Practical Decryption exFiltration: Breaking PDF Encryption Jens Müller Fabian Ising Vladislav Mladenov
[email protected] [email protected] [email protected] Ruhr University Bochum, Chair for Münster University of Applied Ruhr University Bochum, Chair for Network and Data Security Sciences Network and Data Security Christian Mainka Sebastian Schinzel Jörg Schwenk
[email protected] [email protected] [email protected] Ruhr University Bochum, Chair for Münster University of Applied Ruhr University Bochum, Chair for Network and Data Security Sciences Network and Data Security ABSTRACT Home/Trusted Environment The Portable Document Format, better known as PDF, is one of the Decrypted Document 1. Victim opens 2. Exfiltrating Tax Declaration decrypted content most widely used document formats worldwide, and in order to en- an encrypted PDF file Scrooge McDuck with their password via the Internet sure information confidentiality, this file format supports document TOP SECRET Victim encryption. In this paper, we analyze PDF encryption and show Attacker two novel techniques for breaking the confidentiality of encrypted Victim’s PC documents. First, we abuse the PDF feature of partially encrypted documents to wrap the encrypted part of the document within Figure 1: An overview of the attack scenario: The victim attacker-controlled content and therefore, exfiltrate the plaintext opens an encrypted PDF document and unintentionally once the document is opened by a legitimate user. Second, we abuse leaks the decrypted content to an attacker-controlled server. a flaw in the PDF encryption specification to arbitrarily manipulate The encrypted PDF file was manipulated by the attacker be- encrypted content.