Practical Decryption exFiltration: Breaking PDF Encryption

  title={Practical Decryption exFiltration: Breaking PDF Encryption},
  author={Jens M{\"u}ller and Fabian Ising and Vladislav Mladenov and Christian Mainka and Sebastian Schinzel and J{\"o}rg Schwenk},
  journal={Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security},
The Portable Document Format, better known as PDF, is one of the most widely used document formats worldwide, and in order to ensure information confidentiality, this file format supports document encryption. In this paper, we analyze PDF encryption and show two novel techniques for breaking the confidentiality of encrypted documents. First, we abuse the PDF feature of partially encrypted documents to wrap the encrypted part of the document within attacker-controlled content and therefore… Expand
ACE in Chains: How Risky Is CBC Encryption of Binary Executable Files?
It is shown that, with a certain non-negligible probability, it is possible to manipulate the CBC-encrypted binary files so that the decryption result allows an arbitrary code execution (ACE), which is one of the most powerful exploits, even without the knowledge of plaintext binary. Expand
Breaking the Specification: PDF Certification
The Portable Document Format (PDF) is the de-facto standard for document exchange. The PDF specification defines two different types of digital signatures to guarantee the authenticity and integrityExpand
PDF-Malware: An Overview on Threats, Detection and Evasion Attacks
This work gives an overview on the PDF-malware detection problem, a perspective on the new challenges and emerging solutions, and proposes several analysis techniques to extract the main features that allow the discrimination of malware files from benign ones. Expand
Mitigation of Attacks on Email End-to-End Encryption
This work presents the first generic countermeasure against both REPLY and EFAIL-DE attacks by checking the decryption context including SMTP headers and MIME structure during decryption by seamlessly extends the EFAil-MG countermeasures. Expand
Accessible Formal Methods for Verified Parser Development
A language theoretic and developer-accessible approach to PDF parsing and validation using ACL2, a formal methods language and theorem prover, which uses Tower, the authors' modular metalanguage, to generate verified ACL2 functions and proofs and the equivalent C code to analyze semantic properties. Expand


1 Trillion Dollar Refund: How To Spoof PDF Signatures
This paper presents the first comprehensive security evaluation on digital signatures in PDFs, and introduces three novel attack classes which bypass the cryptographic protection of digitally signed PDF files allowing an attacker to spoof the content of a signed PDF. Expand
Hiding Malicious Content in PDF Documents
This paper is a proof-of-concept demonstration for a specific digital signatures vulnerability that shows the ineffectiveness of the WYSIWYS (What You See Is What You Sign) concept. The algorithm isExpand
How to break XML encryption
A practical attack on XML Encryption is described, which allows to decrypt a ciphertext by sending related ciphertexts to a Web Service and evaluating the server response, and shows that an adversary can decrypt a Ciphertext by performing only 14 requests per plaintext byte on average. Expand
On The (In-)Security Of JavaScript Object Signing And Encryption
This work introduces JOSEPH (JavaScript Object Signing and Encryption Pentesting Helper) -- the authors' newly developed Burp Suite extension, which automatically performs security analysis on targeted applications, and finds severe vulnerabilities in six popular JOSE libraries. Expand
Malicious URI resolving in PDF documents
  • V. Hamon
  • Computer Science
  • Journal of Computer Virology and Hacking Techniques
  • 2013
It’s shown that the simple use of an HTTP request from a PDF can be a pretty good vector for an attacker and how it can be relatively easy to reuse some vulnerabilities from outside the document. Expand
One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography
This work shows the less obvious fact that even if users have the best of intentions to use only the most upto-date, vulnerability-free version of a system, the mere existence of support for old versions can have a catastrophic effect on security. Expand
Dancing on the Lip of the Volcano: Chosen Ciphertext Attacks on Apple iMessage
This paper outlines a novel chosen ciphertext attack on Huffman compressed data, which allows retrospective decryption of some iMessage payloads in less than 218 queries and describes mitigations that will prevent these attacks on the protocol, without breaking backwards compatibility. Expand
Re: What's Up Johnny? - Covert Content Attacks on Email End-to-End Encryption
It is demonstrated how the attacker can unknowingly abuse the user as a decryption oracle by replying to an unsuspicious looking email, and the plaintext of hundreds of encrypted emails can be leaked at once. Expand
Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels
Novel attacks built upon a technique the authors call malleability gadgets to reveal the plaintext of encrypted emails are described, which use CBC/CFB gadgets to inject malicious plaintext snippets into encrypted emails. Expand
How to Break Microsoft Rights Management Services
A security analysis of Microsoft RMS is provided and two working attacks are presented that show that in contrast to claims made by Microsoft, Microsoft R MS can only be used to enforce all-or-nothing access. Expand