1 00:00:00,799 --> 00:00:02,720 hello everyone and welcome to the talk 2 00:00:02,720 --> 00:00:04,400 breaking the specification 3 00:00:04,400 --> 00:00:07,200 pdf certification my name is simon and 4 00:00:07,200 --> 00:00:09,200 this was a joint work with vladislav 5 00:00:09,200 --> 00:00:10,639 christian and york 6 00:00:10,639 --> 00:00:12,320 we are all researchers at whole 7 00:00:12,320 --> 00:00:14,719 university boho 8 00:00:14,719 --> 00:00:16,960 in the next 50 minutes we talk about pdf 9 00:00:16,960 --> 00:00:19,279 certification and how to use features 10 00:00:19,279 --> 00:00:20,560 and certification 11 00:00:20,560 --> 00:00:22,400 to change the content in a certified 12 00:00:22,400 --> 00:00:24,959 document 13 00:00:25,599 --> 00:00:27,840 we start with the basics and take a look 14 00:00:27,840 --> 00:00:29,199 on the pdf structure 15 00:00:29,199 --> 00:00:31,760 incremental updates talk about the 16 00:00:31,760 --> 00:00:33,840 differences between site and certified 17 00:00:33,840 --> 00:00:35,040 documents 18 00:00:35,040 --> 00:00:36,880 and take a look on the permission levels 19 00:00:36,880 --> 00:00:40,000 in certified documents 20 00:00:40,000 --> 00:00:42,160 so on the right side you see a simple 21 00:00:42,160 --> 00:00:45,760 pdf document and each pdf document start 22 00:00:45,760 --> 00:00:46,800 with the header 23 00:00:46,800 --> 00:00:50,640 so the header defines a pdf version 24 00:00:50,640 --> 00:00:52,480 the header is followed by the body and 25 00:00:52,480 --> 00:00:55,440 contains objects of the pdf document 26 00:00:55,440 --> 00:00:59,120 with unique object numbers so it starts 27 00:00:59,120 --> 00:01:02,160 with the object of type catalog 28 00:01:02,160 --> 00:01:05,360 which reference to the pages object 29 00:01:05,360 --> 00:01:07,840 and the pages object reference to all 30 00:01:07,840 --> 00:01:09,600 pages in the document 31 00:01:09,600 --> 00:01:11,680 as you can see there's only one page in 32 00:01:11,680 --> 00:01:13,040 the document so we 33 00:01:13,040 --> 00:01:16,320 only have one object of type 34 00:01:16,320 --> 00:01:19,360 page so the page reference to the 35 00:01:19,360 --> 00:01:22,400 contents of the document or the page 36 00:01:22,400 --> 00:01:25,439 so you see in object number four 37 00:01:25,439 --> 00:01:28,159 there contains a stream and within the 38 00:01:28,159 --> 00:01:28,880 stream 39 00:01:28,880 --> 00:01:31,280 there's the text of the pdf document and 40 00:01:31,280 --> 00:01:34,320 starts with contract 41 00:01:34,479 --> 00:01:36,720 the third part of a pdf document is a 42 00:01:36,720 --> 00:01:38,000 cross reference table 43 00:01:38,000 --> 00:01:41,040 or expert table it 44 00:01:41,040 --> 00:01:43,759 holds the entries or the byte offsets of 45 00:01:43,759 --> 00:01:44,479 the object 46 00:01:44,479 --> 00:01:47,520 defined in the body so as you can see it 47 00:01:47,520 --> 00:01:48,640 starts with one 48 00:01:48,640 --> 00:01:51,680 followed by four this means the 49 00:01:51,680 --> 00:01:54,159 first object is object number one 50 00:01:54,159 --> 00:01:56,079 followed by four entries 51 00:01:56,079 --> 00:01:58,479 so as you can see there's a 10 and 10 52 00:01:58,479 --> 00:02:00,640 means the byte of set 10 53 00:02:00,640 --> 00:02:03,759 so object number one starts at byte 54 00:02:03,759 --> 00:02:05,920 offset 10. 55 00:02:05,920 --> 00:02:08,080 the last part of a pdf document is a 56 00:02:08,080 --> 00:02:10,239 trailer the trailer reference to the 57 00:02:10,239 --> 00:02:11,360 root object 58 00:02:11,360 --> 00:02:15,280 so the root object is of type catalog 59 00:02:15,280 --> 00:02:17,920 and defines a byte offset of the cross 60 00:02:17,920 --> 00:02:19,360 reference table 61 00:02:19,360 --> 00:02:21,599 so in this example the cross reference 62 00:02:21,599 --> 00:02:25,920 table start at byte offset 191 63 00:02:25,920 --> 00:02:28,400 and these four parts build the whole pdf 64 00:02:28,400 --> 00:02:30,959 document 65 00:02:31,040 --> 00:02:33,200 if you want to change the content of a 66 00:02:33,200 --> 00:02:34,480 pdf file 67 00:02:34,480 --> 00:02:37,360 or add new content we do this usually 68 00:02:37,360 --> 00:02:39,440 within an incremental update so this 69 00:02:39,440 --> 00:02:41,440 means only the modification 70 00:02:41,440 --> 00:02:44,000 are added to the end of the pdf file 71 00:02:44,000 --> 00:02:45,360 within an update 72 00:02:45,360 --> 00:02:47,680 but the original pdf content remains 73 00:02:47,680 --> 00:02:49,200 unchanged 74 00:02:49,200 --> 00:02:51,360 so on the left side you see a simple pdf 75 00:02:51,360 --> 00:02:53,440 file and now we want to add 76 00:02:53,440 --> 00:02:55,920 an incremental update we do this by 77 00:02:55,920 --> 00:02:58,159 adding a body update a cross reference 78 00:02:58,159 --> 00:03:00,400 table update and a trailer update 79 00:03:00,400 --> 00:03:02,000 and these three parts build the 80 00:03:02,000 --> 00:03:04,080 incremental update 81 00:03:04,080 --> 00:03:07,280 so if we want to sign a pdf document 82 00:03:07,280 --> 00:03:10,000 we do this within an incremental update 83 00:03:10,000 --> 00:03:11,760 and these incremental update protects 84 00:03:11,760 --> 00:03:12,720 the document 85 00:03:12,720 --> 00:03:15,120 so there's a small part containing the 86 00:03:15,120 --> 00:03:19,040 signature value which leaves unprotected 87 00:03:19,040 --> 00:03:21,680 so if we now want to add an annotation 88 00:03:21,680 --> 00:03:23,599 to a signed pdf document 89 00:03:23,599 --> 00:03:26,159 we do this with another incremental 90 00:03:26,159 --> 00:03:27,120 update 91 00:03:27,120 --> 00:03:30,239 soon as you can see the annotation part 92 00:03:30,239 --> 00:03:33,840 is now unprotected 93 00:03:35,920 --> 00:03:39,360 so let's talk about signed pdf documents 94 00:03:39,360 --> 00:03:42,000 if you want to sign the simple pdf 95 00:03:42,000 --> 00:03:42,799 document 96 00:03:42,799 --> 00:03:45,120 we do this within an incremental update 97 00:03:45,120 --> 00:03:46,000 so as you can 98 00:03:46,000 --> 00:03:48,879 see here we see the revision one is 99 00:03:48,879 --> 00:03:50,799 signed by ceo 100 00:03:50,799 --> 00:03:52,959 but we are not limited to one signature 101 00:03:52,959 --> 00:03:55,439 we can also add another signature 102 00:03:55,439 --> 00:03:58,560 so in update 2 we add the revision 2 103 00:03:58,560 --> 00:04:01,280 which is signed by ceo2 104 00:04:01,280 --> 00:04:04,319 and we also can add annotations but if 105 00:04:04,319 --> 00:04:06,720 we want to add an annotation 106 00:04:06,720 --> 00:04:09,760 like here not for public release we see 107 00:04:09,760 --> 00:04:12,720 there is in the signature part of the 108 00:04:12,720 --> 00:04:14,879 document we see there's an annotation 109 00:04:14,879 --> 00:04:17,199 created with a warning 110 00:04:17,199 --> 00:04:19,279 so signed pdf documents there are 111 00:04:19,279 --> 00:04:21,358 multiple signatures are possible 112 00:04:21,358 --> 00:04:23,199 until assigner explicitly locks the 113 00:04:23,199 --> 00:04:24,479 document and 114 00:04:24,479 --> 00:04:26,639 adding an annotation leads to warnings 115 00:04:26,639 --> 00:04:29,600 but are not blocked 116 00:04:29,600 --> 00:04:31,199 so in certified documents the 117 00:04:31,199 --> 00:04:33,199 certification must be added before 118 00:04:33,199 --> 00:04:34,880 signing the document 119 00:04:34,880 --> 00:04:36,880 this is because the certification sets a 120 00:04:36,880 --> 00:04:38,160 permission level 121 00:04:38,160 --> 00:04:42,479 p1 p2 or p3 for the whole document 122 00:04:42,479 --> 00:04:45,360 so in certified documents up to the 123 00:04:45,360 --> 00:04:46,880 permission level 124 00:04:46,880 --> 00:04:49,199 additional signature our annotations are 125 00:04:49,199 --> 00:04:49,919 allowed 126 00:04:49,919 --> 00:04:52,800 or prohibit so let's take a look on the 127 00:04:52,800 --> 00:04:54,880 difference between signed and 128 00:04:54,880 --> 00:04:57,600 certified documents add or change 129 00:04:57,600 --> 00:04:59,440 visible content is not allowed in a 130 00:04:59,440 --> 00:05:00,080 signed or 131 00:05:00,080 --> 00:05:02,800 certified document but you can fill out 132 00:05:02,800 --> 00:05:03,600 forms 133 00:05:03,600 --> 00:05:07,120 in certified documents p2 or p3 134 00:05:07,120 --> 00:05:09,600 and inside pdf documents this usually 135 00:05:09,600 --> 00:05:11,600 leads to warnings if you do not add a 136 00:05:11,600 --> 00:05:14,560 signature at the same time 137 00:05:14,560 --> 00:05:17,199 but adding multiple signature is also 138 00:05:17,199 --> 00:05:18,960 allowed in site pdfs 139 00:05:18,960 --> 00:05:22,639 and on certified documents at level p2 140 00:05:22,639 --> 00:05:26,479 and p3 adding annotations 141 00:05:26,479 --> 00:05:28,320 leads to warnings the most pdf 142 00:05:28,320 --> 00:05:30,320 application when we do this within sign 143 00:05:30,320 --> 00:05:33,360 pdf but is allowed on a 144 00:05:33,360 --> 00:05:36,400 certified document at level p3 so on the 145 00:05:36,400 --> 00:05:39,280 right side you see a certified document 146 00:05:39,280 --> 00:05:42,160 and a signature was added and an 147 00:05:42,160 --> 00:05:44,400 annotation was added and we see on level 148 00:05:44,400 --> 00:05:45,360 p3 149 00:05:45,360 --> 00:05:47,919 there's no warnings when we add an 150 00:05:47,919 --> 00:05:50,240 annotation 151 00:05:50,240 --> 00:05:52,000 so let's start with the attacks on 152 00:05:52,000 --> 00:05:54,080 certified documents we start with the 153 00:05:54,080 --> 00:05:57,199 evil annotation attack um we use 154 00:05:57,199 --> 00:05:59,360 annotations to add to hide content and 155 00:05:59,360 --> 00:06:00,800 certify documents 156 00:06:00,800 --> 00:06:03,199 and we take a look on the user interface 157 00:06:03,199 --> 00:06:05,199 layers ui layers 158 00:06:05,199 --> 00:06:07,680 and we improve the stealthiness of the 159 00:06:07,680 --> 00:06:10,160 eaa 160 00:06:10,800 --> 00:06:13,840 so for in eaa you need a 161 00:06:13,840 --> 00:06:17,440 certified document on level p3 162 00:06:17,440 --> 00:06:19,360 so adding or changing annotations is 163 00:06:19,360 --> 00:06:20,639 allowed 164 00:06:20,639 --> 00:06:22,720 and annotations can be placed anywhere 165 00:06:22,720 --> 00:06:24,240 in the documents the pdf 166 00:06:24,240 --> 00:06:26,080 specification does not restrict the 167 00:06:26,080 --> 00:06:27,440 position or size of an 168 00:06:27,440 --> 00:06:30,160 annotation so we can add an annotation 169 00:06:30,160 --> 00:06:31,280 as big as we want 170 00:06:31,280 --> 00:06:33,440 and two annotations can overlap each 171 00:06:33,440 --> 00:06:35,840 other 172 00:06:36,000 --> 00:06:39,120 the pdf specification 2.0 defines 173 00:06:39,120 --> 00:06:42,319 26 annotation types and 18 of them 174 00:06:42,319 --> 00:06:44,080 are allowed to be used in a certified 175 00:06:44,080 --> 00:06:45,840 document 176 00:06:45,840 --> 00:06:47,919 so as you can see on the right side we 177 00:06:47,919 --> 00:06:50,080 categorize them by the danger level 178 00:06:50,080 --> 00:06:52,720 so danger level high means you can add 179 00:06:52,720 --> 00:06:53,840 text or images 180 00:06:53,840 --> 00:06:56,880 to the certified document so for 181 00:06:56,880 --> 00:06:58,960 annotation free text and redact you can 182 00:06:58,960 --> 00:07:00,319 add text 183 00:07:00,319 --> 00:07:03,919 and for notation stamp you can images 184 00:07:03,919 --> 00:07:07,120 at the level medium it means you can 185 00:07:07,120 --> 00:07:10,240 hide images or text in a certified 186 00:07:10,240 --> 00:07:12,319 document but you cannot add 187 00:07:12,319 --> 00:07:15,680 new content and on level low you only 188 00:07:15,680 --> 00:07:16,000 can 189 00:07:16,000 --> 00:07:20,960 add icons to the certified documents 190 00:07:21,759 --> 00:07:24,240 so how to use eia to change a content in 191 00:07:24,240 --> 00:07:26,160 a certified document 192 00:07:26,160 --> 00:07:29,680 we first use the annotation type stamp 193 00:07:29,680 --> 00:07:32,240 to hide content with a white image so we 194 00:07:32,240 --> 00:07:33,840 place a white image 195 00:07:33,840 --> 00:07:37,919 above the text we want to change 196 00:07:38,400 --> 00:07:41,599 after this we add a free text comment or 197 00:07:41,599 --> 00:07:43,520 a free text annotation 198 00:07:43,520 --> 00:07:46,240 to add text chosen by the attacker we 199 00:07:46,240 --> 00:07:46,960 place this 200 00:07:46,960 --> 00:07:50,000 over the stamp and now we got 201 00:07:50,000 --> 00:07:54,000 our content placed in the document 202 00:07:54,080 --> 00:07:56,400 as you can see we can add content to a 203 00:07:56,400 --> 00:07:58,479 certified document without 204 00:07:58,479 --> 00:08:00,879 warnings in ui layer 1 which is always 205 00:08:00,879 --> 00:08:03,199 displayed when the document is opened 206 00:08:03,199 --> 00:08:06,400 and no warnings in user layer 2 which 207 00:08:06,400 --> 00:08:09,360 must be opened by the user and provide 208 00:08:09,360 --> 00:08:10,960 more detailed information about the 209 00:08:10,960 --> 00:08:13,199 signature certification 210 00:08:13,199 --> 00:08:16,160 but we have to look at another ui layer 211 00:08:16,160 --> 00:08:17,039 the ui 212 00:08:17,039 --> 00:08:19,840 layer 3 which holds a list of 213 00:08:19,840 --> 00:08:22,240 annotations added to the document 214 00:08:22,240 --> 00:08:24,720 and this layer 3 must be also opened by 215 00:08:24,720 --> 00:08:25,520 the user 216 00:08:25,520 --> 00:08:27,919 but it makes the modifications 217 00:08:27,919 --> 00:08:31,360 detectable for the user 218 00:08:31,360 --> 00:08:33,519 so let's improve the stealthiness of the 219 00:08:33,519 --> 00:08:34,880 array 220 00:08:34,880 --> 00:08:37,200 we first have to find objects of type 221 00:08:37,200 --> 00:08:38,399 anode 222 00:08:38,399 --> 00:08:41,360 you see we have two objects of type 223 00:08:41,360 --> 00:08:42,958 anode here 224 00:08:42,958 --> 00:08:46,320 which hold a value a subtype value of 225 00:08:46,320 --> 00:08:49,200 stamp or free text 226 00:08:49,200 --> 00:08:51,200 so the next step we have to change the 227 00:08:51,200 --> 00:08:53,279 subtype to null or one that is not 228 00:08:53,279 --> 00:08:56,000 specified by the specification 229 00:08:56,000 --> 00:08:58,720 so we set this to null as you can see 230 00:08:58,720 --> 00:08:59,040 and 231 00:08:59,040 --> 00:09:03,440 now the ui layer 3 holds an empty list 232 00:09:03,440 --> 00:09:08,720 so this is how we improve systems of eaa 233 00:09:08,720 --> 00:09:10,720 let's take a look on sneaky signature 234 00:09:10,720 --> 00:09:11,839 attacks 235 00:09:11,839 --> 00:09:14,320 our goal is to use the signature to add 236 00:09:14,320 --> 00:09:16,880 and hide content in a certified document 237 00:09:16,880 --> 00:09:18,880 and we take a look on the structure of 238 00:09:18,880 --> 00:09:20,240 signatures 239 00:09:20,240 --> 00:09:22,720 and on top we show how to improve the 240 00:09:22,720 --> 00:09:26,160 statusness of ssa 241 00:09:26,160 --> 00:09:28,880 the sneaky signature attack is possible 242 00:09:28,880 --> 00:09:29,920 on level p2 243 00:09:29,920 --> 00:09:33,279 and p3 because this level allows to add 244 00:09:33,279 --> 00:09:36,000 a signature to a certified document 245 00:09:36,000 --> 00:09:38,080 and the visible part of the signature 246 00:09:38,080 --> 00:09:40,320 can be placed anywhere in the document 247 00:09:40,320 --> 00:09:42,640 and the pdf specification does not 248 00:09:42,640 --> 00:09:44,480 restrict the position or size of the 249 00:09:44,480 --> 00:09:45,680 signature 250 00:09:45,680 --> 00:09:48,839 and also signature can overlap each 251 00:09:48,839 --> 00:09:50,959 other 252 00:09:50,959 --> 00:09:53,120 on this slide you see the visible part 253 00:09:53,120 --> 00:09:54,480 of a signature 254 00:09:54,480 --> 00:09:57,040 as you can see there is a graphical part 255 00:09:57,040 --> 00:09:58,959 and also a text part 256 00:09:58,959 --> 00:10:01,519 and both parts can chosen by the 257 00:10:01,519 --> 00:10:03,440 attacker 258 00:10:03,440 --> 00:10:05,760 so let's use ssa to change content in a 259 00:10:05,760 --> 00:10:07,200 certified document 260 00:10:07,200 --> 00:10:09,680 we first have to add an empty signature 261 00:10:09,680 --> 00:10:12,000 file over the content to be changed 262 00:10:12,000 --> 00:10:14,240 we can do this manually or using tools 263 00:10:14,240 --> 00:10:16,000 like apache pdf box 264 00:10:16,000 --> 00:10:19,200 which is a java library to modify or 265 00:10:19,200 --> 00:10:21,839 sign pdfs 266 00:10:21,839 --> 00:10:23,839 so in the next step we have to create a 267 00:10:23,839 --> 00:10:25,040 visible signature 268 00:10:25,040 --> 00:10:27,519 with a white background image and text 269 00:10:27,519 --> 00:10:29,760 chosen by the attacker 270 00:10:29,760 --> 00:10:31,680 in the last step we have to insert the 271 00:10:31,680 --> 00:10:35,519 signature to the empty signature files 272 00:10:35,519 --> 00:10:37,839 so now we have placed attacker choosing 273 00:10:37,839 --> 00:10:40,000 content with certified document using 274 00:10:40,000 --> 00:10:41,440 signatures 275 00:10:41,440 --> 00:10:44,640 but this leads to a problem so as you 276 00:10:44,640 --> 00:10:46,320 can see on ui layer 1 277 00:10:46,320 --> 00:10:48,880 and ui layer 2 depending on the pdf 278 00:10:48,880 --> 00:10:50,000 application 279 00:10:50,000 --> 00:10:54,000 the attack is detectable 280 00:10:54,800 --> 00:10:57,920 so let's improve the statusness of ssa 281 00:10:57,920 --> 00:11:00,000 in the first step we have to find the 282 00:11:00,000 --> 00:11:02,720 object of file type sick 283 00:11:02,720 --> 00:11:05,839 so as you can see we find file type 6 in 284 00:11:05,839 --> 00:11:07,920 the object number 7 285 00:11:07,920 --> 00:11:10,959 and object number 7 contains a reference 286 00:11:10,959 --> 00:11:12,160 to the page object 287 00:11:12,160 --> 00:11:15,600 p to the object 3 and 288 00:11:15,600 --> 00:11:19,040 the validation reference to number 8. 289 00:11:19,040 --> 00:11:21,120 the object 8 contains the signature 290 00:11:21,120 --> 00:11:22,880 value 291 00:11:22,880 --> 00:11:24,959 so in the second step we have to change 292 00:11:24,959 --> 00:11:26,240 the reference 293 00:11:26,240 --> 00:11:29,120 of the page object to our own signature 294 00:11:29,120 --> 00:11:30,160 object 295 00:11:30,160 --> 00:11:33,440 this means we change the reference 3 296 00:11:33,440 --> 00:11:37,680 to 7. so in the next step 297 00:11:37,680 --> 00:11:39,360 we have to interrupt the signature 298 00:11:39,360 --> 00:11:42,079 validation and we do this by changing 299 00:11:42,079 --> 00:11:45,760 the referenced v to the next higher 300 00:11:45,760 --> 00:11:48,160 object number so in this case we change 301 00:11:48,160 --> 00:11:48,800 the 302 00:11:48,800 --> 00:11:53,680 value 8 to the value 9. 303 00:11:54,320 --> 00:11:57,200 but this leads to another problem as you 304 00:11:57,200 --> 00:11:58,160 can see 305 00:11:58,160 --> 00:12:00,720 the signature field is now interpreted 306 00:12:00,720 --> 00:12:01,279 as an 307 00:12:01,279 --> 00:12:04,480 empty field so to prevent the signature 308 00:12:04,480 --> 00:12:06,560 field from being interpreted as an 309 00:12:06,560 --> 00:12:08,800 empty field we have to mark it as read 310 00:12:08,800 --> 00:12:09,760 only 311 00:12:09,760 --> 00:12:13,120 and we do this by adding double f1 312 00:12:13,120 --> 00:12:16,880 to the signature object seven 313 00:12:16,880 --> 00:12:20,399 so now the signature field will not be 314 00:12:20,399 --> 00:12:21,440 interpreted as 315 00:12:21,440 --> 00:12:25,519 an empty one so we finished our 316 00:12:25,519 --> 00:12:28,560 improving the stealthiness attack on ssa 317 00:12:28,560 --> 00:12:31,120 so as you can see no signature is here 318 00:12:31,120 --> 00:12:32,160 in ui layer 1 319 00:12:32,160 --> 00:12:36,639 and no signature is on your eye layer 2. 320 00:12:37,680 --> 00:12:39,519 so let's have a look on the evaluation 321 00:12:39,519 --> 00:12:40,959 and the vulnerable pdf 322 00:12:40,959 --> 00:12:43,200 applications we categorized them by the 323 00:12:43,200 --> 00:12:45,920 ui layers 324 00:12:45,920 --> 00:12:48,959 we analyzed 26 pf applications on three 325 00:12:48,959 --> 00:12:51,200 different operating systems 326 00:12:51,200 --> 00:12:53,360 so on the middle part you see the 327 00:12:53,360 --> 00:12:55,200 specification flaws 328 00:12:55,200 --> 00:12:57,200 this means the attacks without improving 329 00:12:57,200 --> 00:12:58,639 the stealthiness 330 00:12:58,639 --> 00:13:00,160 on the right part you see the 331 00:13:00,160 --> 00:13:02,959 application flaws this means the attacks 332 00:13:02,959 --> 00:13:06,160 with improving the statins we categorize 333 00:13:06,160 --> 00:13:09,120 them by the ui layers one two and three 334 00:13:09,120 --> 00:13:11,440 and a full cycle means the attack is 335 00:13:11,440 --> 00:13:13,440 undetectable on the ui layer 336 00:13:13,440 --> 00:13:15,440 a semicycle means the attack is 337 00:13:15,440 --> 00:13:17,440 undetectable on the ui layer but the 338 00:13:17,440 --> 00:13:18,160 general 339 00:13:18,160 --> 00:13:21,360 notification is shown an empty cycle 340 00:13:21,360 --> 00:13:23,360 means the attack is clearly detectable 341 00:13:23,360 --> 00:13:25,120 on the ui layer 342 00:13:25,120 --> 00:13:28,160 as you can see the application flaws 343 00:13:28,160 --> 00:13:29,519 help to increase the number of 344 00:13:29,519 --> 00:13:31,279 vulnerable applications 345 00:13:31,279 --> 00:13:34,560 for example ssa on 346 00:13:34,560 --> 00:13:36,959 ui layer 2 the number of vulnerable 347 00:13:36,959 --> 00:13:39,760 applications increased from 0 to 9 348 00:13:39,760 --> 00:13:42,959 if we improve the stair sinus and 349 00:13:42,959 --> 00:13:46,800 we see the same for eia on ui layer 3 350 00:13:46,800 --> 00:13:48,880 where the vulnerability vulnerable 351 00:13:48,880 --> 00:13:50,240 applications increase 352 00:13:50,240 --> 00:13:53,440 from 0 to 50. 353 00:13:53,440 --> 00:13:54,800 so what is the conclusion and the 354 00:13:54,800 --> 00:13:57,360 lessons learned unprotected updates are 355 00:13:57,360 --> 00:13:58,880 still a big problem in certified 356 00:13:58,880 --> 00:14:01,519 documents and also in signed pdfs 357 00:14:01,519 --> 00:14:03,680 and supposed harmless features like 358 00:14:03,680 --> 00:14:05,519 signatures or annotations 359 00:14:05,519 --> 00:14:07,279 can be used for evil things like adding 360 00:14:07,279 --> 00:14:10,160 content to a certified document 361 00:14:10,160 --> 00:14:12,720 so the specifications should be updated 362 00:14:12,720 --> 00:14:14,720 adding signatures should only be allowed 363 00:14:14,720 --> 00:14:16,000 in a predefined signature 364 00:14:16,000 --> 00:14:18,639 fields defined by the certifier before 365 00:14:18,639 --> 00:14:20,959 the document is certified 366 00:14:20,959 --> 00:14:23,040 and annotation should be limited so 367 00:14:23,040 --> 00:14:24,079 there's no reason 368 00:14:24,079 --> 00:14:26,079 why we can add an image as big as a 369 00:14:26,079 --> 00:14:27,600 whole page or add 370 00:14:27,600 --> 00:14:30,639 content like text to the to the 371 00:14:30,639 --> 00:14:32,720 certified document 372 00:14:32,720 --> 00:14:35,040 using a white list would also help to 373 00:14:35,040 --> 00:14:38,240 reduce implementation flaws 374 00:14:38,240 --> 00:14:40,639 if you want to learn more about pdf 375 00:14:40,639 --> 00:14:42,880 security visit us at pdf 376 00:14:42,880 --> 00:14:48,160 in security.org and on pdf demos.de 377 00:14:48,160 --> 00:14:51,120 we provide for you a detector for ea and 378 00:14:51,120 --> 00:14:51,920 ssa 379 00:14:51,920 --> 00:14:53,680 if you have any questions write us an 380 00:14:53,680 --> 00:14:58,880 email thank you for your attention