WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Account Lockouts

From: Alexander Klimov <alserkli () inbox ru>
Date: Fri, 10 Dec 2004 14:44:14 +0200 (IST)
On Thu, 9 Dec 2004, David Robert wrote:


I find this very surprising.  Maybe I don't understand CAPTCHA's or image
processing technology well enough.
[...]
3) map out the parameter space so that humans have an easy time and OCR
programs don't.  This would be a bit of work but I expect the parameter
space to be contiguous.  I'm not sure this would be possible otherwise.
4) Now you have a very large set of transformations that can be randomly
generated - just generate random numbers within the parameter space you have
defined.


Let's drop in some numbers: you can do more than 1e9 operations per second, the
whole image is 290x80 (on yahoo) or less (AFAIR after two years, it was
something like 100x30 in my case)  that is 2.3e4 pixels, there are less than 100
characters (10 digits in my case), each glyph can be up to 50x50 large (20x20 in
my case). Now let's count the number of transformations. Suppose you have only
one contiguous (continuous?) coefficient -- scale. How many *sufficiently
different* values it can assume? Note that if template and image use scales
which are different but the results are differ by less than a single pixel you
will have very good response and so such difference of paramters is not to be
called *sufficient*. So, we can guess that there are ~50 different scales.
Suppose that x and y scales are different is there now 50x50 states in the space
of parameters? Probably not, since a 50x5 glyth is unreadable (BTW: I must admit
that out of 5 reloads of the yahoo picture I can guess only 3 -- ok, this is
probably not that bad since on average I would be able to login after 2 attempts
:-). Let's also add rotations: angle also have not so many possibilites.
Probably also some twirl effect (rotate sides more than center). Although in my
case there was only single scale and rotation, we can see that even in a more
general case the number of transformations is not that large as it seams at
first.

There are also a lot of possibilities for speed up: if picture is 290x80 you
could probably get the match even if you reduce it twice (note that this
is not only reduce a single match time 4-fold, but also reduce approximately
twice possibilities for each of the above parameters) or start with even coarse
resolution and prune most of possibilities before go to the next resolution
level.

-- 
Regards,
ASK
Previous By Date Next
Previous By Thread Next

Current thread: