Opinion: The Moscow software developer adds brute-force PDF password cracking to its network utility and achieves Microsoft gold developer certification, too.ElcomSoft is back! Although its 2001-2002 legal saga slowed production of its password-busting software utilities, the company that showed the world how PDF e-books could be hacked and gave us the Dmitry Sklyarov story is returning with a vengeance.
This time, ElcomSoft may actually be achieving new levels of legitimacy out there in the software development community. Adobe, both a partner and rival to Microsoft, must have winced when it saw last month that Microsoft awarded ElcomSoft its Gold Certified Partner status.
What's worse for Adobe is that, after the painful memories of bad PR from the Sklyarov case (Adobe eventually withdrew its support of the federal criminal charges against him), Adobe gets to contend with a new product: ElcomSoft Distributed Password Recovery, or EDPR, to which ElcomSoft added PDF support last month.
The utility, in a nutshell, borrows all the idle processing bandwidth on a network to brute-force-attack a password-protected PDF. ElcomSoft CEO Vladimir Katalov told PDFzone in an e-mail that the tool wasn't designed to enable mischief makers, but rather, to combat mischief itself.
"The audience for the EDPR includes, for example, corporate security departments and help desks—to deal with employees who, intentionally or unintentionally, have protected their personal and/or corporate data," Katalov said. "It's vital to recover these passwords when employees forget their passwords, or when they deliberately add passwords to documents in an effort to sabotage their companies. Our software is also being used by forensics, law enforcement, military and government agencies worldwide—in the criminal investigation, drug control, and anti-terrorism efforts."
Oh, to be a fly on the wall in the Adobe legal department.
While EDPR has been on the market for a while, it was only a few weeks ago that the company added PDF to the list of files it can crack, which previously included Word and Excel documents encrypted with 40-bit keys (Office 97/2000 compatible); more recent documents (Office XP/2003) encrypted with CSP; Personal Information Exchange certificates (PKCS#12) and PGP encryption, including PGP secret key rings (.SKR files), PGP disks (.PGD files), and PGP self-decrypting archives. In fact, PDF is just one of more than 100 formats the software can tackle.
Katalov and Co. claim to guarantee cracking 40-bit encrypted PDF passwords, but it's the add that it's on lost 128-bit passwords that EDPR "shows its unique strength."
"We market perfectly legal software," Katalov writes. "Our software is often used by law enforcement agencies and investigators and has been referred to in a few books on forensic science. We received quite a few letters of gratitude from various law enforcement agencies in Russia and elsewhere. One has to understand that almost any tool can be used for both legal and illegal purposes. We always warn our customers that password recovery software can only be used in a lawful manner and that they are responsible for their actions."
Clearly, Microsoft wouldn't certify a company selling illegal software as a gold-level partner, anyway, right? Either way, Elcom's back, and for those who were wondering: Yes, Dmitry Sklyarov still works for the company as chief security analyst. In hindsight, Katalov says that Sklyarov's arrest and subsequent incarceration didn't really affect ElcomSoft's business positively or negatively, but it did "seriously increase our legal expenses."
For all the water under the bridge, ElcomSoft still can see the beauty in PDF. Fairly objectively, in my opinion: In Katalov's estimation, PDF is the king of the document formats, and a good solution for maintaining a digital representation of what's on paper.
From his security expert's point of view, however, he opines that document-level password protection technically isn't DRM (digital rights management). And because of the plug-in architecture of Acrobat and PDF readers, it makes PDF a less-secure platform for DRM.
"PDF is really a good format, but it was designed to represent paper documents precisely," Katalov said, adding that it should remain dominant for some time. "For now, I can't see any PDF-slayer document format. I believe that Microsoft is aimed to the market that is already occupied by PDF, but there is no 'ubiquitous' document processing solution from Microsoft yet. So, most probably PDF would prevail for, at least, the next few years."
Document Management 
