Researchers have developed a brand new method that enables attackers to extract contents of a password-protected or encrypted PDF file underneath particular circumstances.
In a paper — titled “Practical Decryption exFiltration: Breaking PDF Encryption” — German lecturers from Ruhr-College Bochum and Münster College of Utilized Sciences disclosed two totally different variations of the assault that left over 23 extensively used PDF viewers, together with Adobe Acrobat Reader, Evince, and Chrome and Firefox’s built-in PDF viewers, weak.
Referred to as PDFex, the assault exploits safety weaknesses in the usual encryption safety constructed into the Moveable Doc Format, also referred to as PDF.
The tactic doesn’t try to crack the password of an encrypted PDF doc. It relatively works by profiting from partial encryption supported natively by the PDF specification to remotely exfiltrate content material as soon as a consumer opens that doc.
“Even with out realizing the corresponding password, the attacker possessing an encrypted PDF file can manipulate components of it,” the researchers said. “Extra exactly, the PDF specification permits the blending of ciphertexts with plaintexts. Together with additional PDF options which permit the loading of exterior assets by way of HTTP, the attacker can run direct exfiltration assaults as soon as a sufferer opens the file.”
— Sebastian Schinzel (@seecurity) September 30, 2019
Extra worryingly, the direct exfiltration achieved by tampering the unencrypted plaintext information through PDF kinds doesn’t even require any kind of consumer interplay.
The second variation of the assault does one thing related, however in contrast to the aforementioned technique, it makes use of solely utilizing the encrypted bits of the PDF file. It makes use of Cipher Block Chaining (CBC) mode of encrypting blocks of plaintext to transform a piece of ciphertext into another ciphertext, a property in cryptography referred to as malleability.
CBC mode employs a chaining mechanism to encrypt information, which implies that encryption of every plaintext block relies upon on the instantly previous ciphertext block. In consequence, it’s essential to know a “plaintext phase” with the intention to straight manipulate an encrypted object, the researchers famous.
The lecturers have responsibly disclosed their findings to all affected distributors and in addition launched proof-of-concept exploits for PDFex assaults to the general public.
“Many information codecs enable to encrypt solely components of the content material (e.g., XML, S/MIME, PDF),” the staff stated. “This encryption flexibility is troublesome to deal with and permits an attacker to incorporate their very own content material, which may result in exfiltration channels.”
To mitigate the assault, the researchers recommend dropping help for partially encrypted PDF recordsdata, or imposing a coverage the place unencrypted objects should not allowed to entry encrypted content material.
“Within the long run, the PDF 2.x specification ought to drop help for combined content material altogether,” they concluded, including the plethora of PDF options, in addition to the flexibleness of the format, makes it vulnerable to plaintext exfiltration assaults.