These forums are now Read Only. If you have an Acrobat question, ask questions and get help from one of our experts.

bit-for-bit comparison in PDF documents

malkateb
Registered: Oct 1 2007
Posts: 4

Hi,

I'm doing a basic survey about *PDF security*. As part of my survey on PDF security, I read in the following document (www.adobe.com/products/acrobat/pdfs/AdobePDFSecurityGuide.pdf) that when Adobe certifies a document as valid, this means that Adobe has done *a bit-for-bit comparison* of the document as it was at the time of signing against the document as it was at the time of the validation check, and it has found these two versions to be identical.

I wonder how Adobe performs this *bit-for-bit comparison*! Does Adobe keep the original document all the time (say in a centralized server) and compare it to the version being viewed by users? This doesn't sound to me as a practical technique.

Would you provide me with some explanation in this regard (i.e. *bit-for-bit comparison in PDF documents*)? A link to some white papers or technical reports would be also very useful.

Thanks in advance.

brogers
Registered: Nov 6 2007
Posts: 9
The comparison is done in memory on the local machine. There is no server involved. For end user details, see the Document Security User Guide at http://www.adobe.com/devnet/acrobat/security.php.

ben
rrelph
Registered: Nov 7 2007
Posts: 5
A few clarifications...

Adobe (the company) doesn't certify a document as valid - Acrobat and Adobe Reader (the programs) do.

The software doesn't do an actual "bit-for-bit" comparison, but instead generates a hash value at both signing time and validation time and compares those. The hash value changes if any bit of the document changes. At signing time, the hash value is encrypted with the signer's private key. The signer's public key (in the form of a certificate) is also added to the document at signing time.

At validation time, the public key is extracted from the document, the encrypted hash is decrypted, a new hash is generated and the two hash values are compared. After this purely mathematical check on the integrity of the document, trust can be established by checking the status of the certificate the public key is a part of.

This is standard digital signature technology.

The link Ben provided has an extra period at the end. http://www.adobe.com/devnet/acrobat/security.php The page has several documents you may want to read and understand for your survey. I'd recommend you start with http://www.adobe.com/devnet/acrobat/pdfs/DigitalSignaturesInPDF.pdf It describes the specification of digital signatures in PDF documents.
brogers
Registered: Nov 6 2007
Posts: 9
Ah yes. . . I misunderstood and was thinking the question pertained to Document Compare. rrelph is correct, and you should take a look at the dig sig documents for additional information (rather than the doc security guide).