View Full Version : Can somebody make a tool to inject Information into a PDF?


CommanderROR
07-09-2006, 04:04 PM
Hi!

Strange question:

does anyome know a tool or can somebody make a tool that injects info into a PDF file?
The idea is this:
You make a PDF, make it simple, reflowable but otherwise standard so it can be used with as many PDF viewers as possible. You put a password on it for edit protection so that nobody can extract text or change the contents.

You then add a page that contains the "Owner Information". Let's say Name and Address.

Would it be possible to automate a process like that?

What I'm thinking is this:
Wouldn't a "DRM" model like this disencourage casual piracy (who wants to put their name and address up on a p2p network???) while still making files compatible and easy to keep and to use?

Thanks.

give me your idea on the process and the whole scheme...it'll probably never get it's chance, but I'd just like to know.

Pitchfork
07-09-2006, 04:17 PM
There is no problem in making a PDF such as this, however the edit protection can be removed easily. Once you make it harder to remove the protection you risk losing viewer compatibility. Even casual users can download tools with easy to follow UI's that remove the current Adobe protection, and can thereby remove the offending owner information.

Thinking of it a little more I realized that you can of course make it a pain to remove this user info, by placing the info multiple times in the file, in somewhat random formats that make it harder for tools to automatically remove the information.

CommanderROR
07-09-2006, 04:57 PM
The point is not to make this protection unbreakable. It's just a "token" protection to prevent just anybody from putting the files on p2p.

Every protection can and will be broken.

I hope publishers and authors will learn some day...

CommanderROR
07-09-2006, 05:16 PM
I just made a sample file containing a sample of the "user information" at the end of the document.

If you like, grab it @ www.awde-sign.de/mobileread/sample.pdf

It's a public domain Gutenberg.org book, so it should be no problem if I put it up for download. I took the normal .txt file and converted it to PDF, added the info and the protection.

Try it and tell me:

1) does it work on your device?
2) could you remove the "owner information" and how easy was it?

Thanks.

ath
07-10-2006, 05:26 AM
You make a PDF, make it simple, reflowable but otherwise standard so it can be used with as many PDF viewers as possible. You put a password on it for edit protection so that nobody can extract text or change the contents.

You then add a page that contains the "Owner Information". Let's say Name and Address.

Would it be possible to automate a process like that?

Possible, but impractical. It seems useless to first add DRM, then remove it in order to add a page, and then add it back in again: you need to keep track of the first password. If it's just a dummy password, it will be less safe, but if it's a good password, further password management is required. Simpler to keep the unprotected document, do the 'add extra page, and finish off with encryption', as that means you don't have to keep the original password around: instead you can use a truly random password for the encryption, which you don't keep any record of. Possibly less safe, but simpler.

Wouldn't a "DRM" model like this disencourage casual piracy (who wants to put their name and address up on a p2p network???) while still making files compatible and easy to keep and to use?

Depends. If you add that page in the wrong place, it may not be seen, and so have minimal impact. You really want the PDF file to open on that page, and that means altering the document configuration. A better approach would be, I think, to design the cover page so that it incorporates the owner's name, or, perhaps, the page header or footer to do so. That means that the document has to be designed, however, so that this information can be added in some document specific way -- probably as a special object with known contents that is replaced.

If tracing was the only purpose, it would perhaps be enough to add one or more custom document properties, or perhaps an embedded file, with the identity, though I'm not 100% certain yet if it can be done so that it cannot be removed without passing the encryption barrier. (It is possible to remove some things from an encrypted document: it just means that Reader will warn that the document has been changed. That's clearly not useful for this information -- removal must be very difficult.)

However, for best protection 1.5 or later should be used, as it includes encrypted object streams, along with the longer-than-40-bit keys from 1.4 -- but that lessens the portability of the document. The tradeoff need to be considered carefully.

CommanderROR
07-10-2006, 07:23 AM
That is exaclty the problem.

Putting this information at the beginning of the file (and maybe the end too) would be easy if you do it by hand.
But putting this info into every file by hand is pretty ridiculous.

One way would be to use a tool to inject the info into a .doc or .txt/.rft file, then make the PDF with the editing protection.

Has anyone tried to extract the info from my sample file yet? My program couldn't do it, but I only tried once. I couldn't extract contents either. So far it worked well. I haven't tried it on my PPC yet and have yet to receive my Iliad and try it there...

Pitchfork
07-10-2006, 08:29 AM
I tried removing the protection using off the shelf products. they remove the protection, but also remove the entire contents of the doc :happy2:

Injecting the user info could be done at download time. I have made quite a few web sites that do this and have the PDF creation components on my server, however I have notlooked into copy protection usung this system as it never has been a requirement. For more info on the component I am using look at http://www.asppdf.com/

yokos
07-10-2006, 09:36 AM
If you don't set a "user password" [needed for opening the pdf file] your security is very LOW. Software can decrypt it in milliseconds. After doing it your reader will have full controll of your document.

What you want to do is very easy with Adobe Acrobat - that is why it's so expensive. :crowngrin It's called "batching" or so [in my German version "Stapelverarbeitung"].
You can write scripts [adding pages, changing document information etc.,] & let it run on complete folder of files.

I don't know if other software like from foxit offers such features.

CommanderROR
07-10-2006, 10:34 AM
I have set a user password, but only for editing and or extracting/printing the file. The idea is, that the file should be easy to use and the protection should be unobtrusive but the information in the file should not be removable.
The master password could be generated randomly or something because nobody would have to have access to the editing features, not even the "seller" of the files.

The really difficult part for this procedure is, that you'd have to have a system like the one Pitchfork describes that uses the information the Purchaser provides when ordering and injects it into the PDF the user then downloads.

ath
07-10-2006, 10:44 AM
1) does it work on your device?

No. It needs Reader 7.0 to be read, and Reader for Pocket PC 2.0 is not up to that level. If you want portability, you better use 40-bit encryption.

2) could you remove the "owner information" and how easy was it?

Didn't even try. However ... as the document reads perfectly without password (once I fire up Reader 7.0), I doubt that it would be a serious problem.

Reader can clearly decrypt the information on it's own, and display it. When I try to do something that's not in the rights field (P), it's Reader, not the PDF file that implements the protection.

So I simply get my own reader (say, xpdf -- haven't checked if it does 1.5 decryption, though), remove the test for 'is this forbidden by DRM', if there is one, recompile it, run, open the file, save the file without encryption or compression, fire up a text editor, and remove the lines you've added manually. (There used to be a PostScript file around that could be used in GhostView that did much the same thing ... pdf_sec.ps. Don't know if it can be made to work for AES encryption) Once the PDF reader (or equivalent) decides to ignore the DRM specification in the file, you can do almost anything.

However ... once you require the user to enter a password before the document can be read, you get better protection. Then the password guessing and cryptanalysis starts in earnest.

I'm not entirely sure, but it may be possible simply to delete the
page the added text is on -- much rougher, but equally effective.

There's no security without passwords or equivalents: there's just obfuscation.

CommanderROR
07-10-2006, 10:59 AM
i'm not so sure there.
I wanted to make the file unencrypted but add the protection for editing.
So far the usual suspects like PDF-to-txt and others have failed. Unfortuately my PPC couldn't read the file either because of the encryption.
Bad that...

Making a password prtection for the file to open is out of the question for me. It requires a device that has input and that is not always the case. Also, users would have to use the password to open the file every time, making it far more attractive to simply strip the pasword from the file thus making it "unprotected" again.

I'll have to try Xpdf or something and also try to make the file more compatible.

ath
07-10-2006, 11:13 AM
So far the usual suspects like PDF-to-txt and others have failed.

Look for the name 'Kyler Laird', possibly together with 'PDF' on the net and in comp.text.pdf ... he did this kind of stuff routinely some five years back or so, though it was with 40-bit encryption -- as far as I remember it was using a modified version of xpdf.

CommanderROR
07-10-2006, 11:23 AM
OK...I now made another file

www.awde-sign.de/mobileread/sample_low.pdf

This one works on my PPC and I can still not extract the content easily. I'm sure there are programs that can do this, but it's not too easy.
I'll do further testing.

Pitchfork
07-10-2006, 01:48 PM
@CommanderROR

The last file was a snap to crack. Took 30 sec. to remove User info and gain access to all PDF features.

Thought it best to attach proof :happy2:

CommanderROR
07-10-2006, 02:33 PM
Thanks for that info!

so that means that we're stuck with either bad compatibility or bad protection...damn...

pdfcrack
07-10-2006, 03:27 PM
Hello, thought I might pitch in with some information as I have worked with the pdf-security-scheme.

CommanderROR: You are correct that you are stuck with bad compatibility or bad protection. If someone can access the content they can also create a new pdf with the same content but without the protection rather easily.
Owner-password does not give ANY protection from this in the current scheme and as I stated above it is quite clear that it cannot provide any protection as long as the user can access the content.
The only protection that works is to give only users that you trust access to the content and even then, these users may extract the content that they have access to and produce a copy without protection.

A scheme that might work in the future is to have hardware DRM that remove a user the right to do what they want with their computer and by that enforcing the restrictions you set, but, as always we have the analog hole even then and you can always (it might be more or less hard though) reproduce the content manually by creating a completly new copy.

Current PDF-files are really quite easy to break if you know the user-password or if it is unencrypted. If the user-password is null and the document unencrypted it is as easy as recalculating the checksum that it is matched to with the new permission you want to set. If the document is encrypted with null-password, all you need to do is to decrypt and write back the unencrypted information and then recalculate the checksum (and possible the file-offsets), and if you have a userpassword that the user have access to or manages to crack you can rather easily unencrypt and then do the above (and maybe recalculate the checksum).
Instead of recalculating the checksum you might remove the encryption-object in the trailer alltogther.

yokos
07-12-2006, 11:04 AM
# In Acrobat you can "signature" a pdf file. This way you can limit the rights too. Not all software decrypters can handle this.

bingle
07-12-2006, 02:56 PM
Here's a message I wrote on TeleRead about your DRM scheme, CommanderROR... I decided to post it here, too, since we're talking about the same thing ;-)

Roland:

I'm not convinced that personal watermark-style DRM is a good idea. For one thing, there are a number of technical issues with implementation, as in any DRM scheme. Ed Felten talks about that on his Freedom to Tinker blog (http://www.freedom-to-tinker.com/?p=981).

However, even if it works, I question whether we want it to work. One of the problems with DRM is that it prevents legitimate fair use of content. If DRM prevents the owner from doing something legal with the content that they would otherwise be able to do with a print book, it is a failure, in my opinion. (Not to get sidetracked, but I really believe that limiting digital books to be exactly as bad as print books is a terrible rejection of their promise).

So, with a watermarked piece of content, the owner will not share it on P2P networks. But she will also not share it with friends, family, or neighbors - she might trust them, but if they share it with someone else, or accidentally leave it in the wrong folder, or any number of other scenarios take place, the content with her personal information is all over the Internet. Leaving her wide open to accusations of criminal activity, not to mention exposure of private details.

There's also excerpting - if a content owner wants to put a snippet of the work in an article or a paper. She is then not only publishing the quoted information, but also potentially her home address, account details, or whatever other personal information the watermark contains. This not only makes it impossible to write anonymous works that quote watermarked material, it would make any author think twice about publishing works that contain quoted material freely.

Another objection is touched upon by Kathryn Cramer on her blog (http://www.kathryncramer.com/kathryn_cramer/2006/02/watermarking_as.html), and points out that watermarking could potentially harm small content creators (as many DRM schemes do).

There are good features to watermarking, certainly, but I don't think it's the perfect solution by any means.

CommanderROR
07-12-2006, 05:39 PM
You are right.
The whole "personal information DRM" is not perfect, but it was an idea that might work better than the current scheme and everything is worth a try.