[free-sklyarov] Dmitry's presentation

Smiley Smile petsounds at ureach.com
Tue Aug 14 17:09:59 PDT 2001

I've been trying to grok everything in Dmitry's 
presentation and I've got some questions:

1.  On the PDF file encryption slide, what is the 
Encryption Dictionary?  The security 
handler "takes information from Encryption 
Dictionary, calculates document encryption key 
and passes it to PDF Viewer."

2.  On the Object encryption key calculation 
slide, it says the Object encryption key is 
derived from the hash of "Document encryption key,
Scrambled Object ID + Generation, and 'sAIT' 
string."  What is Generation?  How is the Object 
ID Scrambled?  I'm guessing the 'sAIT' string is
literally those four ASCII characters.  Is that 

3.  On the FileOpen security handler slide, it 
says that FileOpen Publisher 2.4 uses "variant 
keys, but encrypted document itself contains
all necessary information to instantly calculate 
encryption key."  Anyone know the details here?

4.  On the "Security flaw Acrobat plug-ins 
certification mechanism" slide, it says "Only 
data from PE Header is used for checking."  My 
reading of this is that the only piece of the 
plug-in's code signed with the public key is its 
PE Header.  Is that right?

Any insights appreciated!


More information about the Free-sklyarov mailing list