Collaborate on Invoice PDF for Security with Ease Using airSlate SignNow

Invoice pdf for Security

Let me introduce myself. My name is Vladislav. Or, just short, Vlady and Simon. We are security researcher at the university in Belgium, and we will talk today about the security of PDF signatures. But before I start hacking stuff and breaking stuff, let me introduce ourself and how do we work? Why PDFs are so interesting for us. So at the beginning, we are researchers and we need to publish our work. And basically we need to motivate. We write papers and submit them to peer reviewed conferences. They are reviewed by security experts, not PDF experts. And the first comments, the first papers were rejected with the comment Who cares about PDF signatures? Who uses them? And we needed to motivate this part much better. So we start searching for if concrete numbers companies, they are using it and it's quite hard to find such kind of information. So basically we grabbed the Adobe Financial Report to get some concrete numbers, since it's a lot of work because it's a financial report not intended to to present some concrete numbers. So you're the PDF community. And if you if you ask me what I want to see is data provided by you, this are concrete numbers who uses it, how much users use PDF, PDF signatures, PDF encryption and so on. And so far I saw today in so much information about you have the numbers but you don't publish it, so try to to do it. It makes our life much, much easier. And as far I enjoyed reading the financial report, but there are more efficient ways to do it, OK? But from a from from researcher point of view, why we focus on PDFs because usually if you are security experts, you need to break stuff. And if you break one application, this is just a pen test. You get paid for it and then forget about it. From a scientific point of view, you need to generalize problems so you need more applications. And this is the way why PDFs are important for us. There are libraries, applications, services, and so on and so forth. So we can do some hacking stuff. Generally, extract core issues and submit them to scientific conference. This is our contribution and for this reason, this was quite interesting for us and we didn't have to search much to find such kind of applications. From security point of view. PDF supports a lot of features. This doesn't mean that these features are automatically leading to security issues, but they increase to surface. We can use for attack, for example. We have interactive features. We have, of course, JavaScript, and we have even multimedia like 3D audio video and so forth. So again, this does not mean that these features are dangerous, but they just increase the surface, which we can use to carry out different attacks. And even more interesting, PDA support through cryptography, they can be encrypted and they can be also digital signs. So for security experts, there is a lot of area where we can concentrate on and move around and try to bypass stuff. OK, so let's talk about more about security. So it's a PDF. What could go wrong let me do a short round a road trip about the security of PDFs. I will miss a lot of related work. I will concentrate on the most important parts in 2001. The first PDF based virus was published. This was the PKI virus it was the visual basic script embedded into PDF files. It was a game convincing users to click on a link and carry out some malicious code or execute some of these code. In 2003. The first JavaScript based virus was published, and this was vulnerability in the parsing engine of the JavaScript. So basically malicious file will start in the plugin folder of Adobe and execute it every time Adobe Reader was started and so on. The malicious code was carried out every time the reader was used after that in 2007, in 2008, the first insecure features was was abused. Insecure feature means we mean that the legitimate features introduced by the specification were used for bad stuff, for example, to execute code, to invoke some URLs and so on and so forth. And this was, you know, this was a just of black hat talks. So they the researchers concentrated on isolated problems, which we later kept up and provide a more comprehensive analysis in the in the next year. As you can see even in 2018 such kind of insecure features were discovered or reported on different applications and the results of all this research on the security was that currently many many many PDF applications warn or even that don't execute any of these dangerous features. For example, if you get the launch action starting on external application you get a warning that you're not allowed to do it or you explicitly should allow it. Or if you want to call some a URLs, then you get a warning before this URL is called. Also, if JavaScript is embedded, then you get to also warning of course depend on the application you use OK then what happened also in 2000 or between 2000 to one and 2018 in 2017. The first cryptographic attempt was introduced and this was not concretely a PDF problem, but it was the sharp, the scheduler attacked attacked the show of function. So a collusion was found and the proof of concept were two PDF files having the same hash some and this is relevant for the PDF signatures. And then in 2009 19 we published our first work. So the motivation of our work was we got a contract from the European Commission, we opened it and we got a lot of warnings during the signature validation and our boss asked us how does it work, why we get such kind of warnings with that? We didn't have a clue about PDFs, we didn't know anything about how it works. And we started investigating and two years later we published our first paper. So let's take a look what we did. This is a simple attack which worked, and we prepared a short video. Basically, we have here 22 files I need to see if it works. Yeah, the video started, so we have two different files. The first one is validly signed PDF for example, by the CEO. And you see the signature is valid. No warnings are shown. And The Adobe Reader states that the content was not modified at all. OK, and we have the second one, which has it not. It is not signed and it has the text manipulated by the attacker. Now, we will use the best hacking tool for PDFs. As mentioned yesterday, we use note that this first and on the left side you see the document. On the right side, you see the malicious one. So first we need to find where the content is defined. And as you can see, this is in the object. 38. So on the right side, we have the malicious one, and this object contains the manipulated by the attacker. So this is our content, it's encoded or set. And now we will just copy paste the malicious content into the sign document. So this happens here OK, so probably you will you should assume that if we do such kind of stuff, we will break the signature, right? It should not possible and this is correct. So let's start the document, we open it. And as you can see first we exchanged here the content perfectly fine and the reader says the signature is not valid. You tempered the content perfectly fine. It's works like it should be so let's try to create one attack. I don't know if everybody is familiar with the byte French. The by French is in the signature dictionary and just states what which area is signed. It states the bytes which are covered by the but a signature so we decided in our research just to delete it. The idea is if the application does not find what is signed, but it finds to certificate and so on and so forth, we hope that something goes wrong and the signature validation is skipped. So we removed the by strange start the file. And now as you can see, the Adobe Reader states are stated they can find a 2019 that the signature is valid. So this was one of the attacks we carry out. This was this is the most simple attack we carry out. So let's talk about our results. So as you can see, this is the table with our results we provided in our paper the first comprehensive analysis on PDF signatures and we came up with three novel attacks. This are incremental saving attacks signature editing and universal signature forgery. And here you see that Adobe was made a lot of work and a lot of very good work to prevent this kind of attacks. For example, there were not vulnerable against the first one and the second one, but the last one I already showed it to you and this was just an implementation error. It could happen. It should not be, but it's part of the life and it could be very easily fixed. But more interesting is that 21 of 22 applications for vulnerable back down. So basically we broke every single application the only one was Adobe Reader nine because this is the only application available on Linux. It has remote code execution should not be used was obsolete but it was with we were not able to bypass it. So this was the this were the results of our first analysis and we were quite surprised that the situation was so bad. But the good news are the application reacted and fixed a lot of of the vulnerabilities reported to them. Great stuff. So in the same year, we also concentrated on PDF encryption and discovered a lot of issues there too. But I will not talk today about this into thousand 20. We decided just to proceed with the analysis of digital signatures and we discovered the so-called shadow attacks. We will present the basic concept of these attacks. So the idea was the applications did a great job to fix the previous vulnerabilities. So we needed new ideas and we created new attacker model, which we will explain further the good stuff and the good news for us and the better, of course for the PDF was that this were novel attacks and we were able to bypass 16 out of 29 applications and among others, for example, applications which already have been fixed or were not vulnerable against the previous attacks. And after discovering shadow attacks, we published them and in the same year, but the paper was published one year later. We sum up all the previous research regarding insecure features and extend it to little bits. The stuff the attacks and just summarized everything. What could go wrong with legitimate features on periods which can be abused for bad stuff and last but not least, we concentrated on PDF certification. To be honest, we were not able to understand it at the very beginning. Why do you need to prove a signature certification of signatures? And as part of his master thesis, we tried to understand it and we came up with new ideas for attacks and we will present one of the attacks today too. So what what were the results of this analysis of the last paper? Just on the certification, we came up with two novel attacks, each for the ing to level two or three of the certification and so we were able to bypass 21 of 26 applications, of course only on the first layer. So if you open the document and did not click on additional validation and so on. So if you try to investigate further if the application is learnable, then the results are a little bit better. But still the problem is there and Zaman will show you how exactly it works. So for this part, we abused only legitimate features allowed to do so. We provided only modifications which are allowed ing to specification and try to exchange content or to offer leads. OK, this is regarding the overview and security road trip over the security. Now Simon, we will talk about digital signed PDFs and some of the car issues. Have fun. So thank you for this love. So let's talk about digital signatures in more detail. On the left side, we see an unsigned PDF document, in this case an Amazon invoice. And if Amazon signs and document signature validation panel is now clickable and usually a signature form for you just added, which can contain both the graphical and the text parts. And that's the top. There's now a signature bar which indicates the signature status and just cancel signatures spell it, and the certificate is trust us. So what happens if we sign a PDF document? On the left side, we see the unsigned PDF document and the four parts we had the body, the X reference, a trailer section and an object. Number four, we see the content stream for the document on the right side. And if we add signature to this document, we usually do this within an incremental update so we had an incremental update. And in this case, the employee has signed the document, but we are not limited to one signature. We can also add multiple signatures and again, we do this within and multi and through and incremental update. So now the legal department has also signed the document and if we take a look on the signature validation panel, we now see two revisions of the same documents. So the revision one was the right to create it after the employee signed the document. And the revision two was created directly after the legal Department of Science documents and we click on the revision one. I received a little bit more information about the sign of the signing time and we are able to display the document right after the employee has signed as scientists documents. And now we see the document without any further incremental updates. So this is a very useful feature to detect attacks on PDF signatures, calls further incremental updates are hidden, and this can be a very useful feature for many of our attacks, but not for OK, let's talk about the coverage of signatures. So we got our signed PDF document and our incremental updates contains the body updates and swift section opt in trail update. And we calculate we calculate the house value over the of the content and scientist hash value. So if we change anything in this protected area. So in the document itself, the hash value differs and so does leads to an invalid signature. If we sign this document twice now the second signature protects the whole document and the signature one remains untouched. So but we are able to modify a PDF document even as if assigned through an incremental update. So the signature does not always protect the whole document. So this is a very important part so let's talk about the core issues and we start with partial signatures. So story so far, our attacker is in a position of a signed PDF document, and he's able to manipulate this document and now he sends it to the victim and the attacker has changed the content of the of the period PDF document through an incremental update. So in this case, our victim is Amazon and the attacker want to trick Amazon into $1 million refunds. And since the signature was made by Amazon and signatures valid, of course, we will get this refund. No one will double check this OK, we already talked about incremental updates and the incremental saving attacker uses incremental updates to change the visible content of a signed PDF document. So our starting point is the sign PDF document and the attack on our apps and malicious body opted malicious except 6 million of trailer through an incremental update or a combination of these parts. And if we take a look on this document, we see again four parks and the object number four contains the contents. Three. So now the attacker wants to trick an employee and thinking he signs this document to get the reward, but he signs his own resignation. So so the employee wants his reward, of course, and signs this document and know the attacker changes exactly the call as the object number four, which contains original the the content of of this document to now you fire get out and we so this one is one simple attack vector of the incremental saving attack we got more complex one OK and yeah, incremental saving attack was one of three attack classes in the paper CCF paper from 2019 so in 2021 we introduced a new attack class called shadow attacks and now the attacker hides content with into the unsigned PDF documents or before the document assigns the attacker place and some hidden content which is not shown to the victim or not displayed to the victim. He now sends this document to the employee or to the victim and our case against the employee and of course, he wants this reward and signed this document and sends it back to the attacker. And now the attacker makes the hidden content visible. So the original content is hidden, and so the shadow content is now visible. And again, your fire get out immediately. Employee So our next core issue for today is the verification versus rendering problem. So a very useful features and PDFs are annotations. So we can use the stamp annotation to place an image as big as we want anywhere on the document. And we can add free text comments which means we can add text to the document. So and this can be used on certified documents, level three permission, level three but if the application do not check permission level correctly, we can do this and P one and two levels which now are in the losers analysis there were 11 of out of 26 application that do not check this level correctly. It's just an application but go wrong. Now the attacker wants to change the transfer data or replace the transfer data with on bank account informations. So we place a white image using a stamp annotation to highlight this original content and on the next step you add some free text annotation to our own bank account information. And since the modifications allowed through the permission level as the signature is still valid, but different content is displayed as a vector we already talked about the UI layer one, which is the signature about and UI Layer two, which is the signature validation panel. But and the contact of evil annotation of text, another UI less relevant. So the letter three contains a list of annotations that's added to the document. And of course a smart user can detect these changes and will not trust this document anymore. But we found a solution for this problem by just changing the the type of the annotation to one does not specify the specification. So we change three text to now and now the list is empty. OK, for the next topic, I am back to Vladislav. I think it yeah. Thanks. So we have now the two issues, the partial signatures and the signature values. Perhaps you might think PDFs are broken and this is the only format which is currently having problems with digital signatures. That's the reason why we included this section. Just to relax you and Zeman got Bath after the PDF Attacks on signatures and took a look on all the Fs on the open document forum. It it's an email based has. It's completely different than PDF and we were able also to find vulnerabilities there are by manipulating, allowing us to manipulate arbitrary content and even execute malicious and malicious code. Then we concentrated on the office open example and this will be published next year. So don't ask me about details for the next two months. But still they have also a lot of issues there. So it's not a problem of the PDF specification it's it's a problem which should be triggered now and should be addressed on basically every single document format handling a PDF signature digital signatures. So what have we learned in the last years and for us as a researchers, it's very interesting. We have an experience standards, a lot of features which can we use and also cryptography is there. So it's it will remain a relevant topic. And from user's point of view and our point of view PDFs are everywhere. So of course we need some motivation, but we need we don't need a lot of motivation to, to make it to convince the audience that PDFs are relevant parts of our lives now. So for this reason, Researcher will conclude we'll continue working on this area. During our research, we discovered some some stuff like, well, warnings or validation results. And the talk today was amazing showing that the signature validation status, it's not clear every time. So basically you see here a shortcut of the results of the signature validation. And during our research, our quite often we thought we broke some application. And because we just missed one single warning in panel three in the middle or down in the window. So it was quite an indication that something went wrong during the verification, but it was not easy to see it. And we currently are planning, planning also a usability study to see how good our really validations and our student just finished our work just mimicking a PDF signature. So a PDF which does not have any signature but has older panels and stuff. So you can barely see a difference. And it was quite fun to see that he was quite successful, but it depends on the supported features. So if you're interested they can show you in in the break and they explode and probably you can see if you can distinguish between signed and not signed PDF file and last but not least, and this is probably the most important part is that we are searching also on different areas like single sign on or authentication protocols and cryptographic protocols like tell us that is it is very easy for security experts to if we find someone liabilities, we just report them and say and tell the people see the best current practices ing to your US or some other protocol you violate step five and section six and just try to implement it better. And such kind of document does not exist for PDF as far as I know and such best current practices, it's very valuable thing. Currently you have a lot of applications say hundreds and you have hundreds. One possibilities to validate the signature. So I think a best or we think that a best current practices to summarizing the pitfalls which could be made. It's a valuable thing for the community. And for example, the IETF I've made a mistake for the old specification. They finalized the security considerations, so they published an RFP and they recognized that this was a very bad idea because security moves forward and they are not able to update the security considerations. So for this reason they published a draft and they never finalized this draft. So it's it's going to be forever for always a draft. And they updated every time some crazy guys report some new attacks and they include also the new security consideration. So it's a living document. They can update and the communities are hardly working on this document and constantly updating it. So if you are more interesting on attacks or on exploits which we reported a we are deployed everything every single information about PDF signatures publicly available or our exploits are also updated and so on. So you can update download text slides, download the verbal versions of the software and just have fun with them.