Abstract

Visual CAPCTCHAs, like gimpy images, are commonly used to screen human users from automated computer scripts. We propose using them for direct, visual authentication of digital documents. The basic assumption is that if it is hard or impossible for the computer to recognize a document, then it cannot manipulate it. If such a document is still recognizable by a human, he or she can be confident that it is authentic, or at least that no automated process has manipulated it. Such authentication is highly desirable in the context of digital signatures, which, due to the computational complexity, have to be produced by a computer. It can be a specialized, trusted cryptographic computer, e.g. a smartcard, but the path to it is generally not secure. Visual CAPTCHAs can be used for securing the path without the need for additional hardware