Monday, February 23, 2009

Adobe PDF V=3 Encryption

The “Encryption” section of the PDF Reference (section 3.5) mentions that when the encryption dictionary entry with a key of /V has a value of 3, then document de/encryption is via “an unpublished algorithm that permits encryption key lengths ranging from 40 to 128 bits.” As far as I can tell, this algorithm is in fact unpublished – by anyone. The closest I could find was a reference to it in one of Dmitri Sklyarov’s 2001 DEFCON slides. Yeah, that Sklyarov, those DEFCON slides. Maybe he described the whole algorithm in his talk, but the DEFCON A/V archives for that year seem to be down. So I sighed, put on my reversing cap, and figured it out.

The standard object-key-derivation algorithm (section 3.5.1, “General Encryption Algorithm”) accepts as inputs the file encryption key, the object number, and the generation number, and produces as out put a key for a symmetric cipher. The “unpublished” algorithm accepts the same inputs and also produces a symmetric cipher key. It presumably could be used with either RC4 or AES as documented for /V values of 1 and 2, although I’ve so far only seen RC4 used.

The unpublished algorithm in use when /V is 3 is as follows (mimicking algorithm 3.5.1):

1. Obtain the object number and generation number from the object identifier of the string or stream to be encrypted. If the string is a direct object, use the identifier of the indirect object containing it. Substitute the object number with the result of exclusive-or-ing it with the hexadecimal value 0x3569AC. Substitute the generation number with the result of exclusive-or-ing it with the hexadecimal value 0xCA96.

2. Treating the substituted object and generation numbers as binary integers, extend the original n-byte encryption key to n + 5 bytes by appending the low-order byte of the object number, the low-order byte of the generation number, the second-lowest byte of the object number, the second-lowest byte of the generation number, and third-lowest byte of the object number in that order, low-order byte first. Extend the encryption key an additional 4 bytes by adding the value "sAlT", which corresponds to the hexadecimal values 0x73, 0x41, 0x6C, 0x54.

3. Initialize the MD5 hash function and pass the result of step 2 as input to this function.

4. Use the first (n + 5) bytes, up to a maximum of 16, of the output from the MD5 hash as the key for the symmetric-key algorithm, along with the string or stream data to be encrypted.

Now hopefully Google will be kind enough to index this in a way that lets other people find it.

25 comments:

  1. Prom dresses act as the main attraction catcher of most women.The cheap prom dresses play the most significant role in winning the prom title. Prom dress should bring out your beauty and compliment your body type. Prom gowns allow women to choose something different every time.Once you have made up your mind on what type of dresses for prom to buy.

    ReplyDelete
  2. Thanks for sharing, much appreciated and useful post, congrat and keep on track!
    Levitra Online

    ReplyDelete
  3. It is a collective practice just before application buy Finpecia en route for treat a number of category disorders.

    ReplyDelete
  4. I cogitate generic Periactin be capable of accomplish it doable in the direction of carry out that.

    ReplyDelete
  5. The forward complete you remind of buy Propecia, to facilitate's enormously fine!

    ReplyDelete
  6. This must be a nice awareness, just like valtrex online, thanks for the forward!

    ReplyDelete
  7. I achieve bear in mind this is achievable in the direction of accomplish it, thanks enormously a lot headed for generic Zithromax.

    ReplyDelete
  8. The author has written an excellent article. You have made your point and there is not much to argue about. It is like the following universal truth that you can not argue with: No truth is universal, everything has its exception. Thanks for the info penis enlargement penis enlargement pills VigRX Plus

    ReplyDelete
  9. This comment has been removed by the author.

    ReplyDelete
  10. Have a good day and good luck with your blog. Your post was interesting to read.

    order viagre

    ReplyDelete
  11. Sinemaizlen.com da donmadan film izle en son çıkan sinema izle yeni çıkan filmler vizyondakiler anında sitemizde tek part olarak izleyebilirsiniz.film izle

    ReplyDelete
  12. awesome I put-off buying this for months, despite positive reviews. I tried every free weather app going and eventually decided to take the plunge. Glad I did - easily the most customisable weather widget and clock on caftan and the skins are awesome!

    http://android-fore.blogspot.com/

    ReplyDelete
  13. Thanks i like your blog very much , i come back most days to find new posts like this.
    manhattan locksmith
    ::emergency locksmith

    ReplyDelete
  14. Keep posting them in the future too, I will be waiting for that
    town car taxi service

    ReplyDelete
  15. The blog is to good and informative where i like to discuss about this in my blog thanks for sharing.
    emergency locksmith

    ReplyDelete