News Categories

Security researchers have uncovered major vulnerabilities in PDF encryption standards

By Wong Chung Wee - on 4 Oct 2019, 11:30am

Security researchers have uncovered major vulnerabilities in PDF encryption standards

Image source: Ruhr-University Bochum

Security researchers have uncovered security flaws in PDF encryption standards. They have dubbed their discovery as PDFex. An encrypted PDF file is meant to ensure confidentiality, and the key management workflow between the sender and recipient is either based on passwords or digital certificates.

Image source: Ruhr-University Bochum

Due to inherent vulnerabilities, an attacker is able to exfiltrate content from an encrypted PDF by manipulating the key management workflow. First of all, the attacker needs to get hold of the encrypted file. According to the researchers, there are two attacks that can be mounted, i.e., direct exfiltration and CBC gadget manipulation.

The first attack leverages on the “flexibility” of PDF encryption standards, which allow for certain objects to remain unencrypted. Once a victim unknowingly decrypts the compromised file, the sensitive data can be sent to the attackers via exfiltration channels embedded in the unencrypted objects of the PDF. These channels can include URLs to servers controlled the attacker, malicious JavaScripts, or a PDF form submission.

The second attack involves the use of CBC (Cipher Block Chaining) gadgets. According to the researchers, the two important preconditions are known plaintext segment and exfiltration channel that allows for PDF forms or insertion of hyperlinks. The attacker will make use of CBC gadgets to modify the encrypted content to send confidential data to the attacker after the PDF has been decrypted.

The researchers have summarized the root causes of this security vulnerability. First, the flexibility of PDF encryption standards allows for unencrypted objects to co-exist with encrypted content. This can potentially allow the attacker to manipulate the encrypted file to include nefarious, unencrypted objects that contain exfiltration channels. Second, the underlying encryption algorithm doesn’t offer integrity protection, and this security weakness will allow the attacker to manipulate the ciphertext.

The researchers then looked at 27 PDF applications supported on popular computing platforms, and all of them are susceptible to at least one attack. The full list of the applications can be found here. The immediate recommendation of the researchers to stop this vulnerability is the rectification of PDF specifications to stop the use of encryption methods without integrity protection.

The PDFex attack appears to be technically challenging to pull off as the researchers stated the attacker will need to gain network access of the sender and recipient of the encrypted file. The attacker also needs to access the encrypted file in order to compromise it, before sending it to the intended recipient.

Click here to read detailed findings of the researchers and they will present their report at the ACM CCS 2019 in London, United Kingdom in November.

Source: Ruhr-University Bochum via PrivSec Report

Join HWZ's Telegram channel here and catch all the latest tech news!
Our articles may contain affiliate links. If you buy through these links, we may earn a small commission.