self-destruct in pdf file

[ghost]

Hi everyone.

Introduction

I would like to know everyone's opinion here and new comments for this (maybe important and interesting) question. I would like to know if it is possible to have the possibility to make the distribution of the access of the pdf files in a temporary way.

Initial problem

It is currently possible to enter a password in the pdf file, but if you share the password with someone, there is no guarantee that that person will not divulge the password to someone else or send an decrypted file to someone else.

Critical reflection on the problem or solution

• I think about the possible solution of using TOTP (Time-based One-Time Password) for these cases (phishing, spam, piracy or unlicensed content etc in pdf). For example, if there is a possibility of a TOTP in pdf, I could have access to the file for 1 month, after that, the pdf is useless - there is no way to read or open the pdf. Because keeping in mind that there will be a time for accessing the pdf file, because a TOTP is temporary, that is, it lasts for a certain time - these pdf files lose access and their usefulness.
• If the password is temporary, even if it is decrypted, the pdf file after a while becomes useless, because the content is not readable and accessible. The problem here at this point is that I don't know if it's possible to implement this. Also, I don't know if this would solve the general problem I propose to solve.

Possible solution

• This would be possible if the pdf file called some function or module of the current operating system to check the time in which it can be read, stored.
• A complementary measure would be or could be the digital signature of the pdf file. With these two measures integrated (digital signature and TOTP) perhaps the pdf is more secure for distribution to as many people as possible.

Possible implementation

PDF metadata is data about a PDF document. It provides additional information about a PDF document, including but not limited to, file name of the document, its title, date of creation, author, title, copyright information and what application was used to create the file. I think of generating an internal metadata for this, an TOTP metadata that serves to say how long the document is readable or not.

Algorithm

The pdf reader, when reading this internal metadata of the pdf file, checks if the current date is the same as the document, if the date is the same then the document is open and if the date is different then the document is not open.

Possible security breach

1. Someone might try to clear the pdf document metadata to try to open the pdf file.
2. Someone can internally change the computer or mobile date to try to open the pdf file.

possible solution to these security flaws

1. Someone can try to clean the pdf document metadata but this metadata cannot be changed or deleted like TOTP. Because "every pdf must have the metadata, if there is none, it is impossible to read the pdf file." - This rule must be thought of, to avoid any problem of reading in pdf in this case that I write here or to avoid this security breach.
2. This would usually be resolved with some pdf viewer or editor. You may need to check the date/time stamp on Windows or any operating system, so even if someone internally changes the computer/mobile date to open the pdf, it will not be possible - because there is a registry verification process where the date and time are added in some operating system with the unaltered registry date of the document as well. This ensures to some extent the integrity and reliability of the file.
3. Another way around issue 2 would be for the pdf file editor/viewer to have some built-in background service that automatically starts when the date and time is changed. In this way, there is control of the elapsed time and displacement of what was changed and what was not changed, that is, what can be consulted with the use/elapsed time of the operating system in relation to the unchanged record of the file in pdf.

Note

One note I would like to comment on is that even if the person changes the date and time of the operating system (windows, android, linux etc), even with that.... she would have to change this record forever, otherwise the file would be deleted or unread. Bear in mind that when the date/time is correct, the algorithm deletes the file or does not view the file.

Unless, if the person has another computer and moves the file there, in a kind of backup or something. Or, if it saves the files externally, that would be an impediment for this algorithm.

Another note I would like to comment on is that some PDF editors/viewers may count passwords. For example, after 3 wrong attempts to enter the password, the pdf file is deleted.

There are softwares like DRM(Digital rights management) that guarantee this feature that I requested here.

Reasons

1. My previous questions have a certain approximation to this final question.
2. I would be happy with some feedback on this final question. So Is it possible to have TOTP (Time-based One-Time Password) attached to the PDF?

[MatthiasValvekens]

Unfortunately, this idea fundamentally cannot work unless you have control over the viewer's machine. That's independent of the file format: if I can do the math on my machine to decrypt your file at time X on my machine, then there's nothing you can do to stop me from doing the same thing at time X + 1. You'd need some kind of TPM setup to pull this off.

So, unless you're working within a closed system where you have a large degree of control over hardware, software and people, any "self-destructing data" approach is dead in the water. If you do have such a closed system, I think you're better off looking into traditional data loss prevention tooling instead of trying to address the issue from within the PDF spec.

[ghost]

Hi MatthiasValvekens, thank you for feedback.