Suggestion - Default Encryption

[izomiac]

Hello, I like to use PDF-XChange Editor to scan/store important documents (e.g. tax records) and will typically encrypt them for added security. Today I looked a bit closer and noticed that the default encryption algorithm is RC4, which has a number of significant vulnerabilities. Could the default be changed to one of the AES options instead? This would require a minimum compatibility level of Acrobat 7.0, which was released fifteen years ago.

[Paul - Tracker Supp]

Hi Isomiac,

welcome to the Tracker forums and thanks for the post.

Why not just used Acrobat 7 compatibility? 128 bit AES:

Or Acrobat 9.0 and later, which offers 256-bit AES?

Even better, we have a tool to manage "Security Policies" -

where you can set up the algorithm you want to use, as well as all the other associated settings. You can then apply them quickly to any document:

[izomiac]

I do, I just don't think RC4 should be a default option in 2020. RC4 is a very weak encryption algorithm by modern standards with several known attacks against it. There are exceedingly few reasons a person would want to encrypt a document, but use an insecure method to do so. If such edge cases exist, they are quite rare.

To securely encrypt a document, a user has to manually change this setting every time. Less informed users will not realize they need to do so, and everyone is liable to occasionally forget. It's dangerous.

[Tracker Supp-Stefan]

Hello Izomiac,

The main concern here is the 'compatibility' of the encryption used.
128 bit RC4 is compatible with Acrobat 6 and later, while 128 bit AES is compatible with Acrobat 7.0 and later.
I will pass your suggestion to the dev team for consideration, but I can't make any promises as to whether we will actually change this default!

Regards,
Stefan