This article explores the suitability of using PDFEncrypt to achieve Digital Rights Management (DRM).
I frequently receive questions from users asking how to use PDFEncrypt to create PDF files that can be opened without a password, but which can’t be edited/printed/commented/etc.
I hope the reply below is helpful in understanding the strengths and limitations of the PDF format, and by extension, the PDFEncrypt application, in relation to DRM.
TL;DR: with PDFEncrypt, the goal is to secure documents (prevent unauthorized access), instead of creating a digital rights management (DRM) solution to control what can be done with a document after opening it. These two use cases are very different. The PDF standard (and thus PDFEncrypt) is excellent for security, but is not designed to provide hardened DRM features.
While the PDF standard does include some pseudo-DRM permissions that may be applied after opening a PDF (printing, editing, comments, etc), these features are different and separate from encryption, and are not enforced by all PDF viewers, which means that users could easily bypass these restrictions by simply opening the PDF with a different viewer (such as Firefox PDF viewer). Once opened, the user could do anything they wanted to the file, including printing, editing, etc.
This is why in the latest version I added the orange warning text below the permissions, noting that they are ignored by some viewers:
This is not a limitation of PDFEncrypt, but of the PDF standard itself. Once a decryption password has been entered (either User or Owner password), the entire file is decrypted, at which point the viewer app has full access to the document. Thus if the viewer app doesn’t implement permission restrictions, the file is fully accessible. Due to this, you should always assume that if a PDF has been opened with a valid password, the person can do anything they want with the file (print, modify, etc).
This weakness does not compromise the security (encryption) of the file. If a PDF is encrypted using AES-256 encryption and strong passwords, the document is very unlikely to be readable by anyone without the password. (It has the same level of security as military-grade communications.) The weakness of permissions only comes into play after the file has been opened with a valid password.
While the PDF standard supports the creation of files with these permissions applied, and which don’t require a password to open, I feel that enabling this option in PDFEncrypt would undermine its goal of securing documents against unauthorized access, while also failing to provide strong DRM features, thus giving users a false sense of security.
If you need security from unauthorized access of your document contents, PDFEncrypt is a great solution! However, if you need DRM features, I recommend seeking a full DRM solution.
If you have any questions, please feel free to contact me.
Recent Comments