Research on better-than-brute-force attacks on PDF cryptography

[Florian Weimer <fweimer () redhat com>]

I've looked at a PDF implementation, compared it against the 
specification (including Adobe's supplement covering AES-256), and 
unless I'm missing something, there are a few odd things there.

Does anyone know if there's published research into this topic?  I could 
only find indications that the specification does not adequately defend 
against brute-force password guessing.  Which is probably true, but not 
exactly my concern.

--
Florian Weimer / Red Hat Product Security Team