Human-artificial intelligence approaches for secure analysis in CAPTCHA codes

CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) has long been used to keep automated bots from misusing web services by leveraging human-artificial intelligence (HAI) interactions to distinguish whether the user is a human or a computer program. Various CAPTCHA schemes have been proposed over the years, principally to increase usability and security against emerging bots and hackers performing malicious operations. However, automated attacks have effectively cracked all common conventional schemes, and the majority of present CAPTCHA methods are also vulnerable to human-assisted relay attacks. Invisible reCAPTCHA and some approaches have not yet been cracked. However, with the introduction of fourth-generation bots accurately mimicking human behavior, a secure CAPTCHA would be hardly designed without additional special devices. Almost all cognitive-based CAPTCHAs with sensor support have not yet been compromised by automated attacks. However, they are still compromised to human-assisted relay attacks due to having a limited number of challenges and can be only solved using trusted devices. Obviously, cognitive-based CAPTCHA schemes have an advantage over other schemes in the race against security attacks. In this study, as a strong starting point for creating future secure and usable CAPTCHA schemes, we have offered an overview analysis of HAI between computer users and computers under the security aspects of open problems, difficulties, and opportunities of current CAPTCHA schemes.Web of Science20221art. no.

Designing Proof of Human-work Puzzles for Cryptocurrency and Beyond

We introduce the novel notion of a Proof of Human-work (PoH) and present the first distributed consensus protocol from hard Artificial Intelligence problems. As the name suggests, a PoH is a proof that a {\em human} invested a moderate amount of effort to solve some challenge. A PoH puzzle should be moderately hard for a human to solve. However, a PoH puzzle must be hard for a computer to solve, including the computer that generated the puzzle, without sufficient assistance from a human. By contrast, CAPTCHAs are only difficult for other computers to solve --- not for the computer that generated the puzzle. We also require that a PoH be publicly verifiable by a computer without any human assistance and without ever interacting with the agent who generated the proof of human-work. We show how to construct PoH puzzles from indistinguishability obfuscation and from CAPTCHAs. We motivate our ideas with two applications: HumanCoin and passwords. We use PoH puzzles to construct HumanCoin, the first cryptocurrency system with human miners. Second, we use proofs of human work to develop a password authentication scheme which provably protects users against offline attacks

All about uncertainties and traps: Statistical oracle-based attacks on a new CAPTCHA protection against oracle attacks

CAPTCHAs are security mechanisms that try to prevent automated abuse of computer services. Many CAPTCHAs have been proposed but most have known security flaws against advanced attacks. In order to avoid a kind of oracle attacks in which the attacker learns about ground truth labels via active interactions with the CAPTCHA service as an oracle, Kwon and Cha proposed a new CAPTCHA scheme that employ uncertainties and trap images to generate adaptive CAPTCHA challenges, which we call “Uncertainty and Trap Strengthened CAPTCHA” (UTS-CAPTCHA) in this paper. Adaptive CAPTCHA challenges are used widely (either explicitly or implicitly) but the role of such adaptive mechanisms in the security of CAPTCHAs has received little attention from researchers. In this paper we present a statistical fundamental design flaw of UTS-CAPTCHA. This flaw leaks information regarding ground truth labels of images used. Exploiting this flaw, an attacker can use the UTS-CAPTCHA service as an oracle, and perform several different statistical learning-based attacks against UTS-CAPTCHA, increasing any reasonable initial success rate up to 100% according to our theoretical estimation and experimental simulations. Based on our proposed attacks, we discuss how the fundamental idea behind our attacks may be generalized to attack other CAPTCHA schemes and propose a new principle and a number of concrete guidelines for designing new CAPTCHA schemes in the future

Practice-Oriented Privacy in Cryptography

While formal cryptographic schemes can provide strong privacy guarantees, heuristic schemes that prioritize efficiency over formal rigor are often deployed in practice, which can result in privacy loss. Academic schemes that do receive rigorous attention often lack concrete efficiency or are difficult to implement. This creates tension between practice and research, leading to deployed privacy-preserving systems that are not backed by strong cryptographic guarantees. To address this tension between practice and research, we propose a practice-oriented privacy approach, which focuses on designing systems with formal privacy models that can effectively map to real-world use cases. This approach includes analyzing existing privacy-preserving systems to measure their privacy guarantees and how they are used. Furthermore, it explores solutions in the literature and analyzes gaps in their models to design augmented systems that apply more clearly to practice. We focus on two settings of privacy-preserving payments and communications. First, we introduce BlockSci, a software platform that can be used to perform analyses on the privacy and usage of blockchains. Specifically, we assess the privacy of the Dash cryptocurrency and analyze the velocity of cryptocurrencies, finding that Dash’s PrivateSend may still be vulnerable to clustering attacks and that a significant fraction of transactions on Bitcoin are “self-churn” transactions. Next, we build a technique for reducing bandwidth in mixing cryptocurrencies, which suffer from a practical limitation: the size of the transaction growing linearly with the size of the anonymity set. Our proposed technique efficiently samples cover traffic from a finite and public set of known values, while deriving a compact description of the resulting transaction set. We show how this technique can be integrated with various currencies and different cover sampling distributions. Finally, we look at the problem of establishing secure communication channels without access to a trusted public key infrastructure. We construct a scheme that uses network latency and reverse turing tests to detect the presence of eavesdroppers, prove our construction secure, and implement it on top of an existing communication protocol. This line of work bridges the gap between theoretical cryptographic research and real-world deployments to bring better privacy-preserving schemes to end users

Plugging in trust and privacy : three systems to improve widely used ecosystems

The era of touch-enabled mobile devices has fundamentally changed our communication habits. Their high usability and unlimited data plans provide the means to communicate any place, any time and lead people to publish more and more (sensitive) information. Moreover, the success of mobile devices also led to the introduction of new functionality that crucially relies on sensitive data (e.g., location-based services). With our today’s mobile devices, the Internet has become the prime source for information (e.g., news) and people need to rely on the correctness of information provided on the Internet. However, most of the involved systems are neither prepared to provide robust privacy guarantees for the users, nor do they provide users with the means to verify and trust in delivered content. This dissertation introduces three novel trust and privacy mechanisms that overcome the current situation by improving widely used ecosystems. With WebTrust we introduce a robust authenticity and integrity framework that provides users with the means to verify both the correctness and authorship of data transmitted via HTTP. X-pire! and X-pire 2.0 offer a digital expiration date for images in social networks to enforce post-publication privacy. AppGuard enables the enforcement of fine-grained privacy policies on third-party applications in Android to protect the users privacy.Heutige Mobilgeräte mit Touchscreen haben unsere Kommunikationsgewohnheiten grundlegend geändert. Ihre intuitive Benutzbarkeit gepaart mit unbegrenztem Internetzugang erlaubt es uns jederzeit und überall zu kommunizieren und führt dazu, dass immer mehr (vertrauliche) Informationen publiziert werden. Des Weiteren hat der Erfolg mobiler Geräte zur Einführung neuer Dienste die auf vertraulichen Daten aufbauen (z.B. positionsabhängige Dienste) beigetragen. Mit den aktuellen Mobilgeräten wurde zudem das Internet die wichtigste Informationsquelle (z.B. für Nachrichten) und die Nutzer müssen sich auf die Korrektheit der von dort bezogenen Daten verlassen. Allerdings bieten die involvierten Systeme weder robuste Datenschutzgarantien, noch die Möglichkeit die Korrektheit bezogener Daten zu verifizieren. Diese Dissertation führt drei neue Mechanismen für das Vertrauen und den Datenschutz ein, die die aktuelle Situation in weit verbreiteten Systemen verbessern. WebTrust, ein robustes Authentizitäts- und Integritätssystem ermöglicht es den Nutzern sowohl die Korrektheit als auch die Autorenschaft von über HTTP übertragenen Daten zu verifizieren. X-pire! und X-pire 2.0 bieten ein digitales Ablaufdatum für Bilder in sozialen Netzwerken um Daten auch nach der Publikation noch vor Zugriff durch Dritte zu schützen. AppGuard ermöglicht das Durchsetzen von feingranularen Datenschutzrichtlinien für Drittanbieteranwendungen in Android um einen angemessen Schutz der Nutzerdaten zu gewährleisten

Plugging in trust and privacy : three systems to improve widely used ecosystems

The era of touch-enabled mobile devices has fundamentally changed our communication habits. Their high usability and unlimited data plans provide the means to communicate any place, any time and lead people to publish more and more (sensitive) information. Moreover, the success of mobile devices also led to the introduction of new functionality that crucially relies on sensitive data (e.g., location-based services). With our today’s mobile devices, the Internet has become the prime source for information (e.g., news) and people need to rely on the correctness of information provided on the Internet. However, most of the involved systems are neither prepared to provide robust privacy guarantees for the users, nor do they provide users with the means to verify and trust in delivered content. This dissertation introduces three novel trust and privacy mechanisms that overcome the current situation by improving widely used ecosystems. With WebTrust we introduce a robust authenticity and integrity framework that provides users with the means to verify both the correctness and authorship of data transmitted via HTTP. X-pire! and X-pire 2.0 offer a digital expiration date for images in social networks to enforce post-publication privacy. AppGuard enables the enforcement of fine-grained privacy policies on third-party applications in Android to protect the users privacy.Heutige Mobilgeräte mit Touchscreen haben unsere Kommunikationsgewohnheiten grundlegend geändert. Ihre intuitive Benutzbarkeit gepaart mit unbegrenztem Internetzugang erlaubt es uns jederzeit und überall zu kommunizieren und führt dazu, dass immer mehr (vertrauliche) Informationen publiziert werden. Des Weiteren hat der Erfolg mobiler Geräte zur Einführung neuer Dienste die auf vertraulichen Daten aufbauen (z.B. positionsabhängige Dienste) beigetragen. Mit den aktuellen Mobilgeräten wurde zudem das Internet die wichtigste Informationsquelle (z.B. für Nachrichten) und die Nutzer müssen sich auf die Korrektheit der von dort bezogenen Daten verlassen. Allerdings bieten die involvierten Systeme weder robuste Datenschutzgarantien, noch die Möglichkeit die Korrektheit bezogener Daten zu verifizieren. Diese Dissertation führt drei neue Mechanismen für das Vertrauen und den Datenschutz ein, die die aktuelle Situation in weit verbreiteten Systemen verbessern. WebTrust, ein robustes Authentizitäts- und Integritätssystem ermöglicht es den Nutzern sowohl die Korrektheit als auch die Autorenschaft von über HTTP übertragenen Daten zu verifizieren. X-pire! und X-pire 2.0 bieten ein digitales Ablaufdatum für Bilder in sozialen Netzwerken um Daten auch nach der Publikation noch vor Zugriff durch Dritte zu schützen. AppGuard ermöglicht das Durchsetzen von feingranularen Datenschutzrichtlinien für Drittanbieteranwendungen in Android um einen angemessen Schutz der Nutzerdaten zu gewährleisten

Balloon Hashing: A Memory-Hard Function Providing Provable Protection Against Sequential Attacks

We present the Balloon password-hashing algorithm. This is the first practical cryptographic hash function that: (i) has proven memory-hardness properties in the random-oracle model, (ii) uses a password-independent access pattern, and (iii) meets or exceeds the performance of the best heuristically secure password-hashing algorithms. Memory-hard functions require a large amount of working space to evaluate efficiently and when used for password hashing, they dramatically increase the cost of offline dictionary attacks. In this work, we leverage a previously unstudied property of a certain class of graphs (“random sandwich graphs”) to analyze the memory-hardness of the Balloon algorithm. The techniques we develop are general: we also use them to give a proof of security of the scrypt and Argon2i password-hashing functions in the random-oracle model. Our security analysis uses a sequential model of computation, which essentially captures attacks that run on single-core machines. Recent work shows how to use massively parallel special-purpose machines (e.g., with hundreds of cores) to attack Balloon and other memory-hard functions. We discuss these important attacks, which are outside of our adversary model, and propose practical defenses against them. To motivate the need for security proofs in the area of password hashing, we demonstrate and implement a practical attack against Argon2i that successfully evaluates the function with less space than was previously claimed possible. Finally, we use experimental results to compare the performance of the Balloon hashing algorithm to other memory-hard functions

Quantum money and scalable 21-cm cosmology

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Physics, 2011.This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.Cataloged from student-submitted PDF version of thesis.Includes bibliographical references (p. 165-170).This thesis covers two unrelated topics. The first part of my thesis is about quantum money, a cryptographic protocol in which a mint can generate a quantum state that no one can copy. In public-key quantum money, anyone can verify that a given quantum state came from the mint, and in collision-free quantum money, even the mint cannot generate two valid quantum bills with the same serial number. I present quantum state restoration, a new quantum computing technique that can be used to counterfeit several designs for quantum money. I describe a few other approaches to quantum money, one of which is published, that do not work. I then present a technique that seems to be secure based on a new mathematical object called a component mixer, and I give evidence money using this technique is hard to counterfeit. I describe a way to implement a component mixer and the corresponding quantum money using techniques from knot theory. The second part of my thesis is about 21-cm cosmology and the Fast Fourier transform telescope. With the FFT telescope group at MIT, I worked on a design for a radio telescope that operates between 120 and 200 MHz and will scale to an extremely large number of antennas N. We use an aperture synthesis technique based on Fast Fourier transforms with computational costs proportional toN logN instead of N2. This eliminates the cost of computers as the main limit on the size of a radio interferometer. In this type of telescope, the cost of each antenna matters regardless of how large the telescope becomes, so we focus on reducing the cost of each antenna as much as possible. I discuss the FFT aperture synthesis technique and its equivalence to standard techniques on an evenly spaced grid. I describe analog designs that can reduce the cost per antenna. I give algorithms to analyze raw data from our telescope to help debug and calibrate its components, with particular emphasis on cross-talk between channels and I/Q imbalance. Finally, I present a scalable design for a computer network that can solve the corner-turning problem.by Andrew Lutomirski.Ph.D