The latest product of ISO TC 171 SC 2 WG 8: ISO/TS 32003:2023 Document management — Portable Document Format — Adding support of AES-GCM in PDF 2.0, is now published. This ISO Technical Specification extends PDF encryption to include AES-GCM with cipher keys of size 128-bits, 192-bits and 256-bits, and a block size of 128 bits.
The Galois/Counter Mode (GCM) is a block cipher mode of operation standardized for use with the Advanced Encryption Standard (AES) by the US National Institute for Standards and Technology (NIST) as NIST SP 800-38D Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC. AES-GCM provides high-speed encryption and data integrity, and is a big improvement over the previous AES-CBC (Cipher Block Chaining) methods introduced in PDF 1.6 but deprecated in PDF 2.0.
AES-GCM is an authenticated encryption algorithm: it provides confidentiality as well as ciphertext authentication. The two cryptographic primitives supplied by AES-GCM are referred to as authenticated encryption and authenticated decryption. The authenticated encryption function encrypts the confidential data and computes an authentication tag on both the ciphertext and, optionally, an additional authenticated data (AAD) payload. The authenticated decryption function decrypts the confidential data contingent on verification of the tag. Each function is relatively efficient and able to be parallelized; consequently, high throughput implementations are possible in both hardware and software.
In PDF encryption, encryption is always applied to individual streams and strings. Although using AES-GCM authenticates all individual ciphertexts a separate mechanism is required to achieve document-level integrity guarantees. One such mechanism will be defined in the soon-to-be published ISO/TS 32004 Document management — Portable Document Format — Integrity protection in encrypted documents in PDF 2.0, as described in this overview and Matthias Valvekens' explanation of MACs versus signatures.
The staff of the PDF Association are dedicated to delivering the information, services and value members have come to expect. Staff members of the PDF Association include: Alexandra Oettler (Editor), Betsy Fanning (Standards Director), Duff Johnson (Chief Executive Officer), Matthias Wagner (CFO & Operations Director), Peter Wyatt (Chief Technology Officer), Thomas Zellmann (PDF Evangelist).