CHORUS Lab

Carleton's Human Oriented Research in Usable Security Lab

 

Gerardo Reynaga

Photo of Gerardo Reynaga in the CHORUS lab

About

I completed a PhD in computer science in August 2015. I was co-supervised by Dr. Sonia Chiasson and Dr. Paul van Oorschot.

Research Interests

My interests are in Human-Computer Interaction and Security and in particular, Usable Security. Although most of my current work involves CAPTCHAS and smartphones I am also interested on heuristic evaluation, privacy issues, perception, server admin tools (security aspects).

Thesis Abstract

Completely Automated Public Turing tests to tell Computers and Humans Apart (captcha) are challenge-response tests used on the web to distinguish human users from automated bots. Mobile devices such as smartphones and tablets have become a primary means of accessing online resources for many users, however most existing captchas do not properly fit mobile devices and may lead users to abandon tasks.

Captchas have become sufficiently hard for users to solve that some web sites refrain from deploying them and others are actively looking at alternatives. For users of smartphones, the reduced screen size can lead to typing mistakes and loss of position. In addition, environmental context and device orientation also have an impact on the user experience.

In this thesis, our research revolves around three primary, inter-related questions: How can we effectively assess usability issues of captchas accessed on smartphones? What are the most prevalent usability issues of captchas accessed on smartphones? How can we improve captchas for smartphone usage? We conducted lab and heuristic evaluations on existing and prototype captcha schemes, and identified areas for improvement. We developed, refined and tested a set of domain specific heuristics to evaluate captcha schemes on smartphones. We designed and tested four captcha prototypes to assess the viability of different input methods. From the empirical work, we identified design strategies for the development of new captcha schemes for smartphones.

Publications

Articles
  • [DOI] Yi Xu, Gerardo Reynaga, Sonia Chiasson, J. -M. Frahm, Fabian Monrose, and P. C. van Oorschot. [Journal Article] Security Analysis and Related Usability of Motion-based CAPTCHAs: Decoding Codewords in Motion. Transactions on Dependable and Secure Computing (TDSC), 11:480 – 493, 2013.
    [PDF] [Bibtex] 
    @ARTICLE{xu2013captcha-tdsc,
author = {Xu, Yi and Reynaga, Gerardo and Chiasson, Sonia and Frahm, J.-M.
and Monrose, Fabian and van Oorschot, P. C.},
title = {[Journal Article] Security Analysis and Related Usability of Motion-based
CAPTCHAs: Decoding Codewords in Motion},
journal = {Transactions on Dependable and Secure Computing (TDSC)},
year = {2013},
volume = {11},
pages = {480 -- 493},
issue = {5},
doi = {10.1109/TDSC.2013.52},
note = {Articles},
publisher = {IEEE}
}

Conference Papers
  • Gerardo Reynaga, Sonia Chiasson, and Paul C. van Oorschot. [Paper] Heuristics for the Evaluation of Captchas on Smartphones. In British HCI Conference. ACM, 2015.
    [PDF] [Bibtex] 
    @INPROCEEDINGS{reynaga2015heuristics-bhci,
author = {Reynaga, Gerardo and Chiasson, Sonia and van Oorschot, Paul C},
title = {[Paper] Heuristics for the Evaluation of Captchas on Smartphones},
booktitle = {British HCI Conference},
year = {2015},
organization = {ACM},
note = {Conference Papers}
}

  • Gerardo Reynaga, Sonia Chiasson, and Paul C. van Oorschot. [Paper] Exploring the Usability of CAPTCHAS on Smartphones: Comparisons and Recommendations. In NDSS Workshop on Usable Security (USEC). Internet Society, 2015.
    [PDF] [Bibtex] 
    @INPROCEEDINGS{reynaga2015captcha-usec,
author = {Reynaga, Gerardo and Chiasson, Sonia and van
Oorschot, Paul C},
title = {[Paper] Exploring the Usability of CAPTCHAS on Smartphones: Comparisons and Recommendations},
booktitle = {NDSS Workshop on Usable Security (USEC)},
year = {2015},
organization = {Internet Society},
note = {Conference Papers}
}

  • Gerardo Reynaga and Sonia Chiasson. [Paper] The Usability of CAPTCHAs on Smartphones. In International Conference on Security and Cryptography (SECRYPT), page 427–434. SCITEPRESS, 2013.
    [PDF] [Bibtex] 
    @INPROCEEDINGS{reynaga2013captcha-secrypt,
author = {Reynaga, Gerardo and Chiasson, Sonia},
title = {[Paper] The Usability of CAPTCHAs on Smartphones},
booktitle = {International Conference on Security and Cryptography (SECRYPT)},
year = {2013},
pages = {427--434},
organization = {SCITEPRESS},
note = {Conference Papers}
}

  • Yi Xu, Gerardo Reynaga, Sonia Chiasson, J. -M. Frahm, Fabian Monrose, and P. C. van Oorschot. [Paper] Security and usability challenges of moving-object CAPTCHAs: Decoding codewords in motion. In USENIX Security Symposium 2012.
    [PDF] [Bibtex] 
    @INPROCEEDINGS{xu2012captchas-usenix,
author = {Yi Xu AND Gerardo Reynaga AND Sonia Chiasson AND J.-M. Frahm AND
Fabian Monrose AND P. C. van Oorschot},
title = {[Paper] Security and usability challenges of moving-object CAPTCHAs:
Decoding codewords in motion},
booktitle = {USENIX Security Symposium},
year = {2012},
note = {Conference Papers}
}

Posters and Others
  • Gerardo Reynaga and Sonia Chiasson. [Newsletter] Adapting CAPTCHAs for Smartphone Usage. NSERC Surfnet Newsletter, v5(1) 2014.
    [Bibtex] 
    @MISC{reynaga2014captchas-surfnet,
author = {Gerardo Reynaga AND Sonia Chiasson},
title = {[Newsletter] Adapting CAPTCHAs for Smartphone Usage},
howpublished = {NSERC Surfnet Newsletter},
month = {v5(1)},
year = {2014},
note = {Posters and Others}
}

  • Yi Xu, Gerardo Reynaga, Sonia Chiasson, J. -M. Frahm, Fabian Monrose, and P. C. van Oorschot. [Poster] Security and Usability Challenges of Moving-Object CAPTCHAs: Decoding Codewords in Motion. Symposium on Usable Privacy and Security (SOUPS), 2012.
    [Bibtex] 
    @MISC{xu2012captcha-soups,
author = {Yi Xu AND Gerardo Reynaga AND Sonia Chiasson AND J.-M. Frahm AND
Fabian Monrose AND P. C. van Oorschot},
title = {[Poster] Security and Usability Challenges of Moving-Object CAPTCHAs:
Decoding Codewords in Motion},
howpublished = {Symposium on Usable Privacy and Security (SOUPS)},
year = {2012},
note = {Posters and Others}
}

Theses
  • Gerardo Reynaga. [Thesis] The usability of captchas on mobile devices. PhD thesis, School of Computer Science, Carleton University, 2015.
    [PDF] [Bibtex] 
    @PHDTHESIS{reynaga2015thesis-carleton,
author = {Gerardo Reynaga},
title = {[Thesis] The usability of captchas on mobile devices },
school = {School of Computer Science, Carleton University},
year = {2015},
note = {Theses}
}