You are on page 1of 31


An AI approach to cryptography
Vulnerabilities, Threats, Controls
2 Precursors
4 Proposals
6 General Approaches
3 Deployment Options
If time: issues and links
HTTP does not distinguish between
human & machine users.
HTTP & SSL do not guarantee client
software or user is benign.
Malicious bots can be anonymous and
Benign bots spider for searches, etc.
Threats to Web
Content Theft-- stealing paid data
Copyright Infringement-- “scraping” content
from one site to display on another, “out of
Unwanted spidering-- search engines may
ignore robots.txt or “nofollow” tags
Poll Stuffing-- MIT vs. CMU on /. [1]
Web Spam-- unsolicited commenting,
abusing free email, scraping addresses
Web Spam
Web comments, discussions, guest
books, Wikis, many public forms are
open to spam messages.
More eyeballs per message than e-mail
E-mail spam is illegal, but most Web
spam is legal.
Bots collect email addresses on Web.
Google-- more links, higher ranking
Profit-- ads for real product/service
Phishing-- bait and switch for identity
theft, financial theft
Astroturfing-- promote agenda by
simulating “grassroots” word-of-mouth
Vandalism-- competition, damage,
thrill, revenge, activism, etc.
Cracked Controls
IP tracking/banning-- repurposed DDoS
scripts; IP masking, hijacking
User Authentication-- if not easily
cracked, use service like
Moderation (human review)-- script
makes own moderator account in DB
Good start, but may need more.
Acronym for Completely Automated
Public Turing test to tell Computers &
Humans Apart-- Dr. Manuel Blum
Reverse Turing test-- computers finding
humans, not humans finding computers
A category, not a specific solution
Unpublished manuscript by Moni Naor
first mentions automated Turing test in
1997, but not proposed or formalized.
Altavista patent in 1998 first practical
example of using slightly distorted
images of text to deter bots, but only
defeats stock OCR, not custom OCR
In 2000, formalized by Luis von Ahn
, Manuel Blum & Nicholas J. Hopper of Carne
“A CAPTCHA is a cryptographic
protocol whose underlying hardness
assumption is based on an AI problem.”
If cracked, AI is advanced because a
very difficult (unsolved) AI problem has
been solved;
If not cracked, steganographic
cryptography is advanced [1] Proposals
Gimpy-- text distortion used by Yahoo!
(routinely cracked & improved)
Bongo-- visual puzzle, like Mensa tests
(if 4 options, guess works 25%)
Pix-- photographic recognition (need
large image DB, or Google API)
Sounds-- voice synthesis, distortion
Images of distorted text.
Frequently cracked and
In current version, 5 pairs of
overlapped words. User
identifies 3 words.
Random placement, font,
distortion, background pattern
Overlapping words need no
Visual puzzle
Computer can generate &
display, but not solve.
If too many choices,
humans get it wrong.
If not enough choices,
computers can be effective
with random guess.
Photo Recognition
Need large image DB
Images need keywords
Four images with same keyword shown
Random subset of keywords as choices
Poor implementations easy to crack
(color of top left pixel unique, etc.)
General Approaches
Text (ASCII/Unicode)
Combinations of all above
ASCII/Unicode ©4Pt¢h4
Change text to look-alike: SPAM is $P4M.
Fools simplest text matching.
Accented or non-English chars: Spám
Chars to words: --> uce at ftc
dot gov
URL/HTML entities: COPY becomes
¢0Ρ¥ or %430P%59
Better than nothing, but easy to crack
It is not technically CAPTCHA
Presents one-time-password as an image
humans can read, but not scripts
If image is too simple, OCR can crack; too
complex, human cannot read.
To beat OCR, vary position, warp, noise,
background, colors, overlap, randomness,
font, angles, language, methods used
Show filtered photos as well as words
Can deny accessibility to vision-impaired…
Considering Accessibility
Government and everyone who does business with
government must meet federal accessibility
standards for disabilities. Serious legal penalties.
Professional ethics requires everyone else to do the
same, with lesser consequences.
Often ignored by amateurs, but at risk of being
considered rude.
Very few CAPTCHAs are “accessible.”
Solution (W3C): use both image & speech, manual
approval; but chain only strong as weakest link.
Usually spells out one-time-password in
synthesized or recorded voices
Voice recognition cracks simple case.
Applied audio filters risk human
Used with image CAPTCHA for
increased accessibility.
If both use same OTP, easier to crack.
Animated CAPTCHA
Can use Flash, MPEG, animated GIF
Often combined with speech
Weaknesses of Image CAPTCHA apply
Usually easier to crack due to extra data
for pattern matching to analyze
Much higher processor and traffic load
Not practical in most cases
Renders OTP in 3D space to image
Reputedly the most difficult to crack
Server needs good graphics card to be
practical (rare)
Can be combined with other methods
Not yet common (tEABAG_3D)
Might see more in future
Circumventing CAPTCHA
Social engineering can foil most
Scrape captcha from origin, pose to
human for free access to other content
(adult, news, search, blogs)
User unaware of helping spammers
Even simplest CAPTCHA can beat vast
majority of scripts
Even best CAPTCHA can be cracked
by dedicated, sophisticated coders
Weigh strength vs. cost (compute
cycles, bandwidth, dollars)
Be careful not to violate accessibility
laws or open new holes.
Deploying CAPTCHA
Install existing software (pro or free)
Use remote CAPTCHA service
Develop own CAPTCHA or customize
open source scripts.
Existing Software
Hundreds or thousands of options
Narrow choices by price, server
requirements, standards compliance,
third-party testing results
Big targets— cracking a popular control
opens hundreds of sites to spammers
Like antivirus, ineffective unless
frequently updated.
CAPTCHA Svc Providers
Work even with servers not configured to
generate images or sound.
Server sends encrypted OTP to service,
which sends image to client.
Code is easy to embed (botblock)
Service updates itself automatically.
Saves bandwidth and processor time. (experimental, but free)
Trust issues when outsourcing security.
Starting from Open Source or public domain
code, not too difficult to customize.
Customizing can make your implementation
resistant to all but direct assaults.
CAPTCHA volunteers may help you test and
improve your algorithm.
Can be stronger than using a service or
preconfigured software.
CAPTCHA Beyond the Web
Prevent dictionary attacks in any
password system (Pinkas & Sander)
Protect e-mail systems from worms,
spam, other malware-- if sender not in
address book or message is suspect,
challenge sender with CAPTCHA.
Deter unwanted macro-scripting of a
standalone application.
My Project
Survey CAPTCHA alternatives.
Select and install one.
Test on MAMP (Mac / PHP)
Deploy on LAMP (Linux)
Evaluate and submit to my company for
use with Wiki-based CMS
Project Status
Several false starts
First few selections either did not install,
did not meet requirements or failed
accessibility tests
Best bet now is on the service at
Asked for two-week extension to finish
installation and paper.