Note to moderators: this is not a thread on how to crack a pdf, it is also not a thread revealing the password of the encrypted pdfs.
The security scheme used by adobe to encrypt pdfs is quite something. A quick read of
http://www.totse.com/en/privacy/encryption/162565.html reveals just what goes into encrypting a pdf document. Considering the complexity of last year's key (FEma2X5E10vEir) this year's key will likely be similar. The above key has the following character set: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWX YZ0123456789. That means for the key FIRST is using, there are 62^14 possible combinations. That's 12401769434657526912139264 or 1.24x10^25. On even the fastest consumer level computers, cracking that password through brute force would take months, if not years.
(See, i said its not about how to crack these files!)
Assuming a processor could test 10,000 passwords per second, that equals 600,000 passwords per minute, 1,200,000 passwords per hour, and 864,000,000 passwords per day, 25,920,000,000 passwords per month, and 311,040,000,000 passwords per year. That's only 3.114x10^11 passwords per year! At this rate, cracking the password on a single machine (assuming that only half the possible passwords need to be tested), it would take over 50 years!
(side note: somebody, make sure my math is correct)
Obviously, FIRST has
no possible reason to worry about one of us FIRSTers breaking the pre-released PDFs. So all the worrying about moderating the forums to keep the password off is really not needed.
However, there are much more efficient ways to crack this password. I have been looking into pdf security and based off the article i linked above, I know it is possible to retrieve the password hash in a regular hex editor (note that you can see the ASCII password hash in any text editor, its the /U entry). This hash is encrypted with an MD5 encryption scheme (MD5 is no problem to crack if you have an adequate rainbow table, unfortunately that means upwards of 100 gigabytes of precomputed password hashes. That takes a long time, think:each table of hashes on a 2GHz AthlonXP processor takes about 3.5 to 4 days, and there needs to be over 100 tables computed.
After the MD5 hash is cracked, one still needs to decrypt the user password encrypted with RC4. RC4 is a bit of a problem when it comes to decryption. RC4 is a closed source algorithm and there is no commercial or free way to decrypt this, although there was a hashing program released some time ago, i think 1997 but I'm far from sure, that appeared to generate the same results as RC4. Then after doing all of the above, the password is revealed!
Obviously, cracking the 128bit security that FIRST uses on its encrypted PDF is anything but possible. But just because something is impossible, doesn't mean that one shouldn't try. I do encourage everyone with a lot of spare time to analyze the security on PDF (note that its pdf version 1.5, also note that the link above was a spec on pdf version 1.3 and so it
might not be correct). Questions or comments, if any, are very much appreciated.
And please, admins, don't delete this thread. As explained, actually cracking the pdfs is impossible (no one has ever cracked the user password) and this thread is merely for entertainment/educational purposes.
If this truly bothers you, you should do something CONSTRUCTIVE about it instead of whining about it - Jaine Perotti [more] 
06-01-2005, 20:41
Similar Threads
)
Linear Mode
