Security analysis on digital signature function implemented in PDF software

Authors:
Sunwoo Park;Changbin Lee;Kwangwoo Lee;Jeeyeon Kim;Youngsook Lee;Dongho Won
Affiliations:
Information Security Group, Sungkyunkwan University, Republic of Korea;Information Security Group, Sungkyunkwan University, Republic of Korea;Information Security Group, Sungkyunkwan University, Republic of Korea;Information Security Group, Sungkyunkwan University, Republic of Korea;Department of Cyber Investigation Police, Howon University, Republic of Korea;Information Security Group, Sungkyunkwan University, Republic of Korea
Venue:
FGIT'11 Proceedings of the Third international conference on Future Generation Information Technology
Year:
2011

Citing 7
Cited 0

A Forward-Secure Digital Signature Scheme

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
A Certified Digital Signature

CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
On Certificate Revocation and Validation

FC '98 Proceedings of the Second International Conference on Financial Cryptography
Security analysis of efficient (Un-) fair non-repudiation protocols

Formal Aspects of Computing
Certificate revocation and certificate update

SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
A PKI system for detecting the exposure of a user’s secret key

EuroPKI 2006 Proceedings of the Third European conference on Public Key Infrastructure: theory and Practice
A method for detecting the exposure of OCSP responder's session private key in D-OCSP-KIS

EuroPKI'05 Proceedings of the Second European conference on Public Key Infrastructure

Quantified Score

Hi-index	0.00

Visualization

Abstract

Recently, electronic documents are deployed in many areas, thanks to their cost-efficiency and utility. However, trust concerns arise owing to the hardness of detecting document modification. To solve these concerns, many document processing software provide digital signature function. However, not much research was done to diagnose the security of implemented digital signature. Therefore, in this paper, we analyze the security of digital signature function implemented in PDF software including Adobe Acrobat, Nuance PDF Converter, and Foxit Phantom, and propose a list of recommendations for PDF software developers.