| dc.contributor.advisor | Ran Canetti and Ronald L. Rivest. | en_US |
| dc.contributor.author | Daher, Waseem S. (Waseem Sebastian) | en_US |
| dc.contributor.other | Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science. | en_US |
| dc.date.accessioned | 2009-06-25T20:36:16Z | |
| dc.date.available | 2009-06-25T20:36:16Z | |
| dc.date.copyright | 2008 | en_US |
| dc.date.issued | 2008 | en_US |
| dc.identifier.uri | http://hdl.handle.net/1721.1/45628 | |
| dc.description | Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2008. | en_US |
| dc.description | This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections. | en_US |
| dc.description | Includes bibliographical references (p. 51-53). | en_US |
| dc.description.abstract | A puzzle only solvable by humans, or POSH, is a prompt or question with three important properties: it can be generated by a computer, it can be answered consistently by a human, and a human answer cannot be efficiently predicted by a computer. In fact, a POSH does not necessarily have to be verifiable by a computer at all. One application of POSHes is a scheme proposed by Canetti et al. that limits on-line dictionary attacks against password-protected local storage, without the use of any secure hardware or secret storage. We explore the area of POSHes, implement several candidate POSHes and have users solve them, to evaluate their effectiveness. Given these data, we then implement the above scheme as an extension to the Mozilla Firefox web browser, where it is used to protect user certificates and saved passwords. In the course of doing so, we also define certain aspects of the threat model for our implementation (and the scheme) more precisely. | en_US |
| dc.description.statementofresponsibility | by Waseem S. Daher. | en_US |
| dc.format.extent | 53 p. | en_US |
| dc.language.iso | eng | en_US |
| dc.publisher | Massachusetts Institute of Technology | en_US |
| dc.rights | M.I.T. theses are protected by
copyright. They may be viewed from this source for any purpose, but
reproduction or distribution in any format is prohibited without written
permission. See provided URL for inquiries about permission. | en_US |
| dc.rights.uri | http://dspace.mit.edu/handle/1721.1/7582 | en_US |
| dc.subject | Electrical Engineering and Computer Science. | en_US |
| dc.title | POSH : a generalized CAPTCHA with security applications | en_US |
| dc.title.alternative | Generalized CAPTCHA with security applications | en_US |
| dc.type | Thesis | en_US |
| dc.description.degree | M.Eng. | en_US |
| dc.contributor.department | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science | |
| dc.identifier.oclc | 341591243 | en_US |
