Adobe PDF File Security and Password

2009-01-22 Initial Post

As simple as it seemed, I couldn't find any good info on PDF file security, so I did some research on it and here are my notes:

From what I’ve read so far, 128-bit RC4, when used as the user password (password to allow opening the PDF file) is not feasibly crackable if a complex password is used. There are some utilities that can crack the master/owner password (password that restricts printing, copying text, modifying, etc.), but they can’t feasibly crack a complex user password.

Options from Adobe Acrobat 8.1.3 Professional password security settings:

• Acrobat 3.0 and Later: 40-bit RC4
• Acrobat 5.0 and Later: 128-bit RC4
• Acrobat 6.0 and Later: 128-bit RC4 plus
"Encrypt all document contents except metadata."
• Acrobat 7.0 and Later: 128-bit AES plus
"Encrypt all document contents except metadata."
"Encrypt only file attachments."

Freeware PrimoPDF 4.1 (most current version to date) and eCopy Desktop 9.2 both support encryption of PDF files using Acrobat 5.0 and later 128-bit RC4. Within both programs, there is no option at all to select the encryption level, just a field for the password. But after encryption, the documents’ security properties show Acrobat 5.0 and later 128-bit RC4 as the encryption level. Freeware CutePDF (most current version to date) does not offer any native encryption option at all.

One thing that’s nice about PrimoPDF 4.1 is that it can save the password and encryption option so that every time you print to PrimoPDF, the document will be encrypted by default. One issue with this is how does PrimoPDF store the password? Until that’s known, I’d be cautious with letting PrimoPDF save the password on a shared computer.

##### From on 2009-01-22:

Atomic PDF Password Recovery doesn't recover an open document password ("user password") preventing the files from being opened, so if it is unknown then Atomic PDF Password Recovery will fail. If you know the user password, firstly you should enter it and then our program will be able to lift restrictions imposed by the permission master password. #####

##### From on 2009-01-22:

The standard security provided by PDF consists of two different methods and two different passwords, 'user password' and 'owner password'. A PDF document may be protected by password for opening ('user' password) and the document may also specify operations that should be restricted even when the document is decrypted: printing; copying text and graphics out of the document; modifying the document; and adding or modifying text notes and AcroForm fields (using 'owner' password).

Please note that PDF Password Remover doesn't work with documents which have 'user' password (preventing the files from being opened), if both user and owner passwords are unknown the PDF Password Remover will fail.

There is a product named Advanced PDF Password Recovery that supposedly can crack a 40-bit encrypted user password quickly, but has to resort to dictionary or brute force attacks to crack 128-bit and 256-bit encrypted user passwords. If you used a complex password with 128-bit and 256-bit encryption, I don’t think this program can crack it in a feasible amount of time.

#####From on 2009-01-22:

The unique Thunder Tables™ technology developed by ElcomSoft uses pre-computed tables to significantly speed up the recovery of 40-bit keys. The technology is available in the Enterprise edition, and will unlock a protected document in a matter of minutes instead of days.

Strong Password Recovery

If the PDF is protected with a strong 128-bit or 256-bit key, Advanced PDF Password Recovery performs a range of attacks on the PDF file document in order to obtain the original password. But even then you’re not left without options!

Dictionary Attack

Most passwords used by living beings are based on a word or phrase. Performing a dictionary attack by attempting different combinations of cases and variations of words and characters before reverting to a comprehensive brute-force attack allows for considerate time savings shall the attack succeed.

Brute Force Attack

If the password does not fall into any dictionary, Advanced PDF Password Recovery attempts all possible combinations of passwords by performing the brute force attack. The highly optimized low-level code provides the best-in-class performance for the brute-force password recovery. Multi-threaded optimization ensures optimum performance on the modern multi-core CPUs. #####

Tags: , ,

Leave a Reply