The following is a design for a CAPTCHA that is likely invulnerable to automated decryption. I originally developed this as part of an anti-spam system that was a very early progenitor of Receiver Initiated Authentication. This CAPTCHA should be particularly invaluable given the recent reports that bots now have as high as
a 35% successful attack rate against both the Microsoft and Yahoo CAPTCHA.
Step One
Manually design a library of easily recognizable computer generated three-dimensional objects such as the following:
Step Two
The computer is given a description of each attribute of each object.
Each attribute is described using multiple foreign languages (English, French, Chinese, etc.). Other relevant data is entered into the computer; such as at what angles each attribute can be viewed and still remain recognizable, and what percentage of each attribute can be obstructed by an object and yet remain recognizable.
-THE REST OF THE PROCESS IS FULLY AUTOMATED-
Step Three
The computer takes a sample of objects from the library and places them together in a scene. The computer can generate multiple images simply by taking multiple angles of the same scene. The following scenes are the same image seen from different angles.
The following image contains the same three objects placed together in a different formation.
The only difference between the following two images is the direction of the virtual light source.
Manipulating these three very simple objects can generate a nearly infinite number of pictures.
In practice these pictures will be generated by mixing and matching easily recognizable objects from a constantly changing database of at least hundreds of objects. Objects will articulate as limbs will move and car doors will open. Trees will have randomly generated branches. Patterns will change as a person wears a polka dot shirt in one image and a striped shirt in another. An infinite number of unique images can be generated. The process will be random, though the computer will follow some rules such as preventing one object from completely obstructing another.
Step Four
The individual attributes within a randomly generated picture are labeled with characters. The computer is given a set of characters to encode. The computer will then list the attributes that correspond to the characters of the sub-address that is being encoded. The example below shows the final product:
Please click on or enter each letter corresponding to the following list in the field below. You must enter them in the exact sequence listed.
• The Head of the Walking Man
• The Vase
• The Back of the Chair
We now have the code:CKT
Thus we have a system whereby a computer can automatically generate and label hundreds of millions of unique images to be used as CAPTCHA.
The instructions and list of features will be displayed in the language of choice. A Chinese language website will show the identical image but the directions will be in Chinese.
A bot attempting to brute force a solution to the above example will need to work its way through (26)(25)(24) = 15,600 possible combinations. Asking for the identification of four unique features gives 358,800 possible combinations while 5 unique features will render 7,893,600 possible combinations.
An academic who has developed advanced computer vision programs and who has created CAPTCHA decoding programs had the following comment upon reviewing this proposal:
“That really is an interesting idea, and one that I think would work quite well. Object recognition is a completely unsolved computer vision problem. The sort of “parameterized” set of synthetic images you create would be quite challenging to process automatically, now and in the years to come.”
Upon follow-up he authorized me to use his comments but not his name. This comment was also made before I described how the 3-D CAPTCHA would dynamically modify and neutralize automated attacks.
The 3-D CAPTCHA Can Instantaneously Detect and Dynamically Change to Neutralize an Automated Attack
Let us assume that a malicious programmer puts in the effort to design a bot that is able to recognize a ‘flower’ 30% of the time. This malicious bot will cycle through multiple 3-D CAPTCHA selecting out challenges that ask to identify a flower. The bot will correctly identify the flower and use a brute force attack to identify the remaining attributes and solve the CAPTCHA. This attack will be rapidly neutralized via the following mechanism:
-For every one CAPTCHA correctly solved by this method the malicious bot will generate an enormous number of responses that correctly identify the flower but misidentify all other features. The sudden receipt of an enormous number of responses that correctly identify the flower but misidentify all other attributes will make it immediately obvious that a malicious bot is identifying the flower.
-The compromised ‘flower’ is automatically removed from the library and is replaced with another unique object (e.g. an octopus, a half-peeled banana, a plate of spaghetti) taken from a reserve library of objects that have never been publicly viewed. The malicious bot is rapidly neutralized.
A complementary process can be used to weed out objects that people have trouble identifying. An object will be removed from the library if users consistently fail to correctly identify it while simultaneously correctly identifying the other objects in the image – elimination of difficult to recognize objects will increase the user friendliness of the 3-D CAPTCHA.