Title :
Using JPEG to Measure Image Continuity and Break Capy and Other Puzzle CAPTCHAs
Author :
Hernandez-Castro, Carlos J. ; R-Moreno, Maria D. ; Barrero, David F.
Author_Institution :
Univ. Complutense de Madrid, Madrid, Spain
Abstract :
Human interactive proofs (HIPs) are a basic security measure on the Internet to avoid several types of automatic attacks. A variety of designs have been proposed. Here, the authors focus on a new type of HIP, based on a puzzle completion scheme that has been created to increase security and usability: the Capy CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart). Analyzing its design, the authors find important flaws and weaknesses, and propose a low-cost, side-channel attack, using JPEG to measure the image´s continuity. Their attack has a 65 percent success rate. After analyzing experimental results, they extended their approach to other puzzle CAPTCHAs, breaking them at 20 percent (KeyCAPTCHA) and 98 percent (Garb) success ratios.
Keywords :
Internet; data compression; image coding; security of data; Capy CAPTCHA; Internet security; JPEG; completely automated public turing test to tell computers and humans apart; human interactive proofs; image continuity; image recomposition CAPTCHA; puzzle CAPTCHA; side-channel attack; CAPTCHAs; Discrete cosine transforms; Image coding; Image color analysis; Internet; Transform coding; CAPTCHA; HIP; Internet/Web technologies; JPEG; authentication; image processing; puzzle; recomposition; side channel;
Journal_Title :
Internet Computing, IEEE
DOI :
10.1109/MIC.2015.127
