Scientists Release Working Prototype Of CAPTCHA-Based Password Assistant 86
An anonymous reader writes "Last year Slashdot ran a story on scientists from the Max-Planck-Institute for Physics of Complex Systems in Dresden, Germany developing a novel method to improve password security. A strong long password is split in two parts; the first part is memorized by a human, and the second part is stored as a CAPTCHA-like image of a chaotic lattice system. Today, after a year of work, the same group at Max Planck Institute released a working prototype online, where everybody can try this technology to encrypt files (Java plugin required)."
is there any good analysis in the year since? (Score:5, Insightful)
Rather than attempting to personally evaluate the paper, not being an expert in this area, it'd be interesting if a third party has done some analysis, even preliminarily, on the system, so we can rely on more than the authors' own views. The paper itself was published in a somewhat strange venue for a new cryptosystem, Europhysics Letters, which isn't really a problem, but doesn't provide strong assurance that cryptography experts have vetted it, either (but perhaps they have elsewhere?).
Re:um (Score:4, Insightful)
Of course, it's a security scheme designed using Java just two days after a story about a security hole in Java that allowed automatic installation of a trojan [slashdot.org]. Thanks, but no thanks. You can keep your security if that's the language you want to use to implement it.
Re:Requires self-signed applet with full privilege (Score:5, Insightful)
Absolutely - I couldn't believe the irony of this great security solution requesting full access to my machine with a self-signed certificate. I wonder if this actually a psychology experiment to show that even when people are thinking about security that they're still willing to give up the keys to the kingdom as long as you ask nicely and state that you're a "security researcher".
A better mousetrap? (Score:4, Insightful)
Enough wisecracks, let's start thinking. (Score:5, Insightful)
Slashdot comments usually contain at least a few insightful comments, but so far people have been going for wisecracks and low-hanging fruit.
Yes, using a self-signed certificate in a security product is stupid. Yes, trusting physicists to come up with a good encryption scheme is like hiring a plumber to do heart bypass surgery (I am a physicist). But those are boring criticisms. A more interesting question: is the basic idea actually any good?
If you play with it, it looks like it boils down to using a short easy password to generate a chaotic bit pattern; this bit pattern is XORed against a Captcha image. The result is easy for humans to read. If you try to decrypt with the wrong password, you get a different chaotic bit pattern that can't be read. But a computer has to do a lot of work to figure out if each bit pattern contains readable text or not.
The goal here is not to increase the entropy of the password, or to use an asymmetric algorithm that's much easier to encode than decode. Instead, they're trying to make each decryption attempt require enough compute cycles that it's impractical to brute-force even a short password.
The obvious direct attack is to write a very good, very fast captcha detector. It doesn't actually have to be able to *read* the captcha at all: it just has to be able to filter out "obviously doesn't contain text" from "probably contains text", and present the likely candidates to a human for final analysis. Some sort of noisy edge detection algorithm might work well.
If you hate writing computer vision algorithms, a simple Mechanical Turk approach might also work. If you presented a full-screen grid of 100 candidate decryptions to a human, they could probably identify one that contains text in a couple of seconds. A single human should be able to complete an English dictionary attack in a day.
Re:um (Score:4, Insightful)