CAPTCHA: Using Hard AI Problems for Security

Ahn, Luis von; Blum, Manuel; Hopper, Nicholas; Langford, John

doi:10.1007/3-540-39200-9_18

Cited by 898 publications

(558 citation statements)

References 8 publications

Supporting

Mentioning

514

Contrasting

Unclassified

Order By: Relevance

“…We show that, even in this setting, if no efficient algorithm can solve a single puzzle with probability much more than ε, then no efficient algorithm can simultaneously solve n puzzles with probability much more than ε n , which is essentially optimal. 1 We also show that the weak verifiability property is essential for obtaining such a general hardness amplification result: We exhibit an example of puzzles that are not even weakly verifiable, and where the probability of solving multiple instances is the same as the probability of solving a single instance.…”

Section: Introductionmentioning

confidence: 90%

“…One example of weakly verifiable puzzles is the notion of computer-generated inverse Turing tests, or CAPTCHAs [11,1]. These are distribution of puzzles that are easily solvable by humans, but are assumed to be solvable by computers only with small (albeit noticeable) probability.…”

Section: Introductionmentioning

confidence: 99%

“…Still, CAPTCHAs are weakly verifiable, as it is possible to efficiently generate a CAPTCHA together with its unique solution. In the work of von-Ahn et al [1], they suggests sequential repetition as a method of hardness amplification for CAPTCHAs. Our work indicates that parallel repetition can be used as well.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Hardness Amplification of Weakly Verifiable Puzzles

Canetti¹,

Halevi²,

Steiner³

2005

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Is it harder to solve many puzzles than it is to solve just one? This question has different answers, depending on how you define puzzles. For the case of inverting one-way functions it was shown by Yao that solving many independent instances simultaneously is indeed harder than solving a single instance (cf. the transformation from weak to strong one-way functions). The known proofs of that result, however, use in an essential way the fact that for one-way functions, verifying candidate solutions to a given puzzle is easy. We extend this result to the case where solutions are efficiently verifiable only by the party that generated the puzzle. We call such puzzles weakly verifiable. That is, for weakly verifiable puzzles we show that if no efficient algorithm can solve a single puzzle with probability more than ε, then no efficient algorithm can solve n independent puzzles simultaneously with probability more than ε n . We also demonstrate that when the puzzles are not even weakly verifiable, solving many puzzles may be no harder than solving a single one. Hardness amplification of weakly verifiable puzzles turns out to be closely related to the reduction of soundness error under parallel repetition in computationally sound arguments. Indeed, the proof of Bellare, Impagliazzo and Naor that parallel repetition reduces soundness error in threeround argument systems implies a result similar to our first result, albeit with considerably worse parameters. Also, our second result is an adaptation of their proof that parallel repetition of four-round systems may not reduce the soundness error.

show abstract

Section: Introductionmentioning

confidence: 90%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Hardness Amplification of Weakly Verifiable Puzzles

Canetti¹,

Halevi²,

Steiner³

2005

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…Current anti-spam technologies, such as "captchas" [14], precludes the possibility of creating user accounts automatically in the external service. Thus, a different approach is required.…”

Section: Automatic User Creationmentioning

confidence: 99%

User identity issues in mashups for learning experiences using IMS Learning Design

de-la-Fuente-Valentín

Leony

Pardo

et al. 2011

IJTEL

View full text Add to dashboard Cite

The combination of services that provide personal information in technologies such as educational mashups brings some issues in the management of users' identity and authorization. This article presents a scenario based on the fact that an IMS LD server requires information relevant to each learner, and this information is provided by external services. This scenario allows to describe the problems of user correspondence, authenticated data retrieval, and remote account creation; a solution using technologies currently available is provided for each, as well as recommendations to take into account in similar scenarios.

show abstract

“…Another often mentioned technology in relation to spam is captcha (Completely Automated Public Turing Test to Tell Computer and Humans Apart) [3]. It is not a technology to counter spam per se but nowadays it is often used to prevent bots from accessing certain information or pages.…”

Section: Previous Workmentioning

confidence: 99%

Enforcing Email Addresses Privacy Using Tokens

Schlegel

Vaudenay

2005

Information Security and Cryptology

View full text Add to dashboard Cite

Abstract. We propose a system which allows users to monitor how their email addresses are used and how they spread over the Internet. This protects the privacy of the user and can reduce the SPAM phenomenon. Our solution does not require changes to the email infrastructure, can be set up by the end user on an individual basis and is compatible with any email client as long as emails are centralized on a server (e.g. an IMAP server). Nevertheless, it requires that people use email messaging quite differently.

show abstract

CAPTCHA: Using Hard AI Problems for Security

Cited by 898 publications

References 8 publications

Hardness Amplification of Weakly Verifiable Puzzles

Hardness Amplification of Weakly Verifiable Puzzles

User identity issues in mashups for learning experiences using IMS Learning Design

Enforcing Email Addresses Privacy Using Tokens

Contact Info

Product

Resources

About