What is a PDF Lock?
A PDF lock is a method or technique for denying access to PDF encoded information. Although there are many ways of implementing access controls, such as passwords or registration codes, those are keys to open a PDF lock.
Some types of PDF lock are achieved with hardware – typically a ‘dongle’ which is a piece of hardware that must be present if the PDF lock is to be opened. Contrary to some recent ‘opinions’ the dongle is not obsolete and US law does not allow them to be removed UNTIL on an individual basis they are actually obsolete.
Other types of PDF lock are implemented in software, and these may require registration codes, user identification codes, as well as network or machine addresses to be present or provided. A PDF lock is a very important methodology supporting the application of DRM to PDF documents.
A PDF lock has to make use of encryption if it is going to prevent anyone from being able to process the PDF without a suitable key. And, of course, just like any other locks, there are different grades of PDF lock:
- A simple PDF lock lets the user encrypt the file using a password and that allows access to the content it is protecting. This is not a very effective because passwords can be easily given away, or cracked with password attack tools. Sometimes the password is also included with the document, which is not a very wise approach.
- The more thorough PDF lock goes much further. It checks independently that the user/machine it is working on has been registered for the document in question, and that it can obtain secrets needed to form the key, and that the use of the key is valid. This kind of PDF lock is therefore much more subtle, and breaking it much more complicated.
And whilst a PDF lock may show some of the characteristics of physical locks – only opening at certain times, not opening if the surroundings are wrong, and so on, it can extend the capability of the physical lock by addressing how the PDF is subsequently used. So a strong PDF lock should consist of a granular and layered architecture – decide what features are to be unlocked, and even for how long or under what circumstances – rather than a simple on/off mechanism.
Most importantly, a PDF lock must be able to prevent authorized users from passing on information after it has been unlocked.