WebApp Sec mailing list archives
RE: Account Lockouts
From: Alexander Klimov <alserkli () inbox ru>
Date: Fri, 10 Dec 2004 14:44:14 +0200 (IST)
On Thu, 9 Dec 2004, David Robert wrote:
I find this very surprising. Maybe I don't understand CAPTCHA's or image processing technology well enough. [...] 3) map out the parameter space so that humans have an easy time and OCR programs don't. This would be a bit of work but I expect the parameter space to be contiguous. I'm not sure this would be possible otherwise. 4) Now you have a very large set of transformations that can be randomly generated - just generate random numbers within the parameter space you have defined.
Let's drop in some numbers: you can do more than 1e9 operations per second, the whole image is 290x80 (on yahoo) or less (AFAIR after two years, it was something like 100x30 in my case) that is 2.3e4 pixels, there are less than 100 characters (10 digits in my case), each glyph can be up to 50x50 large (20x20 in my case). Now let's count the number of transformations. Suppose you have only one contiguous (continuous?) coefficient -- scale. How many *sufficiently different* values it can assume? Note that if template and image use scales which are different but the results are differ by less than a single pixel you will have very good response and so such difference of paramters is not to be called *sufficient*. So, we can guess that there are ~50 different scales. Suppose that x and y scales are different is there now 50x50 states in the space of parameters? Probably not, since a 50x5 glyth is unreadable (BTW: I must admit that out of 5 reloads of the yahoo picture I can guess only 3 -- ok, this is probably not that bad since on average I would be able to login after 2 attempts :-). Let's also add rotations: angle also have not so many possibilites. Probably also some twirl effect (rotate sides more than center). Although in my case there was only single scale and rotation, we can see that even in a more general case the number of transformations is not that large as it seams at first. There are also a lot of possibilities for speed up: if picture is 290x80 you could probably get the match even if you reduce it twice (note that this is not only reduce a single match time 4-fold, but also reduce approximately twice possibilities for each of the above parameters) or start with even coarse resolution and prune most of possibilities before go to the next resolution level. -- Regards, ASK
Current thread:
- RE: Account Lockouts, (continued)
- RE: Account Lockouts Dean Saxe (Dec 03)
- RE: Account Lockouts Skander Ben Mansour (Dec 06)
- RE: Account Lockouts Matt Fisher (Dec 03)
- Re: Account Lockouts Haroon Meer (Dec 03)
- RE: Account Lockouts Stephen de Vries (Dec 03)
- Re: Account Lockouts Jason Coombs (Dec 03)
- Re: Account Lockouts Mark Burnett (Dec 03)
- Re: Account Lockouts Michael Silk (Dec 06)
- Re: Account Lockouts Alexander Klimov (Dec 08)
- RE: Account Lockouts Cunningham, Andy (Dec 08)
- RE: Account Lockouts Alexander Klimov (Dec 14)
- Re: Account Lockouts Valdis . Kletnieks (Dec 14)
- RE: Account Lockouts Dean Saxe (Dec 03)