What’s your PDF password?
Turns out, it doesn’t matter.
Curtains have been lifted from a newfound vulnerability in PDF encryption. Being named PDFex, this attack can literally make fun of your so called password protected documents and have its way with them. We suggest that you read this thing to the end if you use encrypted PDFs or deal in one.
What’s this attack again?
The PDFex. Due to loopholes in the cryptography, anyone can exfiltrate (see/copy/modify/transfer) your PDF data without even knowing the key! Cool right? But wait, it can be used for bad stuff like manipulating health or transaction records, accessing important government information or even forging false documents.
The vulnerability has been confirmed to be present in 85% of the tested PDF viewers out there including all the major ones. The researchers have even submitted proof of concept exploits here.
Damn. That’s bad! How is it happening though?
Partial encryption and CBC.
– PDF encryption is a mix of ciphertext and plaintext i.e. some parts are encrypted and some are not. Hence, with the right amount of hacking expertise, someone can see and even manipulate a part of your PDF. Not only that, the attacker can directly exfiltrate the data once you open the file on your device.
CBC is a mode of encrypting data (Cipher Block Chaining) that comes with no integrity checks and leaves the ciphertext open to manipulation. Using CBC gadgets, someone could change the decrypted parts or even create new encrypted parts.
So, my PDF data could be at stake!?
Or even fake. Yes.
And you wouldn’t even know if you were being attacked.
But here’s what you could do.
1. Check here if your PDF viewer is vulnerable or not.
2. The researchers are already helping the affected companies to curtail the impact. You can read all about it here.
3. Spread this in your circle and help others.
4. Stay on top of your online safety by checking our news blog once a day.
As we keep on saying, awareness is the first step to cyber security. And we at Tech Brewery value your safety above anything else.
Do let us know if you have something to say or add about this topic in the comment section!
Stay tuned, stay safe.