ISO/TS 32003:2023
(Main)Document management — Portable Document Format — Adding support of AES-GCM in PDF 2.0
Document management — Portable Document Format — Adding support of AES-GCM in PDF 2.0
This document specifies how to extend the specification contained in ISO 32000-2 by adding extensions to the Encrypt dictionary to support the Advanced Encryption Standard (AES)-Galois/Counter Mode (GCM) encryption algorithm. These extensions are intended for developers of: ¾ software that creates PDF files (PDF writers); ¾ software that reads existing PDF files and (usually) interprets their contents for display (PDF readers); ¾ software that reads and displays PDF content and interacts with the computer users to possibly modify and save the PDF file (interactive PDF processors) and PDF products that read and/or write PDF files for a variety of other purposes (PDF processors). NOTE PDF writers and PDF readers are more specialized classifications of interactive PDF processors and all are PDF processors. This document does not specify the following: — specific processes for converting paper or electronic documents to the PDF file format; — specific technical design, user interface implementation, or operational details of rendering; — specific physical methods of storing these documents such as media and storage conditions; — methods for validating the conformance of PDF files or PDF processors; — required computer hardware and/or operating system.
Gestion de documents — Format de document portable — Ajout d'un support pour AES-GCM dans PDF 2.0
General Information
Buy Standard
Standards Content (Sample)
TECHNICAL ISO/TS
SPECIFICATION 32003
First edition
2023-05
Document management — Portable
Document Format — Adding support
of AES-GCM in PDF 2.0
Gestion de documents — Format de document portable — Ajout d'un
support pour AES-GCM dans PDF 2.0
Reference number
ISO/TS 32003:2023(E)
© ISO 2023
---------------------- Page: 1 ----------------------
ISO/TS 32003:2023(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2023
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
© ISO 2023 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/TS 32003:2023(E)
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Extension schema details .2
5 Proposed Changes . 2
5.1 Encrypt Dictionary . 2
5.2 Encryption of data using AES-GCM in PDF objects . 3
Bibliography . 5
iii
© ISO 2023 – All rights reserved
---------------------- Page: 3 ----------------------
ISO/TS 32003:2023(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO document should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
ISO draws attention to the possibility that the implementation of this document may involve the use
of (a) patent(s). ISO takes no position concerning the evidence, validity or applicability of any claimed
patent rights in respect thereof. As of the date of publication of this document, ISO had not received
notice of (a) patent(s) which may be required to implement this document. However, implementers are
cautioned that this may not represent the latest information, which may be obtained from the patent
database available at www.iso.org/patents. ISO shall not be held responsible for identifying any or all
such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to
the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see
www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 171, Document management applications,
Subcommittee SC 2, Document file formats, EDMS systems and authenticity of information.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.
iv
© ISO 2023 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/TS 32003:2023(E)
Introduction
The Galois/Counter Mode (GCM) is a block cipher mode of operation that was standardized for use with
the Advanced Encryption Standard (AES) by the US National Institute for Standards and Technology
(NIST). AES-GCM provides high-speed encryption and data integrity.
AES-GCM is an authenticated encryption algorithm: it provides confidentiality as well as ciphertext
authentication. The two cryptographic primitives supplied by AES-GCM are referred to as authenticated
encryption and authenticated decryption. The authenticated encryption function encrypts the
confidential data and computes an authentication tag on both the ciphertext and, optionally, an
additional authenticated data (AAD) payload. The authenticated decryption function decrypts the
confidential data, contingent on the verification of the tag. Each of these functions is relatively efficient
and able to be parallelized; consequently, high throughput implementations are possible in both
hardware and software. The AES-GCM algorithm supports cipher key of size 128-bits, 192-bits and
256-bits. The block size is of 128 bits.
In PDF encryption, encryption is applied to individual streams and strings. Using AES-GCM therefore
authenticates all individual ciphertexts, but a separate mechanism is required to achieve document-
1)
level integrity guarantees. One such mechanism is defined in ISO/TS 32004.
v
© ISO 2023 – All rights reserved
---------------------- Page: 5 ----------------------
TECHNICAL SPECIFICATION ISO/TS 32003:2023(E)
Document management — Portable Document Format —
Adding support of AES-GCM in PDF 2.0
1 Scope
This document specifies how to extend the specification contained in ISO 32000-2 by adding extensions
to the Encrypt dictionary to support the Advanced Encryption Standard (AES)-Galois/Counter Mode
(GCM) encryption algorithm.
These extensions are intended for developers of:
— software that creates PDF files (PDF writers);
— software that reads existing PDF files and (usually) interprets their contents for display (PDF
readers);
— software that reads and displays PDF content and interacts with the computer users to possibly
modify and save the PDF file (interactive PDF processors) and PDF products that read and/or write PDF
files for a variety of other purposes (PDF processors).
NOTE PDF writers and PDF readers are more specialized classifications of interactive PDF processors and
all are PDF processors.
This document does not specify the following:
— specific processes for converting paper or electronic documents to the PDF file format;
— specific technical design, user i
...
ISO/TSDTS 32003:2023(XE)
ISO TC 171/SC 2/WG 8
Secretariat: ANSI
Date: 2022-11-302023-02-07
Document management — Portable Document Format — Adding support of AES-GCM in PDF 2.0
CD TS stage
Warning for WDs and CDs
This document is not an ISO International Standard. It is distributed for review and comment. It is subject to
change without notice and may not be referred to as an International Standard.
Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of
which they are aware and to provide supporting documentation.
© ISO 2022 – All rights reserved
---------------------- Page: 1 ----------------------
© ISO 2022
Gestion de documents — Format de document portable — Ajout d'un support pour AES-GCM dans PDF 2.0
---------------------- Page: 2 ----------------------
ISO/DTS 32003:2023(E)
© ISO 2023
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of
this publication may be reproduced or utilized otherwise in any form or by any means, electronic or
mechanical, including photocopying, or posting on the internet or an intranet, without prior written
permission. Permission can be requested from either ISO at the address below or ISO’sISO's member body in
the country of the requester.
ISO copyright officeCopyright Office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: + 41 22 749 01 11
Email: copyright@iso.org
Email: copyright@iso.org
Website: www.iso.orgwww.iso.org
Published in Switzerland.
ii © ISO 2023 – All rights reserved
---------------------- Page: 3 ----------------------
ISO/DTS 32003:2023(E)
Foreword . 3
Introduction . 4
1 Scope . 5
2 Normative references . 5
3 Terms and definitions . 5
4 Extension schema details . 6
5 Proposed Changes . 6
5.1 Encrypt Dictionary . 6
5.2 Encryption of data using AES-GCM in PDF objects . 7
Bibliography . 9
© ISO 2022 – All rights reserved
© ISO 2023 – All rights reserved iii
---------------------- Page: 4 ----------------------
ISO/DTS 32003:2023(E)
Contents
Foreword . v
Introduction . vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 2
4 Extension schema details . 3
5 Proposed Changes. 3
5.1 Encrypt Dictionary . 3
5.2 Encryption of data using AES-GCM in PDF objects . 4
Bibliography . 8
iv © ISO 2023 – All rights reserved
---------------------- Page: 5 ----------------------
ISO/DTS 32003:2023(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO
collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives 2 (see
www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of any
patent rights identified during the development of the document will be in the Introduction and/or on
the ISO list of patent declarations received (see www.iso.org/patentswww.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the World
Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see
www.iso.org/iso/foreword.htmlwww.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 171, Document management applications,
Subcommittee SC 2, Document file formats, EDMS systems and authenticity of information.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.
© ISO 2022 – All rights reserved
© ISO 2023 – All rights reserved v
---------------------- Page: 6 ----------------------
ISO/DTS 32003:2023(E)
Introduction
The Galois/Counter Mode (GCM) is a block cipher mode of operation that was standardized for use with
the Advanced Encryption Standard (AES) by the US National Institute for Standards and Technology
(NIST). AES-GCM provides high-speed encryption and data integrity.
AES-GCM is an authenticated encryption algorithm: it provides confidentiality as well as ciphertext
authentication. The two cryptographic primitives supplied by AES-GCM are referred to as authenticated
encryption and authenticated decryption. The authenticated encryption function encrypts the
confidential data and computes an authentication tag on both the ciphertext and, optionally, an additional
authenticated data (AAD) payload. The authenticated decryption function decrypts the confidential data,
contingent on the verification of the tag. Each of these functions is relatively efficient and able to be
parallelized; consequently, high throughput implementations are possible in both hardware and
software. The AES-GCM algorithm supports cipher key of size 128-bits, 192-bits and 256-bits. The block
size is of 128 bits.
In PDF encryption, encryption is applied to individual streams and strings. Using AES-GCM therefore
authenticates all individual ciphertexts, but a separate mechanism is required to achieve document-level
integrity guarantees. One such mechanism is defined in ISO/TS 32004.ISO/TS 32004.
vi © ISO 2023 – All rights reserved
---------------------- Page: 7 ----------------------
TECHNICAL SPECIFICATION ISO/DTS 32003:2022(E)
Document management — Portable Document Format — Adding
support of AES-GCM in PDF 2.0
1 Scope
This document specifies how to extend the ISO 32000-2 specification contained in ISO 32000-2 by adding
extensions to the Encrypt dictionary to support the Advanced Encryption Standard (AES-)
Galois/Counter Mode (GCM) encryption algorithm.
These extensions are intended for developers of :
⎯ software that creates PDF files (PDF writers),);
⎯ software that reads existing PDF files and (usually) interprets their contents for display (PDF
readers),);
⎯ software that reads and displays PDF content and interacts with the computer users to possibly
modify and save the PDF file (interactive PDF processors) and PDF products that read and/or
write PDF files for a variety of other purposes (PDF processors). (
NOTE PDF writers and PDF readers are more specialized classifications of interactive PDF processors and all
are PDF processors).
This document does not specify the following:
• — specific processes for converting paper or electronic documents to the PDF file f
...
FINAL
TECHNICAL ISO/DTS
DRAFT
SPECIFICATION 32003
ISO/TC 171/SC 2
Document management — Portable
Secretariat: ANSI
Document Format — Adding support
Voting begins on:
2023-02-22 of AES-GCM in PDF 2.0
Voting terminates on:
Gestion de documents — Format de document portable — Ajout d'un
2023-04-19
support pour AES-GCM dans PDF 2.0
RECIPIENTS OF THIS DRAFT ARE INVITED TO
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS OF WHICH
THEY ARE AWARE AND TO PROVIDE SUPPOR TING
DOCUMENTATION.
IN ADDITION TO THEIR EVALUATION AS
Reference number
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO-
ISO/DTS 32003:2023(E)
LOGICAL, COMMERCIAL AND USER PURPOSES,
DRAFT INTERNATIONAL STANDARDS MAY ON
OCCASION HAVE TO BE CONSIDERED IN THE
LIGHT OF THEIR POTENTIAL TO BECOME STAN-
DARDS TO WHICH REFERENCE MAY BE MADE IN
NATIONAL REGULATIONS. © ISO 2023
---------------------- Page: 1 ----------------------
ISO/DTS 32003:2023(E)
FINAL
TECHNICAL ISO/DTS
DRAFT
SPECIFICATION 32003
ISO/TC 171/SC 2
Document management — Portable
Secretariat: ANSI
Document Format — Adding support
Voting begins on:
of AES-GCM in PDF 2.0
Voting terminates on:
Gestion de documents — Format de document portable — Ajout d'un
support pour AES-GCM dans PDF 2.0
COPYRIGHT PROTECTED DOCUMENT
© ISO 2023
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
RECIPIENTS OF THIS DRAFT ARE INVITED TO
ISO copyright office
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS OF WHICH
CP 401 • Ch. de Blandonnet 8
THEY ARE AWARE AND TO PROVIDE SUPPOR TING
CH-1214 Vernier, Geneva
DOCUMENTATION.
Phone: +41 22 749 01 11
IN ADDITION TO THEIR EVALUATION AS
Reference number
Email: copyright@iso.org
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO
ISO/DTS 32003:2023(E)
Website: www.iso.org
LOGICAL, COMMERCIAL AND USER PURPOSES,
DRAFT INTERNATIONAL STANDARDS MAY ON
Published in Switzerland
OCCASION HAVE TO BE CONSIDERED IN THE
LIGHT OF THEIR POTENTIAL TO BECOME STAN
DARDS TO WHICH REFERENCE MAY BE MADE IN
ii
© ISO 2023 – All rights reserved
NATIONAL REGULATIONS. © ISO 2023
---------------------- Page: 2 ----------------------
ISO/DTS 32003:2023(E)
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Extension schema details .2
5 Proposed Changes . 2
5.1 Encrypt Dictionary . 2
5.2 Encryption of data using AES-GCM in PDF objects . 3
Bibliography . 5
iii
© ISO 2023 – All rights reserved
---------------------- Page: 3 ----------------------
ISO/DTS 32003:2023(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and nongovernmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to
the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see
www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 171, Document management applications,
Subcommittee SC 2, Document file formats, EDMS systems and authenticity of information.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.
iv
© ISO 2023 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/DTS 32003:2023(E)
Introduction
The Galois/Counter Mode (GCM) is a block cipher mode of operation that was standardized for use with
the Advanced Encryption Standard (AES) by the US National Institute for Standards and Technology
(NIST). AES-GCM provides high-speed encryption and data integrity.
AES-GCM is an authenticated encryption algorithm: it provides confidentiality as well as ciphertext
authentication. The two cryptographic primitives supplied by AES-GCM are referred to as authenticated
encryption and authenticated decryption. The authenticated encryption function encrypts the
confidential data and computes an authentication tag on both the ciphertext and, optionally, an
additional authenticated data (AAD) payload. The authenticated decryption function decrypts the
confidential data, contingent on the verification of the tag. Each of these functions is relatively efficient
and able to be parallelized; consequently, high throughput implementations are possible in both
hardware and software. The AES-GCM algorithm supports cipher key of size 128-bits, 192-bits and
256bits. The block size is of 128 bits.
In PDF encryption, encryption is applied to individual streams and strings. Using AES-GCM therefore
authenticates all individual ciphertexts, but a separate mechanism is required to achieve document-
level integrity guarantees. One such mechanism is defined in ISO/TS 32004.
v
© ISO 2023 – All rights reserved
---------------------- Page: 5 ----------------------
TECHNICAL SPECIFICATION ISO/DTS 32003:2023(E)
Document management — Portable Document Format —
Adding support of AES-GCM in PDF 2.0
1 Scope
This document specifies how to extend the specification contained in ISO 32000-2 by adding extensions
to the Encrypt dictionary to support the Advanced Encryption Standard (AES) Galois/Counter Mode
(GCM) encryption algorithm.
These extensions are intended for developers of:
— software that creates PDF files (PDF writers);
— software that reads existing PDF file
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.