Side-channel attack against the capy HIP

Side-channel attack against the capy HIP. Hernández-Castro, C., R-Moreno, M., & Barrero, D. In Proceedings - 2014 International Conference on Emerging Security Technologies, EST 2014, 2014.
abstract bibtex

© 2014 IEEE. One of the first approaches to proposed to prevent automated attacks on Internet were the Human Interactive Proofs (HIPs). Since their invention, a variety of designs have been proposed, yet most of them have been successfully attacked. In this paper we focus on a new HIP, based on a puzzle solving scheme, created to increase both security and usability: the Capy CAPTCHA. We have analyzed its design, finding some important flaws. Based on them, we propose a low-cost, side-channel attack. Initial results show that the attack is able to break Capy with a 61% success ratio.

@inProceedings{
 title = {Side-channel attack against the capy HIP},
 type = {inProceedings},
 year = {2014},
 identifiers = {[object Object]},
 keywords = {CAPTCHA,Capy,HIP,JPEG,attack,low-cost,side-channel},
 id = {4c3b6ba7-33cc-3fb7-ad4d-78235397288b},
 created = {2019-03-18T15:00:28.751Z},
 file_attached = {false},
 profile_id = {77ead516-4fb7-3189-a920-09efa515b9dd},
 last_modified = {2019-03-18T15:00:28.751Z},
 read = {false},
 starred = {false},
 authored = {true},
 confirmed = {false},
 hidden = {false},
 private_publication = {false},
 abstract = {© 2014 IEEE. One of the first approaches to proposed to prevent automated attacks on Internet were the Human Interactive Proofs (HIPs). Since their invention, a variety of designs have been proposed, yet most of them have been successfully attacked. In this paper we focus on a new HIP, based on a puzzle solving scheme, created to increase both security and usability: the Capy CAPTCHA. We have analyzed its design, finding some important flaws. Based on them, we propose a low-cost, side-channel attack. Initial results show that the attack is able to break Capy with a 61% success ratio.},
 bibtype = {inProceedings},
 author = {Hernández-Castro, C.J. and R-Moreno, M.D. and Barrero, D.F.},
 booktitle = {Proceedings - 2014 International Conference on Emerging Security Technologies, EST 2014}
}

Downloads: 0

{"_id":"ohiCMcjX94jaLTwMp","bibbaseid":"hernndezcastro-rmoreno-barrero-sidechannelattackagainstthecapyhip-2014","authorIDs":["5d15e717ca6007da010000a6"],"author_short":["Hernández-Castro, C.","R-Moreno, M.","Barrero, D."],"bibdata":{"title":"Side-channel attack against the capy HIP","type":"inProceedings","year":"2014","identifiers":"[object Object]","keywords":"CAPTCHA,Capy,HIP,JPEG,attack,low-cost,side-channel","id":"4c3b6ba7-33cc-3fb7-ad4d-78235397288b","created":"2019-03-18T15:00:28.751Z","file_attached":false,"profile_id":"77ead516-4fb7-3189-a920-09efa515b9dd","last_modified":"2019-03-18T15:00:28.751Z","read":false,"starred":false,"authored":"true","confirmed":false,"hidden":false,"private_publication":false,"abstract":"© 2014 IEEE. One of the first approaches to proposed to prevent automated attacks on Internet were the Human Interactive Proofs (HIPs). Since their invention, a variety of designs have been proposed, yet most of them have been successfully attacked. In this paper we focus on a new HIP, based on a puzzle solving scheme, created to increase both security and usability: the Capy CAPTCHA. We have analyzed its design, finding some important flaws. Based on them, we propose a low-cost, side-channel attack. Initial results show that the attack is able to break Capy with a 61% success ratio.","bibtype":"inProceedings","author":"Hernández-Castro, C.J. and R-Moreno, M.D. and Barrero, D.F.","booktitle":"Proceedings - 2014 International Conference on Emerging Security Technologies, EST 2014","bibtex":"@inProceedings{\n title = {Side-channel attack against the capy HIP},\n type = {inProceedings},\n year = {2014},\n identifiers = {[object Object]},\n keywords = {CAPTCHA,Capy,HIP,JPEG,attack,low-cost,side-channel},\n id = {4c3b6ba7-33cc-3fb7-ad4d-78235397288b},\n created = {2019-03-18T15:00:28.751Z},\n file_attached = {false},\n profile_id = {77ead516-4fb7-3189-a920-09efa515b9dd},\n last_modified = {2019-03-18T15:00:28.751Z},\n read = {false},\n starred = {false},\n authored = {true},\n confirmed = {false},\n hidden = {false},\n private_publication = {false},\n abstract = {© 2014 IEEE. One of the first approaches to proposed to prevent automated attacks on Internet were the Human Interactive Proofs (HIPs). Since their invention, a variety of designs have been proposed, yet most of them have been successfully attacked. In this paper we focus on a new HIP, based on a puzzle solving scheme, created to increase both security and usability: the Capy CAPTCHA. We have analyzed its design, finding some important flaws. Based on them, we propose a low-cost, side-channel attack. Initial results show that the attack is able to break Capy with a 61% success ratio.},\n bibtype = {inProceedings},\n author = {Hernández-Castro, C.J. and R-Moreno, M.D. and Barrero, D.F.},\n booktitle = {Proceedings - 2014 International Conference on Emerging Security Technologies, EST 2014}\n}","author_short":["Hernández-Castro, C.","R-Moreno, M.","Barrero, D."],"bibbaseid":"hernndezcastro-rmoreno-barrero-sidechannelattackagainstthecapyhip-2014","role":"author","urls":{},"keyword":["CAPTCHA","Capy","HIP","JPEG","attack","low-cost","side-channel"],"downloads":0},"bibtype":"inProceedings","creationDate":"2019-06-28T10:08:23.841Z","downloads":0,"keywords":["captcha","capy","hip","jpeg","attack","low-cost","side-channel"],"search_terms":["side","channel","attack","against","capy","hip","hernández-castro","r-moreno","barrero"],"title":"Side-channel attack against the capy HIP","year":2014}