It appears that Word's password protection is not really good, at least until Office 2003, if I read this SU entry correctly. I'm under the impression that Acrobat's PDF password protection should be better (it says 128-bit AES for Acrobat 7 and higher). Is that true?
Of course, it depends on the strength of the password used, but assuming I protect my PDF with a password like sd8Jf+*e8fh§$fd8sHä, am I on the safe side?
Like, say, for sending confidential patient information - not really valuable, but potentially highly sensitive.
Answer
From the Adobe site - Securing documents with passwords:
The Acrobat 3 And Later option uses a low encryption level (40‑bit RC4), while the other options use a high encryption level (128‑bit RC4 or AES). Acrobat 6.0 And Later lets you enable metadata for searching. Acrobat 9.0 And Later encrypts the document using the AES encryption algorithm with a 256-bit key size.
So apparently 7 will use 128-bit AES. I'd say you're very safe, especially with a password like that. The National Institute of Standards and Technology agrees:
Assuming that one could build a machine that could recover a DES key in a second (i.e., try 255 keys per second), then it would take that machine approximately 149 thousand-billion (149 trillion) years to crack a 128-bit AES key.
No comments:
Post a Comment