One of the many reasons people do not put their content online is worries about security – they worry that the material can be repeatedly copied and they will have no control over it. So Acrobat files can be protected with 2 passwords – an Owner password which also allows the user to alter the file and a more limited User password. If you do not have the password, you can still copy the file but not open it.
PDF Encryption relies on the fact that some mathematical functions are much harder to reverse than to do. For example, the question ‘what is 6 times 7?’ is easy – it’s 42 (indeed the answer to life, the Universe and Everything according to the writer Douglas Adams). But it is much harder to do in reverse – given 42 as a value, there are an infinite number of sums. Encryption works in a similar way – given a password, its easy to encode and decode some data. But its much harder to have some data and workout the password from it. The only way to work it out is to try random combination – and there are a lot of them….
Encryption is actually done using a key value (usually 32 or 128 bits in size). All the bytes are changed using the key – unless they are altered back using the same key, they are rubbish and the file cannot be opened. They only make sense if altered back using the correct value. A key with 128 bits has far more possible values than one with 32 bits, so it is much more secure.
The key is calculated for each PDFObject in the PDF file using local data for each object and the password – that makes it much harder to crack because all the key keeps changing in the data. If you want to decipher something, the longer the example you have, the easier it is.
So this makes PDF a secure medium – the file cannot be opened and the data is securely hidden so it is very hard to get it out of the raw file. The main issue is the no-technical one of how to keep the passwords secure.
Password encryption is now automatically supported in JPedal PDF Library. If you upload an encrypted PDF file, the additional Java files needed for encryption will be added and the user will need a password to open it.
Latest posts by Mark Stephens (see all)
- My experience of a Turkish bath (visiting Istanbul for DevFest) - November 24, 2017
- My 5 key takeaways from JavaOne 2017 - October 6, 2017
- My notes and pictures from thursday JavaOne 2017 - October 5, 2017
- My notes and pictures from Wednesday JavaOne 2017 - October 5, 2017
- My notes and pictures from Tuesday JavaOne 2017 - October 4, 2017