Abstract
Human interactive proofs (HIPs) are a basic security measure on the Internet to avoid several types of automatic attacks. A variety of designs have been proposed. Here, the authors focus on a new type of HIP, based on a puzzle completion scheme that has been created to increase security and usability: the Capy CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart). Analyzing its design, the authors find important flaws and weaknesses, and propose a low-cost, side-channel attack, using JPEG to measure the image's continuity. Their attack has a 65 percent success rate. After analyzing experimental results, they extended their approach to other puzzle CAPTCHAs, breaking them at 20 percent (KeyCAPTCHA) and 98 percent (Garb) success ratios.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
