PDF insecurity at NDSS 2021

Re­cent­ly, we have pu­blis­hed two pa­pers on the „NDSS Sym­po­si­um 2021„.

Our first paper is „Pro­ces­sing Dan­ge­rous Paths – On Se­cu­ri­ty and Pri­va­cy of the Por­ta­ble Do­cu­ment For­mat“ and deals with the se­cu­ri­ty is­su­es in PDF files. In the paper, we an­s­wer the ques­ti­on „What could go wrong if you open a PDF file?“.

Our se­cond paper „Shadow At­tacks: Hiding and Re­pla­cing Con­tent in Si­gned PDFs“ pres­ents novel at­tacks on PDF si­gna­tu­res. The at­tacks allow the ma­ni­pu­la­ti­on of di­gi­tal­ly si­gned PDF do­cu­ments wi­thout cau­sing any warning by ope­ning the file.

More in­for­ma­ti­on can be found on „pdf-in­se­cu­ri­ty.​org„, in our blog­posts („Blog­post: PDF Dan­ge­rous Paths„, „Blog­post: PDF Shadow At­tacks„), and vi­de­os („Youtu­be: PDF Dan­ge­rous Paths„, „Youtu­be: PDF Shadow At­tacks„).