GOTCHA Might Replace CAPTCHA – A More Secure Turing Test is on the Way
GOTCHA -Generating panOptic Turing Tests to Tell Computers and Humans Apart-dares the internet world with a stronghold of an algorithm that generates inkblots that lets the user to solve puzzles instead of entering distorted texts (CAPTCHA).
Jeremiah Blocki, Manuel Blum and Anupam Datta from Carnegie Mellon University have come up with a paper ‘GOTCHA Password Hackers!’ GOTCHA is believed to mitigate offline password hacking and attacks, as they need a real-time interaction with the user unlike a brute force or a dictionary attack. The system relies on user generated descriptions for the random generated inkblots, based on the user’s password. These randomly generated inkblot puzzles are then stored in a random order and at each login, the user have to answer the puzzle. This obviously slows down the offline attacks on a password, as the attacker has to know both the password and solve the puzzle at the same time.
In case of automated computer attacks, this becomes virtually impossible as the whole GOTCHA system needs a visual interaction of a human being. Though, CAPTCHA provide a moderate level of spam control, it is always possible to mask a CAPTCHA and solve it with a community to get back the necessary word from them. GOTCHA’s inkblot puzzle and password combination looks promising in spam control too and provides a secure idea to fortify one’s password.
This post was first published on February 8, 2014.