Overview
Explore the vulnerabilities in PDF encryption through this 35-minute conference talk from WAC 2020. Delve into the Portable Document Format, examining who uses PDF encryption and the attacker model. Gain insights into PDF encryption fundamentals and discover gaps in its security. Learn about various exfiltration techniques, including simple content overlay, direct exfiltration through PDF forms, hyperlinks, and JavaScript. Investigate malleability gadgets, known plaintext attacks, and their impact on PDF signatures. Understand the importance of closing backchannel vulnerabilities and consider short-term mitigation strategies. Conclude with a comprehensive overview of practical decryption exfiltration methods for breaking PDF encryption.
Syllabus
Intro
PDFex
Overview
Portable Document Format
Who uses PDF Encryption?
Attacker Model
PDF Encryption in a Nutshell
Gaps in PDF Encryption
Simple Content Overlay
Direct Exfiltration through PDF Forms
Direct Exfiltration via Hyperlinks
Direct Exfiltration with JavaScript
Malleability Gadgets
Prerequisites
Known Plaintext
Gadget Attacks
PDF Signatures
Closing Backchannels
Short Term Mitigation
Conclusion
Taught by
TheIACR