User-friendly, affordable, and packed with different features, DocHub is a healthy and cost-efficient alternative to ADSS Signing Server. Try it now and learn how to squeeze the maximum of our solution with easy-to-use feature shortcuts.
hello everyone and welcome to the talk shadow attacks hiding and replacing content in signed pdfs my name is christian and this is a joint work with vladislav and simon we are all researchers at war university boho so what are shadow attacks in the next 15 minutes i will show you an attack concept on digitally redesigned pdfs so the basic concept is as follows you have a signed pdf which has some obviously harmless content and assigner will most probably sign this because in this case he wants to get the reward normally this pdf is protected and you cannot change anything in this pdf but there are some specific changes that are allowed due to the pdf specification and we abuse these allowed changes to modify the content to show something complete differently this is a shadow attack so lets have a look at shadow attacks at the goals and the prerequisites so in a shadow attack we have an attacker suppose im the attacker in this case and we have a signer so for example my colleague vla