Cryptography Using Captcha Puzzles

نویسندگان

  • Abishek Kumarasubramanian
  • Rafail Ostrovsky
  • Omkant Pandey
  • Akshay Wadia
چکیده

A Captcha is a puzzle that is easy for humans but hard to solve for computers. A formal framework, modelling Captcha puzzles (as hard AI problems), was introduced by Ahn, Blum, Hopper, and Langford ([ABHL03], Eurocrypt 2003). Despite their attractive features and wide adoption in practice, the use of Captcha puzzles for general cryptographic applications has been limited. In this work, we explore various ways to formally model Captcha puzzles and their human component and explore new applications for Captcha. We show that by defining Captcha with additional (strong but realistic) properties, it is possible to broaden Captcha applicability, including using it to learning a machine’s “secret internal state.” To facilitate this, we introduce the notion of an human-extractable Captcha, which we believe may be of independent interest. We show that this type of Captcha yields a constant round protocol for fully concurrent non-malleable zeroknowledge. To enable this we also define and construct a Captchabased commitment scheme which admits “straight line” extraction. We also explore Captcha definitions in the setting of Universal Composability (UC). We show that there are two (incomparable) ways to model Captcha within the UC framework that lead to different results. In particular, we show that in the so called indirect access model, for every polynomial time functionality F there exists a protocol that UC-realizes F using human-extractable Captcha, while for the so-called direct access model, UC is impossible, even with the help of human-extractable

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Mitigating Dictionary Attacks on Password-Protected Local Storage

We address the issue of encrypting data in local storage using a key that is derived from the user’s password. The typical solution in use today is to derive the key from the password using a cryptographic hash function. This solution provides relatively weak protection, since an attacker that gets hold of the encrypted data can mount an off-line dictionary attack on the user’s password, thereb...

متن کامل

Countering Phishing Threats using Visual Cryptography

Phishing is an attempt by an individual or a group to get personal confidential information such as passwords, credit card information from unsuspecting victims for identity theft, financial gain and other fraudulent activities. Fake websites which appear very similar to the original ones are being hosted to achieve this. In this paper we have proposed a new approach named as "Countering Phishi...

متن کامل

Visual Cryptography Scheme to Predict Phishing Sites

Phishing is an attempt by an individual or a group to thieve personal confidential information such as passwords, credit card information etc from unsuspecting victims for identity theft, financial gain and other fraudulent activities. In this paper we have proposed a new approach named as "A Novel Antiphishing framework based on visual cryptography" to solve the problem of phishing. Here an im...

متن کامل

Anti-Phishing Image Captcha Validation Scheme using Visual Cryptography

Evolution in the world of internet has given rise to several online attacks and the most common attack is phishing. Victims are tricked into providing such information by a combination of spoofing techniques and social engineering. Phishing is an attempt by an individual or a group to acquire sensitive information such as usernames, passwords, and credit card details from unsuspecting victims. ...

متن کامل

How to Pair with a Human

We introduce a protocol, that we call Human Key Agreement, that allows pairs of humans to establish a key in a (seemingly hopeless) case where no public-key infrastructure is available, the users do not share any common secret, and have never been connected by any physically-secure channel. Our key agreement scheme, while vulnerable to the human-in-themiddle attacks, is secure against any malic...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2012