CAPTCHA: using hard AI problems for security
Luis von Ahn,Manuel Blum,Nicholas Hopper,John Langford +3 more
- pp 294-311
Reads0
Chats0
TLDR
This work introduces captcha, an automated test that humans can pass, but current computer programs can't pass; any program that has high success over a captcha can be used to solve an unsolved Artificial Intelligence (AI) problem; and provides several novel constructions of captchas, which imply a win-win situation.Abstract:
We introduce captcha, an automated test that humans can pass, but current computer programs can't pass: any program that has high success over a captcha can be used to solve an unsolved Artificial Intelligence (AI) problem. We provide several novel constructions of captchas. Since captchas have many applications in practical security, our approach introduces a new class of hard problems that can be exploited for security purposes. Much like research in cryptography has had a positive impact on algorithms for factoring and discrete log, we hope that the use of hard AI problems for security purposes allows us to advance the field of Artificial Intelligence. We introduce two families of AI problems that can be used to construct captchas and we show that solutions to such problems can be used for steganographic communication. captchas based on these AI problem families, then, imply a win-win situation: either the problems remain unsolved and there is a way to differentiate humans from computers, or the problems are solved and there is a way to communicate covertly on some channels.read more
Citations
More filters
Journal ArticleDOI
General framework, opportunities and challenges for crowdsourcing techniques: A Comprehensive survey
TL;DR: A systematic survey of crowdsourcing in focussing emerging techniques and approaches for improving conventional and developing future crowdsourcing systems is presented and a framework based on three major components is proposed.
Proceedings ArticleDOI
CALD: Surviving Various Application-Layer DDoS Attacks That Mimic Flash Crowd
TL;DR: The design and implementation of CALD is presented, an architectural extension to protect Web servers against various DDoS attacks that masquerade as flash crowds and keeps maximum performance on the kernel web services, regardless of the harassment from DDoS.
Proceedings Article
Towards Human Interactive Proofs in the text-domain: Using the problem of sense-ambiguity for security
TL;DR: This work describes the construction of an HIP that relies solely on natural language and draws its security from the problem of word-sense ambiguity, i.e., the linguistic phenomenon that a word can have different meanings dependent on the context it is used in.
Journal ArticleDOI
A platform for crowdsourcing the creation of representative, accurate landcover maps
Lyndon Estes,D. McRitchie,Jonathan Choi,Stephanie R. Debats,Tom Evans,W. Guthe,D. Luo,G. Ragazzo,R. Zempleni,Kelly K. Caylor +9 more
TL;DR: An open-sourced platform that serves representative samples of high resolution imagery to an online job market, where workers delineate individual landcover features of interest, and a crowdsourcing platform that uses human pattern recognition skill to create accurate, geometrically rich landcover maps.
Journal ArticleDOI
AI-Complete CAPTCHAs as Zero Knowledge Proofs of Access to an Artificially Intelligent System
TL;DR: This paper proposes a method based on the combination of zero knowledge proofs and provably AI-complete CAPTCHA problems to show that a superintelligent system has been constructed without having to reveal the system itself.
References
More filters
Journal ArticleDOI
Telling humans and computers apart automatically
TL;DR: In this paper, lazy cryptographers do AI and show how lazy they can be, and how they do it well, and why they do so poorly, and they are lazy.
Proceedings ArticleDOI
Securing passwords against dictionary attacks
Benny Pinkas,Tomas Sander +1 more
TL;DR: The key idea is to efficiently combine traditional password authentication with a challenge that is very easy to answer by human users, but is (almost) infeasible for automated programs attempting to run dictionary attacks.
Patent
Method for selectively restricting access to computer systems
TL;DR: In this paper, a computerized method selectively accepts access requests from a client computer connected to a server computer by a network is proposed, where the server computer receives an access request from the client computer and generates a predetermined number of random characters.
Journal ArticleDOI
Pessimal print: a reverse Turing test
TL;DR: This work proposes a variant of the Turing test using pessimal print: that is, low-quality images of machine-printed text synthesized pseudo-randomly over certain ranges of words, typefaces, and image degradations and shows experimentally that judicious choice of these ranges can ensure that the images are legible to human readers but illegible to several of the best present-day optical character recognition (OCR) machines.
Book ChapterDOI
Provably Secure Steganography
TL;DR: In this article, the authors introduce definitions based on computational indistinguishability and prove that the existence of one-way functions implies secure steganographic protocols, and they also prove that secure protocols can be constructed from a complexity-theoretic point of view.