Toggle Main Menu Toggle Search

Open Access padlockePrints

Captcha as Graphical Passwords-A New Security Primitive Based on Hard AI Problems

Lookup NU author(s): Dr Jeff Yan

Downloads

Full text for this publication is not currently held within this repository. Alternative links are provided below where available.


Abstract

Many security primitives are based on hard mathematical problems. Using hard AI problems for security is emerging as an exciting new paradigm, but has been under-explored. In this paper, we present a new security primitive based on hard AI problems, namely, a novel family of graphical password systems built on top of Captcha technology, which we call Captcha as graphical passwords (CaRP). CaRP is both a Captcha and a graphical password scheme. CaRP addresses a number of security problems altogether, such as online guessing attacks, relay attacks, and, if combined with dual-view technologies, shoulder-surfing attacks. Notably, a CaRP password can be found only probabilistically by automatic online guessing attacks even if the password is in the search set. CaRP also offers a novel approach to address the well-known image hotspot problem in popular graphical password systems, such as PassPoints, that often leads to weak password choices. CaRP is not a panacea, but it offers reasonable security and usability and appears to fit well with some practical applications for improving online security.


Publication metadata

Author(s): Zhu BB, Yan J, Bao GB, Yang MW, Xu N

Publication type: Article

Publication status: Published

Journal: IEEE Transactions on Information Forensics and Security

Year: 2014

Volume: 9

Issue: 6

Pages: 891-904

Print publication date: 19/03/2014

ISSN (print): 1556-6013

ISSN (electronic): 1556-6021

Publisher: IEEE

URL: http://dx.doi.org/10.1109/TIFS.2014.2312547

DOI: 10.1109/TIFS.2014.2312547


Altmetrics

Altmetrics provided by Altmetric


Actions

Find at Newcastle University icon    Link to this publication


Share