Practical Decryption Exfiltration: Breaking PDF Encryption

Overview

Explore the vulnerabilities in PDF encryption through this 35-minute conference talk from WAC 2020. Delve into the Portable Document Format, examining who uses PDF encryption and the attacker model. Gain insights into PDF encryption fundamentals and discover gaps in its security. Learn about various exfiltration techniques, including simple content overlay, direct exfiltration through PDF forms, hyperlinks, and JavaScript. Investigate malleability gadgets, known plaintext attacks, and their impact on PDF signatures. Understand the importance of closing backchannel vulnerabilities and consider short-term mitigation strategies. Conclude with a comprehensive overview of practical decryption exfiltration methods for breaking PDF encryption.

Syllabus

Intro
PDFex
Overview
Portable Document Format
Who uses PDF Encryption?
Attacker Model
PDF Encryption in a Nutshell
Gaps in PDF Encryption
Simple Content Overlay
Direct Exfiltration through PDF Forms
Direct Exfiltration via Hyperlinks
Direct Exfiltration with JavaScript
Malleability Gadgets
Prerequisites
Known Plaintext
Gadget Attacks
PDF Signatures
Closing Backchannels
Short Term Mitigation
Conclusion

Taught by

TheIACR

Reviews

Start your review of Practical Decryption Exfiltration: Breaking PDF Encryption

Coursera Cuts Jobs Despite $100M Revenue Milestone

Most common

Popular subjects

Popular courses

Practical Decryption Exfiltration: Breaking PDF Encryption

Overview

Syllabus

Taught by

Reviews

Coursera Cuts Jobs Despite $100M Revenue Milestone

Taught by

How to Break PDF Encryption

Efail - Breaking S-MIME and OpenPGP Email Encryption Using Exfiltration Channels

100+ Free Courses to Learn JavaScript, React, Node

10 Best JavaScript Courses for 2024: Create Interactive Websites

Never Stop Learning.