most of these attacks need that an attacker be able to modify encrypted PDF information. This includes a place to intercept the target's community visitors or possessing Bodily access to a storage method (like device inspections at an airport, accessing an personnel's workstation whilst he's away, and much more). seems like we need