On the security of PDF Signatures
On the security of PDF Signatures
Excerpt: Assumed to be secure for 15 years, our talk reveals what could go wrong while a PDF document is being verified. We elaborated novel attacks leading to critical vulnerabilities in all PDF viewers, most notably in Adobe, Foxit, and LibreOffice. As a result, an attacker can manipulate the content of digitally signed PDFs arbitrarily while a victim is unable to detect this and even execute privileged code on the victim’s machine. In our presentation, we will give a systematized overview of the attac … Read moreAbout the presenter(s)
Vladislav Mladenov works as a security researcher at the Chair of Network and Data Security at the Ruhr University Bochum since 2012. In his dissertation he analyzed the security of … Read more
Please fill me!
Description
Assumed to be secure for 15 years, our talk reveals what could go wrong while a PDF document is being verified. We elaborated novel attacks leading to critical vulnerabilities in all PDF viewers, most notably in Adobe, Foxit, and LibreOffice. As a result, an attacker can manipulate the content of digitally signed PDFs arbitrarily while a victim is unable to detect this and even execute privileged code on the victim’s machine. In our presentation, we will give a systematized overview of the attacks we discovered in the recent years with respect to digital signatures[1,2,3]. We show different techniques to circumvent the integrity protection and to manipulate signed content without being noticed. All findings have been responsibly disclosed, and the affected vendors were supported during fixing the issues. Our research on PDF security is also available online at https://www.pdf-insecurity.org/.
Sources
- https://pdf-insecurity.org/download/paper-pdf-signatures-ccs2019.pdf
- https://pdf-insecurity.org/download/Shadow_Attacks__Hiding_and_Replacing_Content_in_Signed_PDFs.pdf
- https://pdf-insecurity.org/download/pdf-certification/paper.pdf