TY  - CHAP
A1  - Müller, Jens
A1  - Ising, Fabian
A1  - Mldadenov, Vladislav
A1  - Mainka, Christian
A1  - Schinzel, Sebastian
A1  - Schwenk, Jörg
T1  - Practical Decryption exFiltration: Breaking PDF Encryption
T2  - The 26th ACM Conference on Computer and Communications, Security (CCS 2019), London, United Kingdom
N2  - The Portable Document Format, better known as PDF, is one of themost widely used document formats worldwide, and in order to en-sure information confidentiality, this file format supports documentencryption. In this paper, we analyze PDF encryption and showtwo novel techniques for breaking the confidentiality of encrypteddocuments. First, we abuse the PDF feature ofpartially encrypteddocuments to wrap the encrypted part of the document withinattacker-controlled content and therefore, exfiltrate the plaintextonce the document is opened by a legitimate user. Second, we abusea flaw in the PDF encryption specification to arbitrarily manipulateencrypted content. The only requirement is that a single block ofknown plaintext is needed, and we show that this is fulfilled bydesign. Our attacks allow the recovery of the entire plaintext of en-crypted documents by using exfiltration channels which are basedon standard compliant PDF properties.We evaluated our attacks on 27 widely used PDF viewers andfound all of them to be vulnerable. We responsibly disclosed thevulnerabilities and supported the vendors in fixing the issue
Y1  - 2019
UR  - https://pdf-insecurity.org/download/paper-pdf_encryption-ccs2019.pdf
U6  - http://dx.doi.org/10.1145/3319535.3354214
ER  - 
TY  - CHAP
A1  - Müller, Jens
A1  - Ising, Fabian
A1  - Mla­de­nov, Vla­dis­lav
A1  - Mainka, Chris­ti­an
A1  - Schinzel, Sebastian
A1  - Schwenk, Jörg
T1  - Of­fice Do­cu­ment Se­cu­ri­ty and Pri­va­cy
T2  - 14th USE­NIX Work­shop on Of­fen­si­ve Tech­no­lo­gies (WOOT 2020)
N2  - OOXML and ODF are the de facto standard data formats for word processing, spreadsheets, and presentations. Both are XML-based, feature-rich container formats dating back to the early 2000s. In this work, we present a systematic analysis of the capabilities of malicious office documents. Instead of focusing on implementation bugs, we abuse legitimate features of the OOXML and ODF specifications. We categorize our attacks into five classes: (1) Denial-of-Service attacks affecting the host on which the document is processed. (2) Invasion of privacy attacks that track the usage of the document. (3) Information disclosure attacks exfiltrating personal data out of the victim's computer. (4) Data manipulation on the victim's system. (5) Code execution on the victim's machine. We evaluated the reference implementations – Microsoft Office and LibreOffice – and found both of them to be vulnerable to each tested class of attacks. Finally, we propose mitigation strategies to counter these attacks.
KW  - Cyber Security
KW  - Open Document Format
KW  - docx
Y1  - 2020
UR  - https://www.usenix.org/conference/woot20/presentation/muller
PB  - USENIX
ER  -