Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
PDF
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
=== Encryption and signatures === A PDF file may be [[encrypted]], for security, in which case a password is needed to view or edit the contents. PDF 2.0 defines 256-bit AES encryption as the standard for PDF 2.0 files. The PDF Reference also defines ways that third parties can define their own encryption systems for PDF. PDF files may be digitally signed, to provide secure authentication; complete details on implementing digital signatures in PDF are provided in ISO 32000-2. PDF files may also contain embedded [[digital rights management|DRM]] restrictions that provide further controls that limit copying, editing, or printing. These restrictions depend on the reader software to obey them, so the security they provide is limited. The standard security provided by PDF consists of two different methods and two different passwords: a ''user password'', which encrypts the file and prevents opening, and an ''owner password'', which specifies operations that should be restricted even when the document is decrypted, which can include modifying, printing, or copying text and graphics out of the document, or adding or modifying text notes and [[#Forms|AcroForm]] fields. The user password encrypts the file, while the owner password does not, instead relying on client software to respect these restrictions. An owner password can easily be removed by software, including some free online services.<ref>{{cite web |url = http://freemypdf.com/ |title = FreeMyPDF.com β Removes passwords from viewable PDFs |website = freemypdf.com |access-date = June 23, 2009 |archive-date = February 20, 2021 |archive-url = https://web.archive.org/web/20210220014724/https://freemypdf.com/ |url-status = live }}</ref> Thus, the use restrictions that a document author places on a PDF document are not secure, and cannot be assured once the file is distributed; this warning is displayed when applying such restrictions using Adobe Acrobat software to create or edit PDF files. Even without removing the password, most freeware or open source PDF readers ignore the permission "protections" and allow the user to print or make copies of excerpts of the text as if the document were not limited by password protection.<ref>{{cite web|url=http://www.macworld.com/article/1137343/pdf.html|title=Adobe admits new PDF password protection is weaker|first=Jeremy|last=Kirk|date=December 4, 2008|website=[[Macworld]]|publisher=IDG Communications Inc.|access-date=September 14, 2016|archive-date=January 17, 2017|archive-url=https://web.archive.org/web/20170117225255/http://www.macworld.com/article/1137343/pdf.html|url-status=live}}</ref><ref>{{cite web|url=https://www.cs.cmu.edu/~dst/Adobe/Gallery/PDFsecurity.pdf|title= How secure is PDF|first=Bryan|last=Guignard|url-status=dead|archive-url=https://web.archive.org/web/20051024235303/https://www.cs.cmu.edu/~dst/Adobe/Gallery/PDFsecurity.pdf|archive-date=October 24, 2005|publisher=Carnegie Mellon University}}</ref><ref>{{Cite conference|last=Merz|first=Thomas|date=November 2001|url=http://www.planetpdf.com/planetpdf/pdfs/pdf2k/01W/merz_securitykeynote.pdf|title=PDF Security Overview: Strengths and Weaknesses|conference=PDF 2001 conference|location=Scottsdale/Arizona |url-status=usurped|archive-url=https://web.archive.org/web/20101011050457/http://www.planetpdf.com/planetpdf/pdfs/pdf2k/01W/merz_securitykeynote.pdf|archive-date=October 11, 2010}}</ref> Beginning with PDF 1.5, Usage rights (UR) signatures are used to enable additional interactive features that are not available by default in a particular PDF viewer application. The signature is used to validate that the permissions have been granted by a [[bona fide]] granting authority. For example, it can be used to allow a user:<ref name="iso32000" /> * To save the PDF document along with a modified form or annotation data * Import form data files in FDF, XFDF, and text (CSV/TSV) formats * Export form data files in FDF and XFDF formats * Submit form data * [[wikt:instantiate|Instantiate]] new pages from named page templates * Apply a [[digital signature]] to existing digital signature form field * Create, delete, modify, copy, import, and export annotations For example, Adobe Systems grants permissions to enable additional features in Adobe Reader, using [[public-key cryptography]]. Adobe Reader verifies that the signature uses a [[Public key certificate|certificate]] from an Adobe-authorized certificate authority. Any PDF application can use this same mechanism for its own purposes.<ref name="iso32000" /> Under specific circumstances including non-[[Patch (computing)|patched]] systems of the receiver, the information the receiver of a [[Digital signature|digital signed]] document sees can be manipulated by the sender after the document has been signed by the signer.<ref>{{Cite web|url=https://pdf-insecurity.org/signature-shadow/shadow-attacks.html|title=PDF Insecurity Website|website=pdf-insecurity.org|access-date=January 12, 2023|archive-date=March 26, 2023|archive-url=https://web.archive.org/web/20230326024850/https://pdf-insecurity.org/signature-shadow/shadow-attacks.html|url-status=live}}</ref> [[PAdES]] (''PDF Advanced Electronic Signatures'') is a set of restrictions and extensions to PDF and ISO 32000-1<ref name="ISO 32000-1">{{cite web|title=ISO 32000-1:2008 Document management -- Portable document format -- Part 1: PDF 1.7|url=http://www.iso.org/iso/catalogue_detail.htm?csnumber=51502|publisher=International Organization for Standardization ISO|access-date=March 22, 2016|archive-date=February 10, 2017|archive-url=https://web.archive.org/web/20170210072051/http://www.iso.org/iso/catalogue_detail.htm?csnumber=51502|url-status=live}}</ref> making it suitable for [[advanced electronic signature]]s. This is published by [[ETSI]] as TS 102 778.<ref name="ETSI TS 102 778-1 V1.1.1">{{cite web|title=ETSI TS 102 778-1 - Electronic Signatures and Infrastructures (ESI); PDF Advanced Electronic Signature Profiles; Part 1: PAdES Overview - a framework document for PAdES|version=1.1.1|date=July 2009|url=http://www.etsi.org/deliver/etsi_ts%5C102700_102799%5C10277801%5C01.01.01_60%5Cts_10277801v010101p.pdf|publisher=European Telecommunications Standards Institute ETSI|access-date=January 12, 2023|archive-date=March 8, 2023|archive-url=https://web.archive.org/web/20230308052536/https://www.etsi.org/deliver/etsi_ts%5C102700_102799%5C10277801%5C01.01.01_60%5Cts_10277801v010101p.pdf|url-status=live}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)