The Community for Technology Leaders
Green Image
Issue No. 06 - Nov.-Dec. (2015 vol. 19)
ISSN: 1089-7801
pp: 46-53
Carlos J. Hernandez-Castro , Universidad Complutense de Madrid, Spain
Maria D. R-Moreno , Universidad de Alcalá, Spain
David F. Barrero , Universidad de Alcalá, Spain
ABSTRACT
Human interactive proofs (HIPs) are a basic security measure on the Internet to avoid several types of automatic attacks. A variety of designs have been proposed. Here, the authors focus on a new type of HIP, based on a puzzle completion scheme that has been created to increase security and usability: the Capy CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart). Analyzing its design, the authors find important flaws and weaknesses, and propose a low-cost, side-channel attack, using JPEG to measure the image's continuity. Their attack has a 65 percent success rate. After analyzing experimental results, they extended their approach to other puzzle CAPTCHAs, breaking them at 20 percent (KeyCAPTCHA) and 98 percent (Garb) success ratios.
INDEX TERMS
CAPTCHAs, Transform coding, Image color analysis, Image coding, Discrete cosine transforms, Internet
CITATION

C. J. Hernandez-Castro, M. D. R-Moreno and D. F. Barrero, "Using JPEG to Measure Image Continuity and Break Capy and Other Puzzle CAPTCHAs," in IEEE Internet Computing, vol. 19, no. 6, pp. 46-53, 2015.
doi:10.1109/MIC.2015.127
698 ms
(Ver 3.3 (11022016))