypt a PDF file, a hash sequence generated by the password operation will be placed in the PDF file, when you enter the password, you need to perform a series of operations on the password you entered to obtain another hash sequence. If the two hash sequences are consistent, you can generate a decryption key based on the hash sequence and the password you entered to start decryption. Otherwise, a Password error is prompted. This is the answer in my previous article PDF encryption simulation. 2.
Q: What is acrobat?Custom Security handler?A: PDF allows custom security handler. If you have visited a PDF e-book website, you will surely understand what this is. Generally, PDF e-book websites require you to download a plug-in (Acrobat or Adobe PDF Reader plug-in). In this plug-in, you will use a custom security handler. Are these new pdf Security handler using new encryption methods? Of course not. encryption of PDF content still uses RC4 or AEs, but the encryption key generation method is different. If you are interested in this, I will give you a comprehensive introduction.
2. encryption of one PDF File2.1 encryption process for the PDF File Password in acrobat7.0 English version:1) Open the PDF file. 2) Select File> document properties. 3) Select the Security tab. 4) in the security method column, select password security and click Change settings... Button, such as: 5) the following Encryption Settings dialog box is displayed: 6) First, select compatibility. There are two options: acrobat3.0, acrobat5.0, acrobat6.0, and acrobat7.0. The default value is acrobat5.0, that is, software support that implements specification 1.4 is implemented. (This document uses this as an example.) 7. Set the open password and permission password respectively. Note that the two passwords cannot be the same. In this example, we will enter 111111 and 222222 respectively, of course, you must use complex passwords in practical applications. 8) set the operation permissions you are about to grant to the reader of the PDF document. 9) Press OK to confirm the password and permission password, and press OK. 10) the document is encrypted.
2.2 What changes have taken place in the encrypted PDF file?If you want to know what has changed after PDF encryption, the best way is to find a PDF file, encrypt it, save it, and open it with Ultra edit. All the changes will be clear at a glance. Download the final PDF file of my article. If you have acrobat, perform encryption according to the above process. After encryption is saved, we will find that the file has changed. After you observe, you will see a change in the tail of the PDF file (trailer). Before encryption, we will see that the end of the file is: trailer </size 16/root 1 0 r/info 2 0 r/ID [<14147840094258e8edc491fc1b2f19a7> <strong>]> after encryption, the end of the file becomes: trailer </size 18/Prev 10226/root 6 0 r/encrypt 5 0 r/INFO 3 0 r/ID [<14147840094258e8edc491fc1b2f19a7> <strong>]> obviously, the red part is added after encryption, indicating that the object number of the encrypted dictionary object is 5. we can easily find the following encryption dictionary objects: 5 0 OBJ </length 128/filter/standard/O (_ Authorization> S8 + e ACCEPT-ze {/R accept <accept? /P-3392/R 3/u, so what do these items mean? The following content can be found in PDF specification 1.6:/length key length/filter generation key method, the preceding Security handler/o is obtained by the user password and permission password, the standard security handler version/u used to generate the key and verify the entered permission password/P access permission is generated by the user password, used to verify the entered user password or permission password, whether to remind the user to enter the password/V optional, used to specify the encryption algorithm. Of course, the encryption dictionary may contain other items, but here I do not want to introduce the possible values and meanings of each item, because this is not a Chinese translation of the PDF specification, instead, we hope that readers can have a better and faster understanding of the PDF Specification through a series of articles. Next, we will explain the meaning of each encryption dictionary object item based on actual examples. /Length 128% the key length is 128 bits/filter/standard % the built-in standard encryption engine standard security handler. The corresponding operation is step 1 of password encryption, that is, select password security/O (_> S8 + e login Login-ze {/R login <login? % For the/p-3392% permission mark generated by the user password, permission password, and Document ID, see the PDF specification/R 3% encrypted version 3. If V is 2 or 3, so it belongs to "version 3 or higher". In the next article, we will use this concept/U (v) has been obtained by user password, used to verify that the user password/V 2% allows the encryption length to exceed 40 bits. In the above example, the key is 128 bits.
3. Three questions to be answered to implement PDF EncryptionThe encryption dictionary object is generated by selecting the encryption method and the input password. The content of each item is related to the encryption and decryption of the PDF file, next, we are most concerned about how to encrypt a PDF file? This problem can be divided into four small questions: 1. How is the file content encrypted? 2. How is the encryption key generated? 3. How is each item in the encryption dictionary generated above? 4. What is the relationship between the encryption dictionary and the encryption key? In the next article, I will tell you all the answers to these questions. Of course, if you want to write a program that implements PDF password encryption, you must refer to the PDF specification 1.6. However, you may find it confusing to read. I think the next article will be helpful to you and will show you in detail how to implement password encryption for PDF files through programming.
ReferencesRC4: http://www.rsasecurity.com/rsalabs/node.asp? Id = 2250aes: http://www.reference.com/browse/wiki/Advanced_Encryption_Standardhttp://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t13/ft_aes.htm
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.