International Joint Conference pp 465-472
GOTCHA Challenge (Un)Solved
- Cite this paper as:
- Olimid R.F. (2015) GOTCHA Challenge (Un)Solved. In: Herrero Á., Baruque B., Sedano J., Quintián H., Corchado E. (eds) International Joint Conference. Advances in Intelligent Systems and Computing, vol 369. Springer, Cham
Password-based authentication is common due to its high usability and simplicity to implement; however, it raises many security problems. This implies a continuous effort in designing new password-based authentication techniques. J. Blocki, M. Blum and A. Datta introduced GOTCHA (Generating panOptic Turing Tests to Tell Computers and Humans Apart), an innovative method to perform password-based authentication: a challenge-response mechanism that gives humans a great advantage over machines. The authors of GOTCHA proposed a public challenge to test its strength. We disclosed all 5 passwords of the first round, because of a leakage in the released code. In this paper, we present our attack: an improved brute-force that revealed each of the 7-digit password in less than 0.5 h and the 8-digit password in approximately 1.5 h on a personal laptop.