Publikation:

Practical Decryption exFiltration : Breaking PDF Encryption

Vorschaubild

Dateien

Zu diesem Dokument gibt es keine Dateien.

Datum

2019

Autor:innen

Müller, Jens
Ising, Fabian
Mainka, Christian
Schinzel, Sebastian
Schwenk, Jörg

Herausgeber:innen

Kontakt

ISSN der Zeitschrift

Electronic ISSN

ISBN

Bibliografische Daten

Verlag

Schriftenreihe

Auflagebezeichnung

URI (zitierfähiger Link)
DOI (zitierfähiger Link)
https://doi.org/10.1145/3319535.3354214
ArXiv-ID

Internationale Patentnummer

Angaben zur Forschungsförderung

Projekt

Open Access-Veröffentlichung

Sammlungen

Informatik und Informationswissenschaft: Publikationen
Core Facility der Universität Konstanz

Gesperrt bis

Titel in einer weiteren Sprache

Publikationstyp
Beitrag zu einem Konferenzband
Publikationsstatus
Published

Erschienen in

CCS ’19- Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. New York: Association for Computing Machinery, 2019, pp. 15-29. ISBN 978-1-4503-6747-9. Available under: doi: 10.1145/3319535.3354214

Zusammenfassung

The Portable Document Format, better known as PDF, is one of the most widely used document formats worldwide, and in order to ensure information confidentiality, this file format supports document encryption. In this paper, we analyze PDF encryption and show two novel techniques for breaking the confidentiality of encrypted documents. First, we abuse the PDF feature of partially encrypted documents to wrap the encrypted part of the document within attacker-controlled content and therefore, exfiltrate the plaintext once the document is opened by a legitimate user. Second, we abuse a flaw in the PDF encryption specification to arbitrarily manipulate encrypted content. The only requirement is that a single block of known plaintext is needed, and we show that this is fulfilled by design. Our attacks allow the recovery of the entire plaintext of encrypted documents by using exfiltration channels which are based on standard compliant PDF properties. We evaluated our attacks on 27 widely used PDF viewers and found all of them to be vulnerable. We responsibly disclosed the vulnerabilities and supported the vendors in fixing the issues.

Zusammenfassung in einer weiteren Sprache

Fachgebiet (DDC)
004 Informatik

Schlagwörter

Konferenz

The 26th ACM Conference on Computer and Communications Security, 11. Nov. 2019 - 15. Nov. 2019, London
Rezension
undefined / . - undefined, undefined

Forschungsvorhaben

Organisationseinheiten

Zeitschriftenheft

Zugehörige Datensätze in KOPS

Zitieren

ISO 690MÜLLER, Jens, Fabian ISING, Vladislav MLADENOV, Christian MAINKA, Sebastian SCHINZEL, Jörg SCHWENK, 2019. Practical Decryption exFiltration : Breaking PDF Encryption. The 26th ACM Conference on Computer and Communications Security. London, 11. Nov. 2019 - 15. Nov. 2019. In: CCS ’19- Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. New York: Association for Computing Machinery, 2019, pp. 15-29. ISBN 978-1-4503-6747-9. Available under: doi: 10.1145/3319535.3354214
BibTex
@inproceedings{Muller2019Pract-50112,
  year={2019},
  doi={10.1145/3319535.3354214},
  title={Practical Decryption exFiltration : Breaking PDF Encryption},
  isbn={978-1-4503-6747-9},
  publisher={Association for Computing Machinery},
  address={New York},
  booktitle={CCS ’19- Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security},
  pages={15--29},
  author={Müller, Jens and Ising, Fabian and Mladenov, Vladislav and Mainka, Christian and Schinzel, Sebastian and Schwenk, Jörg}
}
RDF
<rdf:RDF
    xmlns:dcterms="http://purl.org/dc/terms/"
    xmlns:dc="http://purl.org/dc/elements/1.1/"
    xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
    xmlns:bibo="http://purl.org/ontology/bibo/"
    xmlns:dspace="http://digital-repositories.org/ontologies/dspace/0.1.0#"
    xmlns:foaf="http://xmlns.com/foaf/0.1/"
    xmlns:void="http://rdfs.org/ns/void#"
    xmlns:xsd="http://www.w3.org/2001/XMLSchema#" > 
  <rdf:Description rdf:about="https://kops.uni-konstanz.de/server/rdf/resource/123456789/50112">
    <dc:rights>terms-of-use</dc:rights>
    <dc:creator>Müller, Jens</dc:creator>
    <dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/>
    <dc:contributor>Schinzel, Sebastian</dc:contributor>
    <dcterms:rights rdf:resource="https://rightsstatements.org/page/InC/1.0/"/>
    <dc:contributor>Mainka, Christian</dc:contributor>
    <dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/>
    <dcterms:abstract xml:lang="eng">The Portable Document Format, better known as PDF, is one of the most widely used document formats worldwide, and in order to ensure information confidentiality, this file format supports document encryption. In this paper, we analyze PDF encryption and show two novel techniques for breaking the confidentiality of encrypted documents. First, we abuse the PDF feature of partially encrypted documents to wrap the encrypted part of the document within attacker-controlled content and therefore, exfiltrate the plaintext once the document is opened by a legitimate user. Second, we abuse a flaw in the PDF encryption specification to arbitrarily manipulate encrypted content. The only requirement is that a single block of known plaintext is needed, and we show that this is fulfilled by design. Our attacks allow the recovery of the entire plaintext of encrypted documents by using exfiltration channels which are based on standard compliant PDF properties. We evaluated our attacks on 27 widely used PDF viewers and found all of them to be vulnerable. We responsibly disclosed the vulnerabilities and supported the vendors in fixing the issues.</dcterms:abstract>
    <dc:contributor>Mladenov, Vladislav</dc:contributor>
    <dcterms:available rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2020-07-03T07:47:00Z</dcterms:available>
    <dc:contributor>Ising, Fabian</dc:contributor>
    <dc:creator>Mladenov, Vladislav</dc:creator>
    <dcterms:title>Practical Decryption exFiltration : Breaking PDF Encryption</dcterms:title>
    <foaf:homepage rdf:resource="http://localhost:8080/"/>
    <dc:language>eng</dc:language>
    <dc:creator>Mainka, Christian</dc:creator>
    <dc:contributor>Schwenk, Jörg</dc:contributor>
    <dc:date rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2020-07-03T07:47:00Z</dc:date>
    <dc:contributor>Müller, Jens</dc:contributor>
    <void:sparqlEndpoint rdf:resource="http://localhost/fuseki/dspace/sparql"/>
    <bibo:uri rdf:resource="https://kops.uni-konstanz.de/handle/123456789/50112"/>
    <dc:creator>Ising, Fabian</dc:creator>
    <dcterms:issued>2019</dcterms:issued>
    <dc:creator>Schinzel, Sebastian</dc:creator>
    <dc:creator>Schwenk, Jörg</dc:creator>
  </rdf:Description>
</rdf:RDF>

Interner Vermerk

xmlui.Submission.submit.DescribeStep.inputForms.label.kops_note_fromSubmitter

Kontakt
URL der Originalveröffentl.

Prüfdatum der URL

Prüfungsdatum der Dissertation

Finanzierungsart

Kommentar zur Publikation

Allianzlizenz
Corresponding Authors der Uni Konstanz vorhanden
Internationale Co-Autor:innen
Universitätsbibliographie
Ja
Begutachtet
Diese Publikation teilen