rust·pdf Get a license

Concept · Encryption

What is AES-256,
and how does PDF encryption work?

Encryption scrambles a document so that only someone with the right password or key can read it. AES-256 is the strongest common form of that lock, the same standard governments and banks use. This guide explains it in plain language, with analogies and examples.

Encrypt a PDF with rust-pdf Compare the ciphers

The simplest analogy: a bank vault

A vault turns a pile of valuables into a sealed steel box. Anyone can see the box, move it, even own it, but without the combination it is just metal. Encryption does the same to a document: it turns readable content into scrambled bytes that are useless without the key.

What makes AES-256 a good vault is the size of the lock. A 256-bit key has more possible combinations than there are atoms in the observable universe. You cannot guess it, and you cannot try them all. The document is safe not because the box is hidden, but because the lock is mathematically out of reach.

How encryption works, in three steps

The readable content (plaintext) is transformed by the AES algorithm using a key derived from your password. The result (ciphertext) can only be turned back with that same key.

Plaintext

Your readable document.

AES-256 + key

The algorithm scrambles it with your key.

Ciphertext

Unreadable 8f3a c1d9… without the key.

rust-pdf derives the file key and generates every salt and initialization vector from the operating system CSPRNG, so each encrypted file is unique.

2256 keys
That is about 1.1 × 1077 possible keys: more than the number of atoms in the observable universe. Brute-forcing one, with every computer on Earth running for the age of the universe, would not come close.

RC4 vs AES-128 vs AES-256

PDF has supported several ciphers over the years. Only the modern ones are safe; AES-256 is the recommended default.

RC4 Legacy · broken
AES-128 Strong
AES-256 Recommended

User password vs owner password

PDF encryption supports two roles. You can set either, or both.

User password

Required to open the document at all. Without it, the file cannot be read. Use it for confidential documents.

Owner password

Leaves the document openable but restricts actions through permissions: printing, copying text or editing. Set read-only with one flag.

A note on archiving: PDF/A forbids encryption, because an archive must open without a password far in the future. Encryption and archiving are opposite goals, so keep them as separate steps.

How to encrypt a PDF with rust-pdf

Load a document, set the passwords and cipher, and save. AES-256 (V5/R6) uses OS-CSPRNG keys and IVs, validated by qpdf for both user and owner passwords. 

# pip install rustpdf
from rustpdf import EditableDoc, Encryption

with EditableDoc.load_file("in.pdf") as ed:
    ed.encrypt(user="", owner="owner-secret",
               method=Encryption.AES256, read_only=True)
    ed.save("secured.pdf")     # AES-256 (V5/R6), unique keys per file
// dotnet add package RustPdf
using RustPdf;

using var ed = EditableDoc.Load(bytes);
ed.Encrypt(user: "", owner: "owner-secret",
           method: Encryption.Aes256, readOnly: true);
ed.Save("secured.pdf");
// go get github.com/rustpdf/rustpdf-go@latest
ed, _ := rustpdf.Load("in.pdf")
defer ed.Close()
ed.Encrypt(rustpdf.Encrypt{
    Owner:    "owner-secret",
    Method:   rustpdf.AES256,
    ReadOnly: true,
})
ed.Save("secured.pdf")
// npm install rustpdf
const { EditableDoc, Encryption } = require("rustpdf");

const ed = EditableDoc.load(bytes);
ed.encrypt({ owner: "owner-secret", method: Encryption.AES256, readOnly: true });
ed.save("secured.pdf");
Encryption validated by: qpdf

RC4 and AES-128 are available for compatibility; details in the documentation.

AES-256 FAQ

What is AES-256?

AES-256 is the Advanced Encryption Standard using a 256-bit key. AES is the worldwide standard for symmetric encryption, adopted by governments and banks, and 256-bit is its strongest common key size. For PDF it is used in the modern V5/R6 security handler. Encrypting with AES-256 scrambles the document so that only someone with the correct password or key can read it.

Why is a 256-bit key considered unbreakable?

A 256-bit key has 2 to the power of 256 possible values, about 1.1 times 10 to the 77th power. That is more combinations than there are atoms in the observable universe. Trying every key by brute force, even with all the computers on Earth running for the age of the universe, would not get close. There is no known practical attack on correctly used AES-256, which is why it is trusted for top-secret data.

What is the difference between a user password and an owner password?

A user password is required to open and read the document at all. An owner password leaves the document openable but restricts what can be done with it, such as printing, copying text or editing, through permission flags. You can set either or both. With rust-pdf you pass user and owner passwords and an optional read-only flag.

Is RC4 or AES-128 still safe for PDF?

RC4 is legacy and considered broken, so it should not be used for new documents. AES-128 is still strong. AES-256 is the recommended choice today and is what rust-pdf uses by default. rust-pdf can read and write RC4, AES-128 and AES-256, but AES-256 with the V5/R6 handler is the safest option.

Can a PDF be both encrypted and PDF/A?

No. PDF/A forbids encryption, because an archived document must remain openable far into the future without a password or key. Encryption and archiving are opposite goals: encryption restricts access now, archiving guarantees access later. If you need both confidentiality in transit and an archival copy, keep them as separate steps. See what PDF/A is for the archiving side.

Encrypt PDFs in your language

One core, the same AES-256 encryption across nine languages. Encryption is part of the Pro and Enterprise licenses.

Read the docs View pricing & licensing
What is PDF/A? What is PAdES? What is PDF/UA? All languages