Logo PTI Logo FedCSIS

Communication Papers of the 18th Conference on Computer Science and Intelligence Systems

Annals of Computer Science and Information Systems, Volume 37

Proof-of-Work CAPTCHA with password cracking functionality

,

DOI: http://dx.doi.org/10.15439/2023F5820

Citation: Communication Papers of the 18th Conference on Computer Science and Intelligence Systems, M. Ganzha, L. Maciaszek, M. Paprzycki, D. Ślęzak (eds). ACSIS, Vol. 37, pages 6164 ()

Full text

Abstract. This document proposes an alternative CAPTCHA system that implements a proof-of-work mechanism to protect resources (usually web services) from being accessed by automatic entities called bots. Normally, CAPTCHA forces the user to do some work in order to prove that he is not a machine. The proposed system utilizes a novel alternative to Proof-of-Work algorithm that utilizes user's computing power to crack password hashes.

References

  1. Netacea, “Businesses lose up to $250m every year to unwanted bot attacks,” https://netacea.com/blog/businesses-lose-up-to-250m-every-year-bots/, [Accessed 13-March-2023].
  2. Wappalyzer, “reCAPTCHA market share compared to an alternative hCAPTCHA,” https://www.wappalyzer.com/compare/recaptcha-vs-hcaptcha/, [Accessed 13-March-2023].
  3. Fastcompany, “Google’s new recaptcha has a dark side,” https://www.fastcompany.com/90369697/googles-new-recaptcha-has-a-dark-side, [Accessed 13-March-2023].
  4. Wikipedia, “CAPTCHA — Wikipedia, the free encyclopedia,” https://en.wikipedia.org/wiki/CAPTCHA, 2023, [Accessed 04-February-2023].
  5. I. Akrout, A. Feriani, and M. Akrout, “Hacking google recaptcha v3 using reinforcement learning,” 2019. http://dx.doi.org/10.48550/ARXIV.1903.01003. [Online]. Available: https://arxiv.org/abs/1903.01003
  6. 2Captcha, “a captcha solving solution,” https://2captcha.com/, [Accessed 13-March-2023].
  7. A. Back, “Hashcash – a denial of service counter-measure,” 2002, [Accessed 06-February-2023]. [Online]. Available: http://www.hashcash.org/papers/hashcash.pdf
  8. S. Nakamoto, “Bitcoin: A peer–to–peer electronic cash system,” 2008, [Accessed 02-May-2023]. [Online]. Available: https://bitcoin.org/bitcoin.pdf
  9. Interpol, “Cryptojacking,” https://www.interpol.int/en/Crimes/Cybercrime/Cryptojacking, [Accessed 02-March-2023].
  10. Cloudflare, “Turnstile,” https://developers.cloudflare.com/turnstile/, 2023, [Accessed 25-February-2023].