Connect with us

Article

PDFs can be digitally signed by two contractual partners

Published

on

Spread Articles to Your Friends

PDF files can be digitally signed by two parties. However, researchers have now discovered a security flaw that can be used to subsequently change the document by a second party.

With the help of certified signatures, PDFs can be digitally signed by two contractual partners. After the first signature, however, it should theoretically no longer be possible to make any changes to the content. Researchers at the Horst Gortz Institute for IT Security in Bochum have now developed two attack methods that should be able to do just that. Actually, the party that issues a PDF with a certified signature and signs it first can specify which changes the contractual partner can then make. The whole thing is intended so that the contractual partner can, for example, fill out individual fields, add comments or even add their own signature. However, the scientists also managed to change the content without invalidating the certification.

“The attack idea exploits the flexibility of PDF certification, which allows certified documents to be signed or annotated with different authorization levels. Our practical evaluation shows that an attacker could change the visible content in 15 of 26 viewer applications, ” write the researchers, who have now publicly presented their study at the IEEE Symposium on Security and Privacy.

Researchers exploit loophole

Specifically, the scientists took advantage of the possibility of placing signature elements on top of the actual document text in order to change its content. However, the potential victim may notice this change as the signature information is displayed when the document is opened. Using a second trick, however, the researchers were able to hide this signature information and thus further camouflage the manipulation. During their work, the researchers also came across a security hole in Adobe’s PDF programs. Attackers could use them to execute potentially malicious JavaScript code. However, after the researchers contacted Adobe, this security gap has been closed. In addition, the researchers are working with the German Institute for Standardization (DIN) and the International Organization for Standardization (ISO) so that the attack they describe can no longer be carried out with the next version of the PDF specifications.

Continue Reading
Advertisement
Comments
Shares