Practical Decryption exFiltration : Breaking PDF Encryption
| dc.contributor.author | Müller, Jens | |
| dc.contributor.author | Ising, Fabian | |
| dc.contributor.author | Mladenov, Vladislav | |
| dc.contributor.author | Mainka, Christian | |
| dc.contributor.author | Schinzel, Sebastian | |
| dc.contributor.author | Schwenk, Jörg | |
| dc.date.accessioned | 2020-07-03T07:47:00Z | |
| dc.date.available | 2020-07-03T07:47:00Z | |
| dc.date.issued | 2019 | eng |
| dc.description.abstract | The Portable Document Format, better known as PDF, is one of the most widely used document formats worldwide, and in order to ensure information confidentiality, this file format supports document encryption. In this paper, we analyze PDF encryption and show two novel techniques for breaking the confidentiality of encrypted documents. First, we abuse the PDF feature of partially encrypted documents to wrap the encrypted part of the document within attacker-controlled content and therefore, exfiltrate the plaintext once the document is opened by a legitimate user. Second, we abuse a flaw in the PDF encryption specification to arbitrarily manipulate encrypted content. The only requirement is that a single block of known plaintext is needed, and we show that this is fulfilled by design. Our attacks allow the recovery of the entire plaintext of encrypted documents by using exfiltration channels which are based on standard compliant PDF properties. We evaluated our attacks on 27 widely used PDF viewers and found all of them to be vulnerable. We responsibly disclosed the vulnerabilities and supported the vendors in fixing the issues. | eng |
| dc.description.version | published | eng |
| dc.identifier.doi | 10.1145/3319535.3354214 | eng |
| dc.identifier.uri | https://kops.uni-konstanz.de/handle/123456789/50112 | |
| dc.language.iso | eng | eng |
| dc.rights | terms-of-use | |
| dc.rights.uri | https://rightsstatements.org/page/InC/1.0/ | |
| dc.subject.ddc | 004 | eng |
| dc.title | Practical Decryption exFiltration : Breaking PDF Encryption | eng |
| dc.type | INPROCEEDINGS | eng |
| dspace.entity.type | Publication | |
| kops.citation.bibtex | @inproceedings{Muller2019Pract-50112,
year={2019},
doi={10.1145/3319535.3354214},
title={Practical Decryption exFiltration : Breaking PDF Encryption},
isbn={978-1-4503-6747-9},
publisher={Association for Computing Machinery},
address={New York},
booktitle={CCS ’19- Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security},
pages={15--29},
author={Müller, Jens and Ising, Fabian and Mladenov, Vladislav and Mainka, Christian and Schinzel, Sebastian and Schwenk, Jörg}
} | |
| kops.citation.iso690 | MÜLLER, Jens, Fabian ISING, Vladislav MLADENOV, Christian MAINKA, Sebastian SCHINZEL, Jörg SCHWENK, 2019. Practical Decryption exFiltration : Breaking PDF Encryption. The 26th ACM Conference on Computer and Communications Security. London, 11. Nov. 2019 - 15. Nov. 2019. In: CCS ’19- Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. New York: Association for Computing Machinery, 2019, pp. 15-29. ISBN 978-1-4503-6747-9. Available under: doi: 10.1145/3319535.3354214 | deu |
| kops.citation.iso690 | MÜLLER, Jens, Fabian ISING, Vladislav MLADENOV, Christian MAINKA, Sebastian SCHINZEL, Jörg SCHWENK, 2019. Practical Decryption exFiltration : Breaking PDF Encryption. The 26th ACM Conference on Computer and Communications Security. London, Nov 11, 2019 - Nov 15, 2019. In: CCS ’19- Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. New York: Association for Computing Machinery, 2019, pp. 15-29. ISBN 978-1-4503-6747-9. Available under: doi: 10.1145/3319535.3354214 | eng |
| kops.citation.rdf | <rdf:RDF
xmlns:dcterms="http://purl.org/dc/terms/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:bibo="http://purl.org/ontology/bibo/"
xmlns:dspace="http://digital-repositories.org/ontologies/dspace/0.1.0#"
xmlns:foaf="http://xmlns.com/foaf/0.1/"
xmlns:void="http://rdfs.org/ns/void#"
xmlns:xsd="http://www.w3.org/2001/XMLSchema#" >
<rdf:Description rdf:about="https://kops.uni-konstanz.de/server/rdf/resource/123456789/50112">
<dc:rights>terms-of-use</dc:rights>
<dc:creator>Müller, Jens</dc:creator>
<dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/>
<dc:contributor>Schinzel, Sebastian</dc:contributor>
<dcterms:rights rdf:resource="https://rightsstatements.org/page/InC/1.0/"/>
<dc:contributor>Mainka, Christian</dc:contributor>
<dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/>
<dcterms:abstract xml:lang="eng">The Portable Document Format, better known as PDF, is one of the most widely used document formats worldwide, and in order to ensure information confidentiality, this file format supports document encryption. In this paper, we analyze PDF encryption and show two novel techniques for breaking the confidentiality of encrypted documents. First, we abuse the PDF feature of partially encrypted documents to wrap the encrypted part of the document within attacker-controlled content and therefore, exfiltrate the plaintext once the document is opened by a legitimate user. Second, we abuse a flaw in the PDF encryption specification to arbitrarily manipulate encrypted content. The only requirement is that a single block of known plaintext is needed, and we show that this is fulfilled by design. Our attacks allow the recovery of the entire plaintext of encrypted documents by using exfiltration channels which are based on standard compliant PDF properties. We evaluated our attacks on 27 widely used PDF viewers and found all of them to be vulnerable. We responsibly disclosed the vulnerabilities and supported the vendors in fixing the issues.</dcterms:abstract>
<dc:contributor>Mladenov, Vladislav</dc:contributor>
<dcterms:available rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2020-07-03T07:47:00Z</dcterms:available>
<dc:contributor>Ising, Fabian</dc:contributor>
<dc:creator>Mladenov, Vladislav</dc:creator>
<dcterms:title>Practical Decryption exFiltration : Breaking PDF Encryption</dcterms:title>
<foaf:homepage rdf:resource="http://localhost:8080/"/>
<dc:language>eng</dc:language>
<dc:creator>Mainka, Christian</dc:creator>
<dc:contributor>Schwenk, Jörg</dc:contributor>
<dc:date rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2020-07-03T07:47:00Z</dc:date>
<dc:contributor>Müller, Jens</dc:contributor>
<void:sparqlEndpoint rdf:resource="http://localhost/fuseki/dspace/sparql"/>
<bibo:uri rdf:resource="https://kops.uni-konstanz.de/handle/123456789/50112"/>
<dc:creator>Ising, Fabian</dc:creator>
<dcterms:issued>2019</dcterms:issued>
<dc:creator>Schinzel, Sebastian</dc:creator>
<dc:creator>Schwenk, Jörg</dc:creator>
</rdf:Description>
</rdf:RDF> | |
| kops.conferencefield | The 26th ACM Conference on Computer and Communications Security, 11. Nov. 2019 - 15. Nov. 2019, London | deu |
| kops.date.conferenceEnd | 2019-11-15 | eng |
| kops.date.conferenceStart | 2019-11-11 | eng |
| kops.flag.knbibliography | true | |
| kops.location.conference | London | eng |
| kops.sourcefield | <i>CCS ’19- Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security</i>. New York: Association for Computing Machinery, 2019, pp. 15-29. ISBN 978-1-4503-6747-9. Available under: doi: 10.1145/3319535.3354214 | deu |
| kops.sourcefield.plain | CCS ’19- Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. New York: Association for Computing Machinery, 2019, pp. 15-29. ISBN 978-1-4503-6747-9. Available under: doi: 10.1145/3319535.3354214 | deu |
| kops.sourcefield.plain | CCS ’19- Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. New York: Association for Computing Machinery, 2019, pp. 15-29. ISBN 978-1-4503-6747-9. Available under: doi: 10.1145/3319535.3354214 | eng |
| kops.title.conference | The 26th ACM Conference on Computer and Communications Security | eng |
| relation.isAuthorOfPublication | f51f2f1b-28fd-41bd-a301-79abe5cdfb86 | |
| relation.isAuthorOfPublication.latestForDiscovery | f51f2f1b-28fd-41bd-a301-79abe5cdfb86 | |
| source.bibliographicInfo.fromPage | 15 | eng |
| source.bibliographicInfo.toPage | 29 | eng |
| source.identifier.isbn | 978-1-4503-6747-9 | eng |
| source.publisher | Association for Computing Machinery | eng |
| source.publisher.location | New York | eng |
| source.title | CCS ’19- Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security | eng |