PDF Digital signatures


Published on

An overview of digital signature functionality in PDF

Published in: Technology

PDF Digital signatures

  1. 1. Digital Signatures<br />How to sign a PDF document?<br />
  2. 2. Structure of a PDF file<br />%PDF-1.x<br />%âãύÓ<br />1 0 obj<br />...<br />2 0 obj<br />... (Hello World) Tj ...<br />xref<br />0 81<br />0000000000 65535 f<br />0000000015 00000 n<br />...<br />trailer<br /><< ... >><br />startxref<br />15787<br />%%EOF<br />A PDF file consists of a collection of objects.<br />A PDF files starts with %PDF-1.x and ends with %%EOF<br />
  3. 3. Changing the content of a PDF file<br />%PDF-1.x<br />%âãύÓ<br />1 0 obj<br />...<br />2 0 obj<br />... (Hello People) Tj ...<br />121 0 obj<br />...<br />xref<br />0 85<br />0000000000 65535 f<br />0000000015 00000 n<br />...<br />trailer<br /><< ... >><br />startxref<br />16157<br />%%EOF<br />You can use software to change the content of a PDF document: change a stream, add objects (e.g annotations), and so on.<br />
  4. 4. What are our concerns?<br />Integrity—we want assurance that the document hasn’t been changed somewhere in the workflow<br />Authenticity—we want assurance that the author of the document is who we think it is (and not somebody else)<br />Non-repudiation—we want assurance that the author can’t deny his authorship.<br />
  5. 5. Integrity<br />A digest is computed over a range of bytes from the file.<br />This ByteRange is signed using the private key of the sender.<br />This digest and the sender’s Certificate are embedded in the PDF.<br />The receiver compares the embedded digest with the digest of the content.<br />
  6. 6. Digital Signature field<br />%PDF-1.x<br />%âãύÓ<br />1 0 obj<br />...<br />2 0 obj<br /><<<br /> /FT/Sig /Contents/...<br />>><br />...<br />xref<br />0 81<br />0000000000 65535 f<br />...<br />trailer<br /><< ... >><br />startxref<br />15787<br />%%EOF<br />A signed PDF file contains a signature dictionary.<br />The binary value of the PDF signature is placed into the Contents entry of a signature dictionary.<br />
  7. 7. Embedded Digital Signature<br />%PDF-1.x<br />%âãύÓ<br />...<br />2 0 obj<br />... /FT/Sig /Contents <<br />The digital signature isn’t part of the ByteRange.<br />There are no bytes in the PDF that aren’t covered, other than the PDF signature itself.<br />DIGITAL<br />SIGNATURE<br />>...<br />xref<br />0 81<br />0000000000 65535 f<br />...<br />trailer<br /><< ... >><br />startxref<br />15787<br />%%EOF<br />
  8. 8. Cryptography<br />Symmetric key algorithms: the same key is used to encrypt and decrypt content.<br />Asymmetric key algorithms: a public key is used to encrypt, a private key is used to decrypt (for encryption purposes).<br />Or, a private key is used to encrypt, a public key is used to decrypt (for digital signatures).<br />
  9. 9. Obtain a public/private key<br />Create your own keystore (with the private key) and self-signed certificate (with the public key); e.g. using keytool<br />Ask a Certificate Authority (CA) to sign your certificate to prove your identity<br />A Certificate signed by a CA’s private key can be decrypted with the CA’s root certificate (stored in Adobe Reader)<br />
  10. 10. Digital Signatures<br />Stored on the producer’s side<br />Certificate<br />Public key<br />Identity info<br />Private key<br />Original document<br /> ByteRange<br />Received by the consumer<br />%PDF-1.x<br />...<br />/ByteRange ...<br />/Contents<<br />DIGITAL SIGNATURE<br /><ul><li>Certificate
  11. 11. Signed Message Digest
  12. 12. Timestamp</li></ul>>...<br />%%EOF<br />
  13. 13. Possible architecture<br />Application<br />Device<br />%PDF-1.x<br />...<br />DIGITAL SIGNATURE<br /><ul><li>Certificate
  14. 14. Signed Message Digest
  15. 15. Timestamp</li></ul>...<br />%%EOF<br />Existing PDF document<br />Created by PDF producer<br />Fill out signature field<br />Using iText<br />Externally sign digest<br />created with iText<br />
  16. 16. Displaying digital signatures<br />Digital signatures are part of the file structure: it isn’t mandatory for a digital signature to be displayed on a page.<br />Digital signatures are listed in the signature panel.<br />A digital signature can be visualized as a field widget (this widget can consist of graphics, text,...).<br />
  17. 17. Invisible signature<br />
  18. 18. Visible signature<br />
  19. 19. Invalid signature<br />
  20. 20. Custom signature<br />
  21. 21. Important note<br />A signature signs the complete document.<br />The concept of signing separate pages in a document (“to initial a document”) doesn’t exist in PDF.<br />Legal issue: how to prove that a person who signed for approval has read the complete document?<br />
  22. 22. Serial signatures<br />%PDF-1.x<br />%Originaldocument<br />DIGITAL SIGNATURE 1<br />...<br />%%EOF<br />A PDF document can be signed more than once, but parallel signatures aren’t supported, only serial signatures: additional signatures sign all previous signatures.<br />Rev1<br />% Additional content 1<br />...<br />DIGITAL SIGNATURE 2<br />...<br />%%EOF<br />Rev2<br />% Additional content 2<br />...<br />DIGITAL SIGNATURE 3<br />...<br />%%EOF<br />Rev3<br />
  23. 23. Two signatures<br />
  24. 24. Types of signatures<br />Certification (aka author) signature— only possible for the first revision; involves modification detection permissions.<br />Approval (aka recipient) signature— workflow with subsequent signers.<br />Usage Rights signature— involving Adobe’s private key to Reader enable a PDF (off-topic here).<br />
  25. 25. Problems solved?<br />Integrity—signature is invalidated if bytes are changed<br />Authenticity—Certificate Authority verifies the identity of the owner of the private key<br />Non-repudiation—the author is the only one who has access to the private key<br />
  26. 26. What if?<br />What if the author’s private key is compromised?<br />What if the author falsifies the creation date of the document?<br />What if the certificate expires too soon?<br />
  27. 27. Revocation checking<br />Certificate Revocation List (CRL)<br />The certificate is checked against a list of revoked certificates.<br />Online Certificate Status Protocol (OCSP)<br />The revokation status is obtained from a server.<br />If the certificate was revoked, the signature is invalid.<br />
  28. 28. OCSP<br />
  29. 29. Timestamping<br />The timestamp of a signature can be based on the signer’s local machine time,<br />Or the signer can involve a Time Stamp Authority (TSA). The message digest is sent to a trusted timestamp server. This server adds a timestamp and signs the resulting hash using the TSA’s private key.<br />The signer can’t forge the time anymore.<br />
  30. 30. Timestamp<br />
  31. 31. PAdES - LTV<br />PAdES: PDF Advanced Electronic Signatures<br />LTV: Long Term Validation<br />Requires extensions to ISO-32000-1<br />Described by ETSI in TS 102 778 part 4<br />Requires Document Security Store (DSS) and Document Timestamp<br />A new DSS+TS are added before expiration of the last document timestamp<br />
  32. 32. More info<br /><ul><li>iText in Action Second Edition
  33. 33. Web site: http://itextpdf.com
  34. 34. Company:</li></ul> 1T3XT BVBA<br />