Chaining CAPTCHAs for fun and profit?

A CAPTCHA is a type of challenge-response test used in computing to determine whether a user is human. Yahoo! is having major difficulties with its CAPTCHAs. Russian hackers are able to pass their Turing tests with 35% accuracy. Some human beings say that their accuracy is 80% on these same tests.

This accuracy is not an historical breakthrough since academics got almost perfect scores on earlier Yahoo! CAPTCHAs. Nevertheless, 35% appears to be good enough to make the CAPTCHA nearly useless.

I have a neat way to decrease the accuracy for the robots while maintaining the human accuracy — at the cost of more work for the human being. Basically, you “chain” the CAPTCHAs by asking the human being to get at least k good answers out of N queries.

Say you have an p=80% probability of entering the right answer as a human being. What is the probability that you will get at least 3 out of 4 right? My answer is F(p) = 4 p3(1-p)+p4. That is, the human being still has an 80% probability of passing the test, while the robot chances went from 35% down to 13%.

I have been unable to find any reference to CAPTCHA chaining. The closest reference I found is this paper:

Ran Canetti, Shai Halevi, Michael Steiner, Hardness Amplification of Weakly Verifiable Puzzles, Lecture Notes in Computer Science, 2005.

If anyone knows how to spin this into an interesting research paper, please get in touch.

I predict that telling human beings apart from evil machines is going to become an emerging and very important research area. The war against artificial intelligences has already started. No. I am not kidding: evil people are building networks of evil software as we speak.

Published by

Daniel Lemire

A computer science professor at the University of Quebec (TELUQ).

3 thoughts on “Chaining CAPTCHAs for fun and profit?”

  1. Why do you think that the human error will be the same for the 4 CAPTCHAs? Maybe humans gets tired after filling the first one and then their performance drops.

    Also: why do you think the number of people who take the time to fill one CAPTCHA will be equal to the number of people willing to fill 4? I have a strong suspicion it would drop.

Leave a Reply

Your email address will not be published.

To create code blocks or other preformatted text, indent by four spaces:

    This will be displayed in a monospaced font. The first four 
    spaces will be stripped off, but all other whitespace
    will be preserved.
    Markdown is turned off in code blocks:
     [This is not a link](

To create not a block, but an inline code span, use backticks:

Here is some inline `code`.

For more help see

You may subscribe to this blog by email.