IACR News item: 10 December 2012
Abishek Kumarasubramanian, Rafail Ostrovsky, Omkant Pandey, Akshay Wadia
ePrint ReportA formal framework,
modelling \\captcha puzzles (as hard AI problems), was introduced by
Ahn, Blum, Hopper, and Langford (\\cite{AhnBHL03}, Eurocrypt 2003). Despite their
attractive features and wide adoption in practice, the use of \\captcha puzzles
for general cryptographic applications has been limited.
In this work, we explore various ways to formally model \\captcha puzzles and their human component
and
explore new applications for \\captcha. We show that by defining \\captcha with
additional (strong but realistic) properties,
it is possible to broaden \\captcha applicability, including using it to learning a machine\'s
``secret internal state.\'\'
To facilitate this, we introduce
the notion of an human-extractable \\captcha, which we believe may be of independent interest.
We show that this type of \\captcha yields a \\emph{constant round} protocol for \\emph{fully}
concurrent non-malleable zero-knowledge. To enable this we also define and
construct a \\captcha -based commitment scheme which admits ``straight line\'\' extraction.
We also explore
\\captcha definitions in the setting of Universal Composability (UC). We show that there are two (incomparable) ways to
model \\captcha within the UC framework that lead to different results.
In particular, we show that in the so called
\\emph{indirect access model}, for every polynomial time functionality $\\calf$
there exists a protocol that UC-realizes $\\calf$ using human-extractable \\captcha, while for the so-called
\\emph{direct access model}, UC is impossible, even with the help of human-extractable \\captcha.
The security of our constructions using human-extractable \\captcha
is proven against the (standard) class of
all polynomial time adversaries. In contrast, most previous works guarantee
security only against a very limited class of adversaries, called the
\\emph{conservative} adversaries.
Additional news items may be found on the IACR news page.