How to Break PDF Security
294PDF is the most widely used standard for office documents. Supported by many desktop applications, email gateways and web services solutions, are used in all sectors, including government, business and private fields. For protecting sensitive information, PDFs can be encrypted and digitally signed. Assumed to be secure for 15 years, our talk reveals how to break PDF Encryption and how to break PDF Signatures. We elaborated novel attacks leading to critical vulnerabilities in all PDF viewers, most notably in Adobe, Foxit, and Okular. As a result, an attacker can retrieve the plaintext of encrypted PDFs without knowing the password and manipulate the content of digitally signed PDFs arbitrarily while a victim is unable to detect this.
The Portable Document Format (PDF) is the de-facto standard for document exchange worldwide. It is used to store sensitive information like contracts and health records. To protect this information PDF documents can be encrypted or digitally signed. Thus, confidentiality, authenticity, integrity, and non-repudiation can be achieved. In our research, we show that none of the PDF viewers achieve all of these goals by allowing an attacker to read encrypted content without the password or to stealthily modify the signed content.
We analyze the PDF encryption specification and show two novel techniques for breaking the confidentiality of encrypted documents. First, we abuse the PDF feature of partially encrypted documents to wrap the encrypted part of the document within attacker-controlled content and therefore, exfiltrate the plaintext once the document is opened by a legitimate user. Second, we abuse a flaw in the PDF encryption specification to arbitrarily manipulate encrypted content. The only requirement is that a single block of known plaintext is needed, and we show that this is fulfilled by design. Our attacks allow the recovery of the entire plaintext of encrypted documents by using exfiltration channels which are based on standard compliant PDF properties.
In addition, we present the first comprehensive security evaluation on digital signatures in PDFs. We introduce three novel attack classes which bypass the cryptographic protection of digitally signed PDF files allowing an attacker to spoof the content of a signed PDF. We analyzed 22 different PDF viewers and found 21 of them to be vulnerable, including prominent and widely used applications such as Adobe Reader DC and Foxit. We additionally evaluated eight online validation services and found six to be vulnerable.
*****
��: Learn to write clean code and build well-architected systems with audiobooks of the #1 bestselling programming series: https://www.cleancodeaudio.com/?utm_source=codingtech 4.6/5 stars, 4000+ reviews. Get 40% off all four with the code CODINGTECH
*****
Become a more effective Developer by using Kite!
Kite is a free AI-powered coding assistant that will help you code faster and smarter. The Kite plugin integrates with all the top editors and IDEs to give you smart completions and documentation while you’re typing. I've been using Kite for 6 months and I love it!
To learn more, click here: https://www.kite.com/get-kite/?utm_medium=referral&utm_source=youtube&utm_campaign=codingtech&utm_content=description-only
*****
PUBLICATION PERMISSIONS:
Original video was published with the Creative Commons Attribution license (reuse allowed). Link: https://www.youtube.com/watch?v=k8FIDGmmYvs