{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,26]],"date-time":"2026-02-26T15:32:40Z","timestamp":1772119960928,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":58,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,11,6]],"date-time":"2019-11-06T00:00:00Z","timestamp":1572998400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"European Commission","award":["grant 700542-Future-Trust-H2020-DS-2015-1"],"award-info":[{"award-number":["grant 700542-Future-Trust-H2020-DS-2015-1"]}]},{"name":"European Regional Development Fund North Rhine-Westphalia (EFRE.NRW)","award":["MITSicherheit.NRW"],"award-info":[{"award-number":["MITSicherheit.NRW"]}]},{"name":"German Research Foundation (DFG)","award":["EXC 2092 CASA"],"award-info":[{"award-number":["EXC 2092 CASA"]}]},{"name":"State of North Rhine-Westfalia","award":["Human Centered System Security"],"award-info":[{"award-number":["Human Centered System Security"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,11,6]]},"DOI":"10.1145\/3319535.3354214","type":"proceedings-article","created":{"date-parts":[[2019,11,7]],"date-time":"2019-11-07T13:08:32Z","timestamp":1573132112000},"page":"15-29","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":15,"title":["Practical Decryption exFiltration"],"prefix":"10.1145","author":[{"given":"Jens","family":"M\u00fcller","sequence":"first","affiliation":[{"name":"Ruhr University Bochum, Bochum, Germany"}]},{"given":"Fabian","family":"Ising","sequence":"additional","affiliation":[{"name":"M\u00fcnster University of Applied Sciences, M\u00fcnster, Germany"}]},{"given":"Vladislav","family":"Mladenov","sequence":"additional","affiliation":[{"name":"Ruhr University Bochum, Bochum, Germany"}]},{"given":"Christian","family":"Mainka","sequence":"additional","affiliation":[{"name":"Ruhr University Bochum, Bochum, Germany"}]},{"given":"Sebastian","family":"Schinzel","sequence":"additional","affiliation":[{"name":"M\u00fcnster University of Applied Sciences, M\u00fcnster, Germany"}]},{"given":"J\u00f6rg","family":"Schwenk","sequence":"additional","affiliation":[{"name":"Ruhr University Bochum, Bochum, Germany"}]}],"member":"320","published-online":{"date-parts":[[2019,11,6]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"Adobe Systems. 2005. Acrobat JavaScript Scripting Guide.  Adobe Systems. 2005. Acrobat JavaScript Scripting Guide."},{"key":"e_1_3_2_2_2_1","unstructured":"Adobe Systems. 2008. Adobe Supplement to the ISO 32000 BaseVersion: 1.7 ExtensionLevel: 3.  Adobe Systems. 2008. Adobe Supplement to the ISO 32000 BaseVersion: 1.7 ExtensionLevel: 3."},{"key":"e_1_3_2_2_3_1","unstructured":"Adobe Systems. 2012. XMP Specification Part 1.  Adobe Systems. 2012. XMP Specification Part 1."},{"key":"e_1_3_2_2_4_1","unstructured":"John August. 2014. Try to open this PDF cont'd. https:\/\/johnaugust.com\/2014\/try-to-open-this-pdf-contd  John August. 2014. Try to open this PDF cont'd. https:\/\/johnaugust.com\/2014\/try-to-open-this-pdf-contd"},{"key":"e_1_3_2_2_5_1","unstructured":"CANON. 2019. PDF Encryption. https:\/\/www.canon.com.hk\/en\/business\/solution\/PDF_Security.jspx  CANON. 2019. PDF Encryption. https:\/\/www.canon.com.hk\/en\/business\/solution\/PDF_Security.jspx"},{"key":"e_1_3_2_2_6_1","volume-title":"Abhishek Vasisht Bhaskar, and Mu Zhang","author":"Carmony Curtis","year":"2016"},{"key":"e_1_3_2_2_7_1","volume-title":"Information Security","author":"Chen Ping"},{"key":"e_1_3_2_2_8_1","unstructured":"CipherMail. 2019. Email Encryption Gateway. https:\/\/www.ciphermail.com\/gateway.html  CipherMail. 2019. Email Encryption Gateway. https:\/\/www.ciphermail.com\/gateway.html"},{"key":"e_1_3_2_2_9_1","volume-title":"Cuteforce Analyzer: A Distributed Bruteforce Attack on PDF Encryption with GPUs and FPGAs. In 2013 International Conference on Availability, Reliability and Security. 720--725","author":"Danczul B.","year":"2013"},{"key":"e_1_3_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/3150376.3150379"},{"key":"e_1_3_2_2_11_1","doi-asserted-by":"crossref","unstructured":"P. Deutsch. 1996. DEFLATE Compressed Data Format Specification version 1.3. http:\/\/tools.ietf.org\/rfc\/rfc1951.txt RFC1951.  P. Deutsch. 1996. DEFLATE Compressed Data Format Specification version 1.3. http:\/\/tools.ietf.org\/rfc\/rfc1951.txt RFC1951.","DOI":"10.17487\/rfc1951"},{"key":"e_1_3_2_2_12_1","doi-asserted-by":"crossref","unstructured":"P. Deutsch and J-L. Gailly. 1996. ZLIB Compressed Data Format Specification version 3.3. http:\/\/tools.ietf.org\/rfc\/rfc1950.txt RFC1950.  P. Deutsch and J-L. Gailly. 1996. ZLIB Compressed Data Format Specification version 3.3. http:\/\/tools.ietf.org\/rfc\/rfc1950.txt RFC1950.","DOI":"10.17487\/rfc1950"},{"key":"e_1_3_2_2_13_1","unstructured":"Elcomsoft. 2007. Unlocking PDF. https:\/\/www.elcomsoft.com\/WP\/guaranteed_password_recovery_for_adobe_acrobat_en.pdf  Elcomsoft. 2007. Unlocking PDF. https:\/\/www.elcomsoft.com\/WP\/guaranteed_password_recovery_for_adobe_acrobat_en.pdf"},{"key":"e_1_3_2_2_14_1","unstructured":"Elcomsoft. 2008. ElcomSoft Claims Adobe Acrobat 9 Is a Hundred Times Less Secure. https:\/\/www.elcomsoft.com\/PR\/apdfpr_081126_en.pdf  Elcomsoft. 2008. ElcomSoft Claims Adobe Acrobat 9 Is a Hundred Times Less Secure. https:\/\/www.elcomsoft.com\/PR\/apdfpr_081126_en.pdf"},{"key":"e_1_3_2_2_15_1","volume-title":"27th USENIX Security Symposium (USENIX Security 18)","author":"Franken Gertjan","year":"2018"},{"key":"e_1_3_2_2_16_1","volume-title":"25th $$USENIX$$ Security Symposium ($$USENIX$$ Security 16). 655--672.","author":"Garman Christina"},{"key":"e_1_3_2_2_17_1","volume-title":"10th USENIX Workshop on Offensive Technologies (WOOT 16)","author":"Grothe Martin","year":"2016"},{"key":"e_1_3_2_2_18_1","volume-title":"10th $$USENIX$$ Workshop on Offensive Technologies ($$WOOT$$ 16).","author":"Grothe Martin"},{"key":"e_1_3_2_2_19_1","unstructured":"IBM. [n. d.]. BM Print Transforms from AFP forInfoprint Server for z\/OS V1.2.2. https:\/\/www-01.ibm.com\/servers\/resourcelink\/svc00100.nsf\/pages\/zOSV2R3G3252634\/$file\/aokfa00_v2r3.pdf  IBM. [n. d.]. BM Print Transforms from AFP forInfoprint Server for z\/OS V1.2.2. https:\/\/www-01.ibm.com\/servers\/resourcelink\/svc00100.nsf\/pages\/zOSV2R3G3252634\/$file\/aokfa00_v2r3.pdf"},{"key":"e_1_3_2_2_20_1","unstructured":"Alexander1 Inf\u00fchr. 2014. Multiple PDF Vulnerabilities -- Text and Pictures on Steroids. https:\/\/insert-script.blogspot.de\/2014\/12\/multiple-pdf-vulnerabilites-text-and.html  Alexander1 Inf\u00fchr. 2014. Multiple PDF Vulnerabilities -- Text and Pictures on Steroids. https:\/\/insert-script.blogspot.de\/2014\/12\/multiple-pdf-vulnerabilites-text-and.html"},{"key":"e_1_3_2_2_21_1","unstructured":"Alexander2 Inf\u00fchr. 2018. Adobe Reader PDF - Client Side Request Injection. https:\/\/insert-script.blogspot.de\/2018\/05\/adobe-reader-pdf-client-side-request.html  Alexander2 Inf\u00fchr. 2018. Adobe Reader PDF - Client Side Request Injection. https:\/\/insert-script.blogspot.de\/2018\/05\/adobe-reader-pdf-client-side-request.html"},{"key":"e_1_3_2_2_22_1","unstructured":"Innoport. [n. d.]. HIPAA Compliant Fax by Innoport. https:\/\/www.innoport.com\/hipaa-compliant-fax\/  Innoport. [n. d.]. HIPAA Compliant Fax by Innoport. https:\/\/www.innoport.com\/hipaa-compliant-fax\/"},{"key":"e_1_3_2_2_23_1","unstructured":"Tibor Jager Kenneth G Paterson and Juraj Somorovsky. 2013. One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography.. In NDSS.  Tibor Jager Kenneth G Paterson and Juraj Somorovsky. 2013. One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography.. In NDSS."},{"key":"e_1_3_2_2_24_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-33167-1_43"},{"key":"e_1_3_2_2_25_1","volume-title":"How To Break XML Encryption. In The 18th ACM Conference on Computer and Communications Security (CCS).","author":"Jager Tibor","year":"2011"},{"key":"e_1_3_2_2_26_1","doi-asserted-by":"crossref","unstructured":"M. Jones and J. Hildebrand. 2015. JSON Web Encryption (JWE). http:\/\/tools.ietf.org\/rfc\/rfc7516.txt RFC7516.  M. Jones and J. Hildebrand. 2015. JSON Web Encryption (JWE). http:\/\/tools.ietf.org\/rfc\/rfc7516.txt RFC7516.","DOI":"10.17487\/RFC7516"},{"key":"e_1_3_2_2_27_1","volume-title":"d.]. The Adobe eBook Case","author":"Komulainen Tommi"},{"key":"e_1_3_2_2_28_1","unstructured":"Encryptomatic LLC. 2019. Improving the Email Experience. https:\/\/www.encryptomatic.com\/pdfpostman\/  Encryptomatic LLC. 2019. Improving the Email Experience. https:\/\/www.encryptomatic.com\/pdfpostman\/"},{"key":"e_1_3_2_2_29_1","unstructured":"Locklizard. 2019. What is PDF encryption and how to encrypt PDF documents & files. https:\/\/www.locklizard.com\/pdf-encryption\/  Locklizard. 2019. What is PDF encryption and how to encrypt PDF documents & files. https:\/\/www.locklizard.com\/pdf-encryption\/"},{"key":"e_1_3_2_2_30_1","unstructured":"Vladislav Mladenov Christian Mainka Karsten Meyer zu Selhausen Martin Grothe and J\u00f6rg Schwenk. [n. d.]. 1 Trillion Dollar Refund -- How To Spoof PDF Signatures. ([n. d.]).  Vladislav Mladenov Christian Mainka Karsten Meyer zu Selhausen Martin Grothe and J\u00f6rg Schwenk. [n. d.]. 1 Trillion Dollar Refund -- How To Spoof PDF Signatures. ([n. d.])."},{"key":"e_1_3_2_2_31_1","volume-title":"Martin Grothe, and J\u00f6rg Schwenk.","author":"Mladenov Vladislav","year":"2019"},{"key":"e_1_3_2_2_32_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-00470-5_28"},{"key":"e_1_3_2_2_33_1","volume-title":"Re: What's Up Johnny? -- Covert Content Attacks on Email End-to-End Encryption. https:\/\/arxiv.org\/ftp\/arxiv\/papers\/1904\/1904.07550.pdf.","author":"M\u00fcller Jens","year":"2019"},{"key":"e_1_3_2_2_34_1","unstructured":"NoSpamProxy. 2019. Simple Email Encryption. https:\/\/www.nospamproxy.de\/en\/product\/nospamproxy-encryption\/  NoSpamProxy. 2019. Simple Email Encryption. https:\/\/www.nospamproxy.de\/en\/product\/nospamproxy-encryption\/"},{"key":"e_1_3_2_2_35_1","unstructured":"U.S. Department of Justice. 2016. Standard Form 750 -- Claims Collection Litigation Report Instructions 2\/16. https:\/\/www.justice.gov\/jmd\/file\/789246\/download  U.S. Department of Justice. 2016. Standard Form 750 -- Claims Collection Litigation Report Instructions 2\/16. https:\/\/www.justice.gov\/jmd\/file\/789246\/download"},{"key":"e_1_3_2_2_36_1","unstructured":"Thom Parker. 2006. How to do (not so simple) form calculations. https:\/\/acrobatusers.com\/tutorials\/print\/how-to-do-not-so-simple-form-calculations  Thom Parker. 2006. How to do (not so simple) form calculations. https:\/\/acrobatusers.com\/tutorials\/print\/how-to-do-not-so-simple-form-calculations"},{"key":"e_1_3_2_2_37_1","unstructured":"PDFlib. [n. d.]. PDF 2.0 (ISO 32000--2): Existing Acrobat Features. https:\/\/www.pdflib.com\/pdf-knowledge-base\/pdf-20\/existing-acrobat-features\/  PDFlib. [n. d.]. PDF 2.0 (ISO 32000--2): Existing Acrobat Features. https:\/\/www.pdflib.com\/pdf-knowledge-base\/pdf-20\/existing-acrobat-features\/"},{"key":"e_1_3_2_2_38_1","volume-title":"27th USENIX Security Symposium (USENIX Security 18)","author":"Poddebniak Damian","year":"2018"},{"key":"e_1_3_2_2_39_1","volume-title":"Hiding Malicious Content in PDF Documents. CoRR","author":"Popescu Dan-Sabin","year":"2012"},{"key":"e_1_3_2_2_40_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-009-0128-2"},{"key":"e_1_3_2_2_41_1","unstructured":"Check Point Research. 2018. NTLM Credentials Theft via PDF Files. https:\/\/research.checkpoint.com\/ntlm-credentials-theft-via-pdf-files\/  Check Point Research. 2018. NTLM Credentials Theft via PDF Files. https:\/\/research.checkpoint.com\/ntlm-credentials-theft-via-pdf-files\/"},{"key":"e_1_3_2_2_42_1","unstructured":"Ricoh. [n. d.]. Multifunctional Products and Printers for Healthcare. http:\/\/brochure.copiercatalog.com\/ricoh\/mp501spftl.pdf  Ricoh. [n. d.]. Multifunctional Products and Printers for Healthcare. http:\/\/brochure.copiercatalog.com\/ricoh\/mp501spftl.pdf"},{"key":"e_1_3_2_2_43_1","unstructured":"Rimage. [n. d.]. Rimage encryption options keep your data secure. https:\/\/www.rimage.com\/emea\/learn\/tips-tools\/encryption-keeps-data-secure\/  Rimage. [n. d.]. Rimage encryption options keep your data secure. https:\/\/www.rimage.com\/emea\/learn\/tips-tools\/encryption-keeps-data-secure\/"},{"key":"e_1_3_2_2_44_1","unstructured":"Billy Rios Federico Lanusse and Mauro Gentile. 2013. Adobe Reader Same-Origin Policy Bypass. http:\/\/www.sneaked.net\/adobe-reader-same-origin-policy-bypass  Billy Rios Federico Lanusse and Mauro Gentile. 2013. Adobe Reader Same-Origin Policy Bypass. http:\/\/www.sneaked.net\/adobe-reader-same-origin-policy-bypass"},{"key":"e_1_3_2_2_45_1","unstructured":"Samsung MFP Security. [n. d.]. White Paper: Samsung Security Framework. http:\/\/www8.hp.com\/h20195\/v2\/GetPDF.aspx\/c05814811.pdf  Samsung MFP Security. [n. d.]. White Paper: Samsung Security Framework. http:\/\/www8.hp.com\/h20195\/v2\/GetPDF.aspx\/c05814811.pdf"},{"key":"e_1_3_2_2_46_1","first-page":"2004","article-title":"eBooks security-theory and practice","volume":"1","author":"Sklyarov Dmitry","year":"2001","journal-title":"DEFCon. Retrieved March"},{"key":"e_1_3_2_2_47_1","unstructured":"STOIK Soft. 2019. Mobile Doc Scanner (MDScan)  STOIK Soft. 2019. Mobile Doc Scanner (MDScan)"},{"key":"e_1_3_2_2_48_1","unstructured":"OCR. https:\/\/play.google.com\/store\/apps\/details?id=com.stoik.mdscan  OCR. https:\/\/play.google.com\/store\/apps\/details?id=com.stoik.mdscan"},{"key":"e_1_3_2_2_49_1","unstructured":"Didier Stevens. 2017. Cracking Encrypted PDFs. https:\/\/blog.didierstevens.com\/2017\/12\/26\/cracking-encrypted-pdfs-part-1\/  Didier Stevens. 2017. Cracking Encrypted PDFs. https:\/\/blog.didierstevens.com\/2017\/12\/26\/cracking-encrypted-pdfs-part-1\/"},{"key":"e_1_3_2_2_50_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-63688-7_19"},{"key":"e_1_3_2_2_51_1","volume-title":"version 1.7","author":"Systems Adobe"},{"key":"e_1_3_2_2_52_1","unstructured":"Adobe Systems. 2017. Displaying 3D models in PDFs. https:\/\/helpx.adobe.com\/acrobat\/using\/displaying-3d-models-pdfs.html  Adobe Systems. 2017. Displaying 3D models in PDFs. https:\/\/helpx.adobe.com\/acrobat\/using\/displaying-3d-models-pdfs.html"},{"key":"e_1_3_2_2_53_1","unstructured":"Adobe Systems. 2019 a. Applying actions and scripts to PDFs. https:\/\/helpx.adobe.com\/acrobat\/using\/applying-actions-scripts-pdfs.html  Adobe Systems. 2019 a. Applying actions and scripts to PDFs. https:\/\/helpx.adobe.com\/acrobat\/using\/applying-actions-scripts-pdfs.html"},{"key":"e_1_3_2_2_54_1","unstructured":"Adobe Systems. 2019 b. How to fill in PDF forms. https:\/\/helpx.adobe.com\/en\/acrobat\/using\/filling-pdf-forms.html  Adobe Systems. 2019 b. How to fill in PDF forms. https:\/\/helpx.adobe.com\/en\/acrobat\/using\/filling-pdf-forms.html"},{"key":"e_1_3_2_2_55_1","unstructured":"Adobe Systems. 2019 c. Starting a PDF review. https:\/\/helpx.adobe.com\/acrobat\/using\/starting-pdf-review.html  Adobe Systems. 2019 c. Starting a PDF review. https:\/\/helpx.adobe.com\/acrobat\/using\/starting-pdf-review.html"},{"key":"e_1_3_2_2_56_1","volume-title":"Malicious URI resolving in PDF Documents. Blackhat Abu Dhabi","author":"Valentin H.","year":"2012"},{"key":"e_1_3_2_2_57_1","unstructured":"VITRIUM. 2019. Image Protection. https:\/\/www.vitrium.com\/image-protection-drm\/  VITRIUM. 2019. Image Protection. https:\/\/www.vitrium.com\/image-protection-drm\/"},{"key":"e_1_3_2_2_58_1","unstructured":"Wibu-Systems. 2019. PDF Protection. https:\/\/www.wibu.com\/solutions\/document-protection\/pdf.html  Wibu-Systems. 2019. PDF Protection. https:\/\/www.wibu.com\/solutions\/document-protection\/pdf.html"}],"event":{"name":"CCS '19: 2019 ACM SIGSAC Conference on Computer and Communications Security","location":"London United Kingdom","acronym":"CCS '19","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3319535.3354214","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3319535.3354214","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:24:02Z","timestamp":1750202642000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3319535.3354214"}},"subtitle":["Breaking PDF Encryption"],"short-title":[],"issued":{"date-parts":[[2019,11,6]]},"references-count":58,"alternative-id":["10.1145\/3319535.3354214","10.1145\/3319535"],"URL":"https:\/\/doi.org\/10.1145\/3319535.3354214","relation":{},"subject":[],"published":{"date-parts":[[2019,11,6]]},"assertion":[{"value":"2019-11-06","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}