Abstract
Over the years, digital document signing, particularly PDF (Portable Document Format) document, has gained increasing demand in many applications. The PDF file has a flexible logical structure; therefore, an attacker can take advantage of it to create a polymorphic PDF file which contains the actual document and another hidden object. The polymorphic PDF can be interpreted correctly by both PDF parser and image parser. As a result, when a signer signs the polymorphic PDF content by seeing the original content of the PDF file, the attacker gets the intended content signed by the signer without the signer’s knowledge. In this paper, we present a detailed illustration on how a fraudulent document be signed by a legitimate signer with different versions of PDF Reader without his/her knowledge. We provide a countermeasure by which any one can detect the presence of any objects in the PDF file while opening the file with a PDF Reader.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
