From 9f15e7397ca826bd5fbfa2f824e16fa8bbb127a9 Mon Sep 17 00:00:00 2001 From: Michael R Sweet Date: Sun, 2 May 2021 09:59:33 -0400 Subject: [PATCH] Add start of FAQ. --- FAQ.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 FAQ.md diff --git a/FAQ.md b/FAQ.md new file mode 100644 index 0000000..f595386 --- /dev/null +++ b/FAQ.md @@ -0,0 +1,17 @@ +Frequently Asked Questions +========================== + +Why Don't You Support Writing a PDF File with Encryption? +--------------------------------------------------------- + +PDF encryption offers very little protection: + +- PDF encryption keys are reused and derived from the user password (padded + with a standard base string) and the object numbers in the file. +- RC4 encryption (40- and 128-bit) was broken years ago. +- AES encryption (128- and 256-bit) is better, but PDF uses Cipher Block + Chaining (CBC) which enables attacks that allow the original encryption key + to be recovered. + +In addition, PDF usage controls (no print, no copy, etc.) are tied to this +encryption, making them trivial to bypass.