Hello, Are You Human?
Abstract
In this paper, we propose the concept of a humanizer and explore its
applications in network security and E-commerce. A humanizer is a
novel authentication scheme that asks the question "are you human?"
(instead of "who are you?"), and upon the correct answer to this
question, can prove a principal to be a human being instead of a
computer program. We demonstrate that the humanizer helps solve
problems in network security and E-commerce that existing security
measures can not address properly. A key component of this "are you
human?" authentication process is a new type of trapdoor one-way hash
function, called Turing-resistant hashing. It transforms a character
string (the preimage) into a graphical form (the image) in such a way
that a human being won't have any problem recovering the preimage
through the trapdoor of human pattern recognition skills, while a
computer program, essentially a Turing machine, will not be able to
decode it or make a correct guess of the preimage with non-negligible
probability. Based on this hash function, we design a stateless
generic humanizer that can be parameterized for use in various
real-world applications.