The FyTek Weblog

Suppose you are filling out a credit application electronically in PDF format.  The PDF contains the fields to enter data such as your income and assets.  You are able to save the filled out PDF if you’re using Acrobat or other software such as FyTek’s PDF File Save.  How do you know the information you key in won’t be changed later by an unscrupulous bank employee?  One way is to encrypt your PDF when you save it.  You can prevent other users from copying text, printing, or making changes by specifying an owner and/or user password when saving the PDF and selecting the appropriate permissions.  For some cases this might be good enough - but it’s no guarantee.

So how can you prevent someone else from changing a loan application, legal contract or other document that you filled out in PDF even with encryption?  The short answer is - you can’t.  As it turns out, you don’t really need to however.  The key here is to digitally sign the document instead.

Why Sign?

What benefit does a digital signature provide?  No, it doesn’t prevent someone from changing the data in your PDF.  You can use encryption along with a digital signature but there’s no requirement for doing so.  The signature provides a mechanism to show whether or not the document has been tampered with as opposed to preventing tampering.  The process of signing a PDF involves taking the entire completed PDF (except for a small space set aside for the signature) along with a private signing key you create to create a hashed value of the document.  The program saving your PDF will run this process for you.  This value is included with the PDF in the area set aside for it.

The PDF signature is checked each time the document is opened in Adobe Reader or Acrobat.  The process is similar to signing where the document, minus the signature, is hashed with the public signing key in the document.  If even a single byte has been modified, added or removed, a different hash will be generated from what is stored in the PDF.  A different hash will result in the signature being invalid and thus not the originally signed document.

The signature may or may not be a visible stamp somewhere on the pages of the PDF.  Below is an example of a digital signature displayed on the page of a PDF.  The signature field will likely look different depending on the application used to create it but the result is the same.  You can still access the signature properties through the signature panel in Adobe Acrobat or Reader if the signature is not visible on any page in the document.

Click the signature to obtain a wealth of information about the signer.

Some PDFs may be setup to allow for several signatures.  On the credit application, for example, you might digitally sign the loan application and then the bank signs that version.  In this case you have two signatures applied to the PDF.  In the signature panel of the PDF (in Adobe Reader 9, this can found by clicking the signature panel button in the upper right corner of the window) you can select any signed version and view a copy of what was signed.  Using our example, the bank may have added some information of its own before signing.  By reviewing each signed version you can see what changed and what the state of the document looked like when each signature was applied.  The first image below shows the link to view the signed copy; the second shows how the viewer window changes to let you know you are now viewing a signed copy that cannot be altered.

Don’t touch that PDF!

So what happens if the PDF is tampered with?  That depends.  In some cases, the PDF may no longer open or have other forms of corruption preventing it from opening in Reader.  In less severe cases, the PDF will open but the signature will no longer be valid.  Here is a PDF with a single byte altered near the top of the document.  The change has no effect on any visible data in the PDF yet because the entire document must be an exact match to the signed version the signature is no longer valid.

Obtaining a Signature

A digital signature itself is a file (or files) that you can create using open source libraries or purchase from various security vendors on the Internet.  The added benefit of purchasing a signing key is it allows you to be certain of the identiy of the author and to provide a server time stamp.

When you sign a PDF using a purchased key from a company such as VeriSign, for example, you have the added benefit of stamping the time from their server into your PDF as added proof of when you signed the document.  This may be of benefit for certain legal documents where it is important to know that a document was signed as of a certain date/time.  Signatures have an expiration date that can be set when creating your own or are set by the vendor when purchased.  Regardless, the signature remains valid for the purpose of document verification even if the sigature files have expired.

FyTek provides the ability to digitally sign PDFs using free open source libraries available for Windows and Unix.  The product documentation will cover in detail how to create your signing keys.  Check the documentation for other PDF software you may want to use to see what options are provided.  Digitally sign your important documents so there is no doubt to their validilty.

admin Uncategorized

If you have a website that serves up PDFs you’ll want to make sure you are delivering them in a web-friendly way.  While HTML web pages tend to be relatively small in terms of size, a PDF can be much larger depending on its content.  Several factors contribute to this such as embedded fonts, a large number of pages or high-resolution graphics.  Therefore, as a thoughtful provider of PDF content, you’ll want to spend a little time upfront in preparing your PDF rather than make your end users spend a lot of time waiting to view your PDF - if they decide to stick around and wait.

For the most part, small to medium size web pages typically render in the browser quickly.  This is partly due to the fact that the browser will display certain items while it continues to work on other parts of the page so the page has the illusion of loading quickly.  You may notice some sites with lengthy tables tend to take longer as the browser has to work to determine the optimal size for each column based on all the data in the table.  Even though it may take some time (few seconds to a minute or more) to render an HTML page, when you can see various items start to populate in the window you can begin to focus on those areas while the rest populates.

A standard PDF works differently when you view it in your browser from a website.  In this case, the entire PDF must be downloaded to you computer before the PDF viewer will show this first bit of content.  The main reason for this is the way a PDF is structured.  A PDF is not required to be physically setup in the same order its pages are laid out.  That is, the data required for page 1 of the PDF isn’t necessarily near the top of the file.  In fact, PDFs have what is called a cross-reference table that specifies where all the objects or logical pieces are located.  The cross-reference table is located (not always in its entirety) at the end of PDF.  Thus, the entire PDF must be sent down the wire first to determine which pieces are needed and where they are within the PDF.

Optimization/Linearization

First up is optimization, which you might also hear referred to as linearization or fast-web view.  The point behind this is to physically restructure the PDF in such a way that the PDF viewer can begin to render the PDF without waiting for the entire PDF to download.  Different software will have different ways of setting this feature - there is a checkbox in Adobe Acrobat when you save the PDF to specify this and most FyTek software has an option that can be set.  Check the documentation if you are using other software to see if the option is available.

Optimizing a PDF is a method by which the first page of the PDF and bookmarks are moved to the top of the file along with part of the cross-reference table.  Some special settings are also made in the PDF file to denote to the PDF reader that this happens to be an optimized PDF.  When a web browser instructs the PDF plug-in to open and display the PDF, the browser will begin to show the first page (almost) right away.  Once the first page is displayed along with any bookmarks the browser will continue downloading the rest of the PDF in the background.  There may be a slight delay as you click to different bookmarks as that page might not yet be downloaded.  The total time to download the entire PDF will not be affected - but end users can begin to read the PDF much quicker rather than stare at the spinning wheel or globe in their favorite browser.

I should point out that optimization does not physically reduce the size of your PDF.  In fact, with the extra information needed to specify it is an optimized PDF, you will likely notice a small increase in the byte size.  Typically by only a few hundred to a few thousand bytes of the original size of the PDF before optimization.  Also, optimization will have no effect on PDFs outside of the web.  Opening an optimized PDF from your hard drive will be no faster than opening the same un-optimized version.  That is because the web server combined with the PDF Reader browser plug-in is what allows optimization to work and neither are in play when you open a locally stored PDF.

Other options

There are a few other options to consider in addition to optimization.  One is to use lower resolution images if possible.  Next, if your software supports it, use font subsets.  This option will place only the needed glyphs for fonts in your PDF rather than the entire character set.  Check the documentation for the software you are using to see if this option is available.  Better yet, do you need a custom font?  Try using a built-in font instead so you don’t need to include any extra font information.  PDF readers contain built-in fonts for Times Roman, Helvetica (Arial) and Courier.

Another consideration is to break up the PDF into smaller PDFs.  Perhaps use the bookmark structure of your current PDF to split it into more manageable sizes.  Even if you don’t have access to the document the PDF was created from there are other software programs available (including PDF Meld) to perform this function automatically.  Doing this means users may need to download multiple smaller PDFs rather than a single large PDF containing everything they need.

Summary

Use PDF optimization when you have large PDFs (probably a couple megabytes or more) not to reduce their size but to make them display faster in a web browser.  Optimization is only beneficial when you are making large PDFs available for viewing or download on a website.  It will not help with other delivery methods such as email.  Try using lower resolution images, font subsets to make the PDF physically smaller if you need to email or just want a smaller PDF.  Lastly, you might want to split up a large PDF based on some logical grouping such as bookmarks to create multiple smaller PDFs.

admin FyTek Software, PDF

The PDF file structure allows for various types of encryption. The common forms use 40-bit encryption, which are compatible with Adobe Reader 4.x and earlier and 128-bit used in Adobe Reader 5.x and higher. The more bits, the more difficult to crack using a brute force approach so 128-bit is considered more secure. No encryption scheme is completely safe but some are safer than others. The encryption used in PDFs won’t stop a dedicated hacker but should be fine for most other situations. Having said that, unless you have a need to support older versions of Adobe Reader you should use 128-bit encryption.

A PDF is internally divided into logical groupings or objects and these objects are assigned a unique number. There are many types of objects but for an example they could be an embedded font file, the content for a given page, or an image. Each object within a PDF has its data encrypted – the contents of the object, not the object number or other non-data parts of the object – when you apply encryption. That is, those sections that don’t relate to potentially sensitive information such as metadata or pointers are intentionally left unencrypted. This is so other software, such as file content search routine, can find a description or title for the PDF. You can encrypt this metadata if desired but unless you really want it encrypted it’s best to leave it as plain text.

The typical use for encryption, other than making it difficult to extract data directly, is to place restrictions on what can be done with a PDF file. For example, you may want to prevent the end user from printing or copying text from the PDF. Perhaps you are a graphics shop and your images are considered an asset. You may provide full resolution images for viewing within the PDF but only allow low-res printing. Here’s a list of restrictions you can place on a PDF depending on level of encryption used:

40-bit encryption

• do not allow user to print
• do not allow user to make changes
• do not allow user to copy text/graphics
• do not allow user to add/update annotations

128-bit encryption

• do not allow user to print (even low quality)
• do not allow user to make changes
• do not allow user to copy text/graphics
• do not allow user to add/update annotations
• do not allow user to fill in interactive fields
• do not allow user to extract information
• do not allow assembly (insert, rotate, delete pages or create bookmarks)
• do not allow user to print at digital quality

Types of Passwords

You have the option of applying an owner password only or an owner and user password. A user password, or opening password, is used when you want Adobe Reader to prompt for a password before showing the PDF. In this case, you can enter either the owner or user password depending on which one you know or care to use. If you don’t know either one then you will not be able to open or view the PDF. Note that both the owner and user password will grant the same restricted access as defined by the author of the document. So what good is the owner password? It can be used to remove the encryption from the document using the full (paid) version of Adobe Acrobat or other free software such as PDF Un-Secure from FyTek.

Having just an owner password on a PDF is similar to having both an owner and user password except there is no prompt to enter a password when opening the PDF. In this case there is no need to supply users with a user password and whatever restrictions you place on the PDF will be effect when the PDF is opened. Well, that’s the intent anyway. While we certainly don’t endorse the practice, it is possible to find software that will remove encryption from a PDF when only an owner password is present. The reason for this is the user password is used internally to decrypt the document. If the user password is not applied then by default it’s blank and therefore known. Keep this in mind if you have sensitive data to encrypt.

Summary

PDF encryption is used to limit how an end user can interact with your PDF. In addition, it provides an extra layer of security. This is not to say the security cannot be cracked but it should be sufficient for most users. Always keep the owner password available for future reference in the event you want to modify restrictions on an existing PDF. You can use Adobe Acrobat or other compatible software that is capable of removing PDF security settings. The other option is to recreate the PDF from its original source, such as a Word Document, and apply new restrictions.

admin PDF

I thought I’d start off this blog with something simple.  Now, I’m sure many of you reading this know exactly what a PDF is but you might be surprised how many people still visit our website and are not entirely sure what our software does or what a PDF is exactly.  It’s OK to not know - my wife who spends many hours surfing the web doesn’t always realize she’s viewing a PDF or what the difference is between a PDF and HTML page.  Nor does she really care as long as she can find what she is looking for.  But if you have an interest, then read on.

Websites offer a wide varietly of material in PDF format including catalogs, marketing pieces, course offerings, business forms and so on alongside of their standard HTML web pages. Once you click a link to a PDF it will usually open seamlessly in your browser window. Other than some extra navigation fields near the menu bar at the top you may think you are still just viewing another standard web page.

So what, exactly, is a PDF? In it’s simplest terms a PDF is just another file type in the same way you might have a Microsoft Word file or a picture in jpeg format from your digital camera. A PDF file may contain text and/or images and have any number of different layouts. Some might resemble the printed version of a newspaper or magazine article, another may be a catalog list of parts with pictures and barcodes and still others might be a polished report with tables and charts. There is no predefined layout so there are many possibilities on what you might come across in PDF format.  In fact, a PDF may be so precise that each letter in the text may be individually placed at a specific location so it is more of a final layout mechanism than an editable document.

The letters PDF stand for Portable Document Format. So what does this mean? The “Portable” means that a PDF will display exactly the same no matter what operating system is used to view or print the PDF. Unlike web pages, for example, that usually vary in appearance depending on what browser you are using, a PDF has a more rigid layout that will look exactly the same no matter what computer or software you view it on. This assumes the operating system you are using has a viewer available for it, however. In addition, the PDF file contains all the necessary data such as fonts and images in one package so there are no issues with missing pieces when viewing the PDF.

The “Document Format” part means the internal workings follow a certain structure. This structure is published by Adobe Systems and is made available to anyone who is interested. Visit the PDF Technology Center at http://www.adobe.com/devnet/pdf/ for more details. There you will find past PDF reference manuals and links to ISO for the most current one. For more information on licensing Adobe has this page: http://partners.adobe.com/public/developer/support/topic_legal_notices.html. As of this writing, suffice to say Adobe grants anyone a royalty-free license to develop software to create PDF documents using their standard. The main reason is to promote the use of PDF as a standard format. In addition, Adobe provides free software in the form of Adobe Reader to view PDFs and is available from the Adobe website.

Why use PDFs?

A PDF can do things other file formats simply cannot or do things better than other formats. Using the web page example again, assume you have nicely polished marketing piece for your company. You include a background image of your company logo with some text overtop. It looks good in your web browser but will it look the same in other types of browsers? Unless you test using different browsers you really don’t know. What about other operating systems? Again, without actually trying different operating systems (such as Mac flavors, Windows, Linux, etc.) you still don’t know. Next, what if someone wants to print your document? Every browser has different settings and some may print your background first then the text underneath the image. Some may print on one page and some one two. The point is you don’t have any control over how the browser will display or print your marketing piece. This is just one example and while it may be a minor inconvenience if a marketing piece doesn’t print exactly right, what if you have a something more sensitive such as a magazine article going to press? Here you need fine control over the layout.

So, what if you decide to use Microsoft Word to develop your marketing piece instead? You would certainly have more control over the layout. Though now only people who have bought Microsoft Word can view your document. On top of that, end users of your document would need a version that is compatible with version you used when you saved the document. That is, if you save a Microsoft Word file in format B and the end user has an earlier version of Microsoft Word that can only read documents saved in format A then that user cannot open your file. Adobe provides their PDF reader free to avoid this situation. In addition, older versions of Reader will open PDFs saved under newer version and simply ignore any newer features that might be in the PDF. Though since Reader is free there is little reason not to upgrade to the latest version.

Software to View PDFs

You already knew (or do now) that Adobe provides free software for opening and viewing PDFs. As with any piece of software, the free Adobe Reader is not perfect. Sure, it has the latest bells and whistles – it’s from Adobe after all and they decide what goes into the PDF standard. One complaint is it bloated with unnecessary features and can be slow to open. Because of this and a desire to offer other alternatives, you can find other software to do the same job. They may address certain aspects but keep in mind, like Adobe Reader, they have some shortcomings as well. The results from your favorite web search site will come up with a variety of alternatives such as the Foxit Reader from Foxit Software.

Summary

A PDF is a file format used when the author wants to keep the layout consistent across different operating systems and programs used to the view or print their document. You do not typically create a document from a PDF editor in the same way you might create a document in Microsoft Word. The process is to use whatever software you want such as Microsoft Word to create your document then save it as a Word document and print it to a PDF, rather than a physical printer. You distribute the PDF to users and keep the Word document handy in case you have to make changes to the PDF. Rather than change the PDF itself you change the Word document then “print” it again to PDF format. The PDF will encapsulate all the information needed such as fonts and images into one self-contained file. Keep in mind you can do this with just about any software that can print a document – not just Microsoft Word.

The process of printing a PDF from other applications such as Microsoft Word is not part of the free Adobe Reader. You will need other software that allows you print to PDF. There are many options and most cost anywhere from 10 to hundreds of dollars so be sure to search the web. Microsoft does have a free Office 2007 add-in for printing to PDF as well if you are using their products.

admin PDF