Sign In

Communications of the ACM

ACM TechNews

PDFex Attack Can Exfiltrate Data from Encrypted PDF Files


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Representation of the PDFex attack.

German academics have developed an attack that can extract data from encrypted PDF files, in some cases without user involvement.

Credit: ZDnet

Researchers at Ruhr-University Bochum and Münster University in Germany have developed a new attack that can extract and steal data from encrypted Portable Document Format (PDF) files, sometimes without user interaction.

The attack, called PDFex, comes in two variations and was successfully tested against 27 desktop and web PDF viewers.

The attack targets the encryption schemes supported by the PDF standard, rather than the encryption applied to a PDF document by external software.

The first variation, called direct exfiltration, takes advantage of the fact that PDF apps do not encrypt the entirety of a PDF file, leaving some parts unencrypted.

The second variation targets the parts of a PDF file that are encrypted using CBC gadgets, which are pieces of code that run against encrypted content and modify the plaintext data at its source.

The researchers notified all affected PDF software makers; all have released updates to protect against PDFex attacks.

From ZDNet
View Full Article

 

Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA


 

No entries found