Name
Abstract | ||
|---|---|---|
The Portable Document Format, better known as PDF, is one of the most widely used document formats worldwide, and in order to ensure information confidentiality, this file format supports document encryption. In this paper, we analyze PDF encryption and show two novel techniques for breaking the confidentiality of encrypted documents. First, we abuse the PDF feature of partially encrypted documents to wrap the encrypted part of the document within attacker-controlled content and therefore, exfiltrate the plaintext once the document is opened by a legitimate user. Second, we abuse a flaw in the PDF encryption specification to arbitrarily manipulate encrypted content. The only requirement is that a single block of known plaintext is needed, and we show that this is fulfilled by design. Our attacks allow the recovery of the entire plaintext of encrypted documents by using exfiltration channels which are based on standard compliant PDF properties. We evaluated our attacks on 27 widely used PDF viewers and found all of them to be vulnerable. We responsibly disclosed the vulnerabilities and supported the vendors in fixing the issues.
|
Year | DOI | Venue |
|---|---|---|
2019 | 10.1145/3319535.3354214 | Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security |
Keywords | Field | DocType |
CBC gadgets, CBC malleability, PDF, direct exfiltration, encryption | Computer security,Computer science,Encryption | Conference |
ISBN | Citations | PageRank |
978-1-4503-6747-9 | 1 | 0.37 |
References | Authors | |
0 | 6 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Jens Muller | 1 | 7 | 2.94 |
| Fabian Ising | 2 | 1 | 2.40 |
| Vladislav Mladenov | 3 | 27 | 9.22 |
| christian mainka | 4 | 66 | 10.80 |
| Sebastian Schinzel | 5 | 105 | 10.80 |
| Jörg Schwenk | 6 | 899 | 88.54 |