[free-sklyarov] Dmitry's presentation
Smiley Smile
petsounds at ureach.com
Tue Aug 14 17:09:59 PDT 2001
I've been trying to grok everything in Dmitry's
presentation and I've got some questions:
1. On the PDF file encryption slide, what is the
Encryption Dictionary? The security
handler "takes information from Encryption
Dictionary, calculates document encryption key
and passes it to PDF Viewer."
2. On the Object encryption key calculation
slide, it says the Object encryption key is
derived from the hash of "Document encryption key,
Scrambled Object ID + Generation, and 'sAIT'
string." What is Generation? How is the Object
ID Scrambled? I'm guessing the 'sAIT' string is
literally those four ASCII characters. Is that
right?
3. On the FileOpen security handler slide, it
says that FileOpen Publisher 2.4 uses "variant
keys, but encrypted document itself contains
all necessary information to instantly calculate
encryption key." Anyone know the details here?
4. On the "Security flaw Acrobat plug-ins
certification mechanism" slide, it says "Only
data from PE Header is used for checking." My
reading of this is that the only piece of the
plug-in's code signed with the public key is its
PE Header. Is that right?
Any insights appreciated!
:)
More information about the Free-sklyarov
mailing list