POSH: A generalized CAPTCHA with security applications

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2008, Pages 1-10

  Daher, Waseem ^a   Canetti, Ran ^b  

^a MASSACHUSETTS INSTITUTE OF TECHNOLOGY   (United States)

^b IBM T J WATSON RESEARCH CENTER   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

CAPTCHAS; FIREFOX WEB BROWSER; MOZILLA; OFF-LINE DICTIONARY ATTACKS; SECURITY APPLICATION;

COMPUTER CRIME;

WEB BROWSERS;

EID: 70349263319     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1456377.1456379     Document Type: Conference Paper

References (19)

1. Bank of America. How Bank of America SiteKey Works for Online Banking Security. http://www.bankofamerica.com/privacy/sitekey/.
2. R. Canetti and R. R. Dakdouk. Obfuscating point functions with multibit output. In EUROCRYPT, pages 489-508, 2008.
3. R. Canetti, S. Halevi, and M. Steiner. Mitigating dictionary attacks on password-protected local storage. In CRYPTO, pages 160-179, 2006.
4. W. Daher. Patch for Firefox. http://puzzles.mit.edu/firefox/patch.diff, April 2008.
5. D. Davis, F. Monrose, and M. K. Reiter. On user choice in graphical password schemes. In Proceedings of the 13th USENIX Security Symposium, pages 11-11, Berkeley, CA, USA, 2004. USENIX Association.
6. R. Dhamija and A. Perrig. Déjà vu: A user study, using images for authentication. In Proceedings of the 9th USENIX Security Symposium, August 2000.
7. D. Engel. Pictionary (NES) FAQ by DEngel. http://www.gamefaqs.com/ console/nes/file/587510/38806, April 2007. Section (E): Answer List.
8. H. T. Hall. Tracy Hall's Amazing Inkblot Generator. http://math.berkeley. edu/̃hthall/ink.blots/, January 2001.
9. I. Jermyn, A. Mayer, F. Monrose, M. K. Reiter, and A. D. Rubin. The design and analysis of graphical passwords. In Proceedings of the 8th USENIX Security Symposium, Berkeley, CA, USA, 1999. USENIX Association.
10. M. Naor. Verification of a human in the loop or Identification via the Turing Test. http://www.wisdom.weizmann.ac.il/̃naor/PAPERS/human-abs.html, 1996.
11. H.-K. Nienhuys. HKCaptcha - yet another PHP Captcha implementation. http://www.lagom.nl/linux/hkcaptcha/, February 2008.
12. Open Source Shakespeare. Shakespeare text statistics. http://www.opensourceshakespeare.org/stats/.
13. B. Pinkas and T. Sander. Securing passwords against dictionary attacks. In CCS '02: Proceedings of the 9th ACM conference on Computer and Communications Security, pages 161-170, New York, NY, USA, 2002. ACM Press.
14. S. E. Schechter, R. Dhamija, A. Ozment, and I. Fischer. The emperor's new security indicators. In IEEE Symposium on Security and Privacy, pages 51-65. IEEE Computer Society, 2007.
15. P. Sinha, B. Balas, Y. Ostrovsky, and R. Russell. Face Recognition by Humans: Nineteen Results all Computer Vision Researchers Should Know About. In Proceedings of the IEEE, volume 94, pages 1948-1962, 2006.
16. A. Stubblefield and D. Simon. Inkblot authentication. Technical Report MSR-TR-2004-85, Microsoft Research, 2004.
17. J. Thorpe and P. C. van Oorschot. Graphical dictionaries and the memorable space of graphical passwords. In SSYM'04: Proceedings of the 13th conference on USENIX Security Symposium, pages 10-10, Berkeley, CA, USA, 2004. USENIX Association.
18. L. von Ahn. reCAPTCHA. http://www.recaptcha.net, 2007.
19. L. von Ahn, M. Blum, and J. Langford. Telling humans and computers apart automatically. Communications of the ACM, 47:56-60, 2004.