Information Technology Security weaknesses in PDF encryption
Encryption is supposed to protect confidential documents such as medical records or industrial correspondence. Attackers can, however, leak the content of encrypted documents.
Encrypted PDF documents are meant to enable confidential transmission of data. Researchers from Ruhr-Universität Bochum and FH Münster University of Applied Sciences have however demonstrated that attackers are able to manipulate encrypted PDF documents in such a way that they exfiltrate their own content to an attacker’s server, once opened by a legitimate user. The IT experts tested 27 popular PDF readers for Windows, mac OS and Linux, all of which were vulnerable, including commonly used applications such as Adobe Acrobat and Foxit. They published their findings on 30 September 2019 online.
Responsible disclosure of vulnerabilities
Due to the large number of affected vendors, the researchers reported the security weaknesses to the Computer Emergency Response Team (CERT) at the German Federal Office for Information Security in May 2019. The group headed by Professor Jörg Schwenk from Horst Görtz Institute for IT Security in Bochum, together with Fabian Ising and Professor Sebastian Schinzel from Institut für Gesellschaft und Digitales at FH Münster University of Applied Sciences, assisted in mitigating the vulnerabilities.
PDF encryption is deployed in many areas to securely exchange confidential information via the Internet. Various medical IT systems and devices are capable, for example, of encrypting and transferring medical records as PDF files. Network printers and scanners also provide PDF encryption to protect scanned documents. In business environments, emails are sometimes sent as encrypted PDF documents when other encryption methods are not available.
Decrypted content leaked to the attacker
For their study, the researchers assumed that the attacker gains access to an encrypted PDF document, for example by intercepting an email sent to the victim. Even without the password to decrypt the document, the attacker can manipulate the file and hide actions for later execution. He then forwards the manipulated encrypted PDF document to the victim. Once the victim enters the password and opens the document, the hidden action is performed and the decrypted content is automatically sent to the attacker.
Two classes of security vulnerabilities
Two different vulnerabilities – namely direct exfiltration and CBC gadgets – enable the researchers to perform attacks of this kind. All tested PDF applications were vulnerable to at least one of the two security weaknesses. The researchers provide an overview of the affected applications on their website, technical details on the attacks are available on the website as well.
The researchers recommend that institutions and end-users which rely on PDF encryption should check whether they use an affected version. If so, they should install software updates, if available, or contact their vendor.