PDF encryption anomaly; version 1.5 using AES

Question

I'm not sure if this is the correct forum to ask this question so please accept my apologies in advance if this is the wrong place. (I have already posted this in the Programmers section but I've yet to receive an answer.)

I recently created an encrypted PDF file using PDF Studio 11. The software provides three encryption options:

• RC4
• 128 AES
• 256 AES

256-bit AES requires the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 8 be installed.

I created three dummy files:

1. test1.pdf [encrypted with RC4]
2. test2.pdf [encrypted with 128]
3. test3.pdf [encrypted with 256]

When I opened them in a PDF viewer I saw that every single file has the PDF version stated as 1.5.

I double checked this at the command line using qpdf and sure enough it was specified: "PDF Version: 1.5"

I looked at the Adobe PDF Reference, Fourth Edition, version 1.5 and it seems that 1.5 supports only RC4 128-bit encryption.

qpdf indicated the following:

1. test1.pdf [no mention of encryption, although PDF viewer requires password to open file]
2. test2.pdf [AESv2]
3. test3.pdf [AESv3]

The first two test files opened in Evince after inputting the correct password but the third (the one encrypted with 256-bit AES) only opened in the Google Chrome PDF viewer; AFAIK Evince can't open 256-bit AES encrypted files.

The output from qpdf, the available encryption options in PDF Studio, the requirement for the JCE to be installed and the fact that the third file couldn't be opened in Evince all lead me to the conclusion that the file is encrypted with 256-bit AES (or 128-bit AES where applicable).

My questions are:

• if the 1.5 standard doesn't support AES then how can the document be encrypted with AES (unless PDF Studio is misreporting the version number)?
• if the editor (PDF Studio) is applying proper 256-bit AES and not complying with the 1.5 standard then why not assign it a higher PDF version? (I can't see any benefits in using a lower version number particularly as older software wouldn't be able to open it anyway).
• can the PDF metadata be effectively encrypted using AES (presuming AES is being properly applied) when using 1.5?

My understanding is that AES is only implemented in PDF versions 1.6 and 1.7. (I am aware there are shortcomings in Adobe's password handling of 256-bit AES in certain versions but that's a separate matter).

Answer 1

Your understanding about AES is correct, it came into PDF in version 1.6 (see section 3.5 of PDF Reference v1.6 for details). PDF 1.6 and 1.7 (and ISO 32000-1) support AES in 128-bit mode. Adobe's ExtensionLevel 3 for PDF 1.7/ISO 32000-1 introduced AES in 256-bit mode but should be avoided because of weaknesses in the password mechanism. Better support was introduced in ExtensionLevel 8, though that has never been formally published by Adobe.

Starting with PDF 1.4, however, a PDF may specify a file version with the /Version entry in the document catalog (PDF Reference 1.6 section 3.6.1, /Version key). Some writers do use different version #s for the comment and for the /Version entry - to specify that an incremental update to a PDF has added features not supported in PDF version that the PDF originally conformed to. I can't speak specifically to what PDF Studio 11 might be doing, but do be aware that one must check the document catalog for a PDF document version; the higher of the /Version entry (if present) or the version in the %%PDF-x.y comment line is the actual version of the PDF file.