Abstract
Password-based authentication is common due to its high usability and simplicity to implement; however, it raises many security problems. This implies a continuous effort in designing new password-based authentication techniques. J. Blocki, M. Blum and A. Datta introduced GOTCHA (Generating panOptic Turing Tests to Tell Computers and Humans Apart), an innovative method to perform password-based authentication: a challenge-response mechanism that gives humans a great advantage over machines. The authors of GOTCHA proposed a public challenge to test its strength. We disclosed all 5 passwords of the first round, because of a leakage in the released code. In this paper, we present our attack: an improved brute-force that revealed each of the 7-digit password in less than 0.5 h and the 8-digit password in approximately 1.5 h on a personal laptop.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Blocki, J. Blum, M., Datta A.: GOTCHA password hackers!. In: AISec’13 Proceedings of the 2013 ACM workshop on Artificial Intelligence and Security, pp. 25–35 (2013)
GOTCHA Challenge. http://www.cs.cmu.edu/jblocki/GOTCHA-Challenge.html. Accessed Jan 2015
New York Times—If Your Password Is 123456, Just Make It HackMe. http://www.nytimes.com/2010/01/21/technology/21password.html?_r=0. Accessed Jan 2015
Oechslin, P.: Making a faster cryptanalytic time-memory trade-off. Adv. Crypt.—CRYPTO 2003, 617–630 (2003)
CAPTCHA: Telling Humans and Computers Apart Automatically. http://www.captcha.net/. Accessed Jan 2015
RSA Laboratories—The RSA Factoring Challenge. http://www.emc.com/emc-plus/rsa-labs/historical/the-rsa-factoring-challenge.htm. Accessed Jan 2015
Provos, N., Mazieres, D.: A future-adaptable password scheme. In: USENIX Annual Technical Conference, FREENIX Track, pp. 81–91 (1999)
GIMP—The GNU Image Manipulation Program. http://www.gimp.org/. Accessed Jan 2015
Acknowledgments
The author would like to thank Alex Gatej for informing about the GOTCHA challenge.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Olimid, R.F. (2015). GOTCHA Challenge (Un)Solved. In: Herrero, Á., Baruque, B., Sedano, J., Quintián, H., Corchado, E. (eds) International Joint Conference. CISIS 2015. Advances in Intelligent Systems and Computing, vol 369. Springer, Cham. https://doi.org/10.1007/978-3-319-19713-5_40
Download citation
DOI: https://doi.org/10.1007/978-3-319-19713-5_40
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-19712-8
Online ISBN: 978-3-319-19713-5
eBook Packages: EngineeringEngineering (R0)