Practical Decryption exFiltration: Breaking PDF Encryption

  • The Portable Document Format, better known as PDF, is one of themost widely used document formats worldwide, and in order to en-sure information confidentiality, this file format supports documentencryption. In this paper, we analyze PDF encryption and showtwo novel techniques for breaking the confidentiality of encrypteddocuments. First, we abuse the PDF feature ofpartially encrypteddocuments to wrap the encrypted part of the document withinattacker-controlled content and therefore, exfiltrate the plaintextonce the document is opened by a legitimate user. Second, we abusea flaw in the PDF encryption specification to arbitrarily manipulateencrypted content. The only requirement is that a single block ofknown plaintext is needed, and we show that this is fulfilled bydesign. Our attacks allow the recovery of the entire plaintext of en-crypted documents by using exfiltration channels which are basedon standard compliant PDF properties.We evaluated our attacks on 27 widely used PDF viewers andfound all of them to be vulnerable. We responsibly disclosed thevulnerabilities and supported the vendors in fixing the issue

Export metadata

Additional Services

Metadaten
Author:Jens Müller, Fabian Ising, Vladislav Mldadenov, Christian Mainka, Sebastian Schinzel, Jörg Schwenk
URL:https://pdf-insecurity.org/download/paper-pdf_encryption-ccs2019.pdf
DOI:https://doi.org/10.1145/3319535.3354214
Parent Title (English):The 26th ACM Conference on Computer and Communications, Security (CCS 2019), London, United Kingdom
Document Type:Conference Proceeding
Language:English
Date of Publication (online):2019/10/01
Year of first Publication:2019
Publishing Institution:Fachhochschule Münster - University of Applied Sciences
Release Date:2019/10/01
Faculties:Elektrotechnik und Informatik (ETI)
Publication list:Schinzel, Sebastian
Licence (German):License LogoBibliographische Daten