Encryption
A PDF document can have these levels of password protection:
-
A document open password (also known as a user password) controls read access to the PDF document.
-
A permissions password (also known as an owner or master password) controls the use of restricted functions. See Parameters for information about using the –a and –e parameters to restrict display functions.
Note: Only Adobe software fully supports and respects these settings. Users of third-party PDF-enabled programs might be able to bypass some of these restrictions.
Both types of passwords can be set for a document. If the PDF document has both types of passwords, it can be opened with either password.
AFP2PDF Plus supports the following encryption algorithms:
- RC4 40-bit
- RC4-128-bit
- AES 128-bit
- AES 256-bit (Default)
RC4 (originally developed by RSA Security) is a symmetric stream cipher: the same
algorithm is used for both encryption and decryption, and the algorithm does not change
the length of the data. 40-bit and 128-bit refer to the length of the encryption
key. 40-bit keys in general are susceptible to brute force
attacks, which try all possible passwords. The design of the RC4 encryption algorithm
does have some vulnerabilities, which tend to make it less secure than AES; but both
RC4 40-bit and 128-bit are still used extensively around the world.
The Advanced Encryption Standard (AES) is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST). The algorithm described by AES is also a symmetric stream cipher. These ciphers each have a block size of 128 bits, but two different key lengths: 128 bit and 256 bit, hence the terms: AES 128-bit and AES 256-bit. AES is considered more secure because of weaknesses in RC4 keys.