Side-Channel Attack against the Capy HIP

2014 Fifth International Conference on Emerging Security Technologies Pub Date : 2014-09-10 DOI:10.1109/EST.2014.30

Carlos Javier Hernández-Castro, M. Rodríguez-Moreno, David F. Barrero

引用次数: 6

Abstract

One of the first approaches to proposed to prevent automated attacks on Internet were the Human Interactive Proofs(HIPs). Since their invention, a variety of designs have been proposed, yet most of them have been successfully attacked. In this paper we focus on a new HIP, based on a puzzle solving scheme, created to increase both security and usability: the Capy CAPTCHA. We have analyzed its design, finding some important flaws. Based on them, we propose a low-cost, side-channel attack. Initial results show that the attack is able to break Capy with a 61% success ratio.

查看原文本刊更多论文

对Capy HIP的侧信道攻击

最早提出的防止互联网上自动攻击的方法之一是人类交互证明(HIPs)。自从它们被发明以来，各种各样的设计被提出，但大多数都被成功地攻击了。在本文中，我们重点介绍了一种基于解谜方案的新HIP，旨在提高安全性和可用性:Capy CAPTCHA。我们分析了它的设计，发现了一些重要的缺陷。在此基础上，我们提出了一种低成本的侧信道攻击。初步结果表明，该攻击能够突破Capy，成功率为61%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2014 Fifth International Conference on Emerging Security Technologies

自引率

0.00%

发文量