Sign In

Communications of the ACM

ACM TechNews

PDFex Attack Can Exfiltrate Data from Encrypted PDF Files

View as: Print Mobile App Share:
Representation of the PDFex attack.

German academics have developed an attack that can extract data from encrypted PDF files, in some cases without user involvement.

Credit: ZDnet

Researchers at Ruhr-University Bochum and Münster University in Germany have developed a new attack that can extract and steal data from encrypted Portable Document Format (PDF) files, sometimes without user interaction.

The attack, called PDFex, comes in two variations and was successfully tested against 27 desktop and web PDF viewers.

The attack targets the encryption schemes supported by the PDF standard, rather than the encryption applied to a PDF document by external software.

The first variation, called direct exfiltration, takes advantage of the fact that PDF apps do not encrypt the entirety of a PDF file, leaving some parts unencrypted.

The second variation targets the parts of a PDF file that are encrypted using CBC gadgets, which are pieces of code that run against encrypted content and modify the plaintext data at its source.

The researchers notified all affected PDF software makers; all have released updates to protect against PDFex attacks.

From ZDNet
View Full Article


Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA


No entries found