Is it safe to validate a captcha on the clientside with its hashkey?

Question

I quite often use captcha codes to secure forms. Until now I check the user-entered captcha solution only on the server side for obvious reasons.

For all other form fields I do a javascript validation on the client since this faster and more user-friendly; (Of course I do a second check on the server-side), But for the captcha field, I just checked if it's filled out.

My question: Would it be safe to do a client-side JavaScript validation by using the hash key (eg MD5) of the captcha-code? Doing it with the hash key wouldn't reveal the captcha code itself to bots and should be quite safe, right?

But maybe I am completly wrong with this idea... Thank you for your insights!

Answer 1

Safe enough I'd say, but that may help OCR bots into checking whether they got it right without trying their luck on the server and risking losing the current captcha (as the server would invalidate the code if an incorrect answer was supplied and won't give you a second chance to try again using the same captcha).

Let's say an OCR bot has trouble telling whether the last letter of your captcha is a lowercase L or the "1" digit ? In a conventional captcha without client-side validation, the bot just tries its luck, if it guesses wrong the server logs the failure and resends it a totally different captcha, so the OCR has to start all over again.

Now imagine the above scenario but with client-side validation, here the bot has a way to verify whether they have the right answer without notifying the server about it, so in this case, if the bot is unsure, it tries all of the possibilities against the hash and only submits the right answer. Basically, this gives the bot the ability to make mistakes without telling the server about it and without having to start all over again.

Finally, I don't have precise numbers in mind, but even with a different salt each time, depending on the number of possibilities (like 4 alphanumeric characters, case-insensitive) it may be possible to bruteforce every single possibility in a reasonable amount of time without even making an OCR. To mitigate this you should use many iterations of the hash so that it becomes computationally difficult to try all possible answers.

Answer 2

Sounds doable, however you should definitely consider a long and random salt to prevent a simple attack based on precalculations.

More formally, you'd have to send the image, a long random salt and the hash value. Then, client side, you would calculate the hash of the input text concatenated with the salt and compare the result to the hash.

Because of the long random salt, the attacker's precalculated set would have to be enormously large to reflect all possible salt values.

Also, forget about MD5 as it is considered unsafe. Use a stronger hash function.

Also note that this would only be something that could possibly enhance the user experience (no need to POST the page in case of mistyped captcha) but definitely you can't do it only client-side . The actual verification must be done at the server.