With their scientific work on security vulnerabilities of PDF signatures "1 Trillion Dollar Refund - How To Spoof PDF Signatures", CASA scientists have made first place for Europe at the Cyber Security Conference CSAW 19.
In their research, the IT experts from the Chair of Network and Data Security at the Horst Görtz Institute for IT Security show how attackers can manipulate PDFs despite signatures if they are sent by e-mail.
Common PDF applications have not registered manipulation
This vulnerability is highly problematic because very few file formats are used as intensively as PDF for passing on sensitive documents - which was previously considered to be well protected by the use of digital signatures. Prof. Jörg Schwenk and his team, however, managed to change the content of PDF documents without the usual PDF applications having registered it. In this way, attackers could, for example, change billing data unnoticed in order to enrich themselves. Further explanations and technical details on the paper have been prepared by the CASA scientists under this link.
The CSAW is the world's largest student organized Cyber Security conference. It is held every year at the NYU Tandon School for Engineering, and its continental competitions are attended by leading scientists.
Great response after publication in February
In addition to this award, the work was rewarded with a great response after the online publication in February: not only among experts was it noticed, it was also reported in many German media. Many of the affected PDF application vendors reacted with an update of their software. The work was also presented at the renowned IT security conference ACM Conference on Computer and Communications Security (ACM CCS).
Press contact
Dr. Vladislav Mladenov
Chair of Network and Data Security
Horst Görtz Institute for IT Security
Ruhr University Bochum
Phone: 0234 32 26742
E-mail: vladislav.mladenov AT rub.de
Dr. Christian Mainka
Chair of Network and Data Security
Horst Görtz Institute for IT Security
Ruhr University Bochum
Phone: 0234 32 26796
E-mail: christian.mainka AT rub.de
General inquiries can also be made via the e-mail address hgi-presse AT rub.de.
General note: In case of using gender-assigning attributes we include all those who consider themselves in this gender regardless of their own biological sex.