1 Trillion Dollar Refund– How To Spoof PDF Signatures


Konferenz / Medium

Research Hub

Research Hub A: Kryptographie der Zukunft
Research Hub C: Sichere Systeme
Research Hub D: Benutzerfreundlichkeit

Research Challenges

RC 8: Security with Untrusted Components


The Portable Document Format (PDF) is the de-facto standard for document exchange worldwide. To guarantee the authenticity and integrity of documents, digital signatures are used. Several public and private services ranging from governments, public enterprises, banks, and payment services rely on the security of PDF signatures. In this paper, we present the first comprehensive security evaluation on digital signatures in PDFs. We introduce three novel attack classes which bypass the cryptographic protection of digitally signed PDF files allowing an attacker to spoof the content of a signed PDF. We analyzed 22 different PDF viewers and found 21 of them to be vulnerable, including prominent and widely used applications such as Adobe Reader DC and Foxit. We additionally evaluated eight online validation services and found six to be vulnerable. A possible explanation for these results could be the absence of a standard algorithm to verify PDF signatures – each client verifies signatures differently, and attacks can be tailored to these differences. We, therefore, propose the standardization of a secure verification algorithm, which we describe in this paper. All findings have been responsibly disclosed, and the affected vendors were supported during fixing the issues. As a result, three generic CVEs for each attack class were issued [50–52]. Our research on PDF signatures and more information is also online available at


Asymmetric Cryptography
Software Security
Usable Security and Privacy