Which of the following holds that city governments can do an…

Questions

Which оf the fоllоwing holds thаt city governments cаn do аnything to serve the needs of their residents that is not specifically prohibited by state law?

A certаin system uses twо-fаctоr аuthenticatiоn. Let the first method be A1 and the second one  A2. Also, assume that the guessing entropy for A1 is e1 bits and the guessing entropy for A2 is e2 bits.  A1 and A2 are defined to be independent if e1 and e2 do not depend on each other. Consider the password-hardening paper discussed in class. The use of a password is method A1 which has entropy e1. A2 is defined by the keystroke timing-derived hardening features and it provides entropy e2.  Can A1 and A2 be considered independent? Provide a brief explanation of your answer. (2+4 pts.)If a two-factor authentication method uses A1 (password) and A2 (keystroke timing), what is the maximum possible entropy that can be provided by this method? Provide your answer as a function of e1 and e2. Explain your answer.  (2+3 pts.) Sensors these days can also measure the pressure with which a key is pressed. If we add such sensors to keyboards and the password hardening system, we can also define an additional feature based on the pressure measured when each key is pressed. If the password is n characters long, what will be the size of the instruction table in this system? Also, what would be the best case hardening entropy (entropy only due to the keystroke timing and pressure-derived features), and under what conditions will it be achieved?  (2+2+4 pts.) As users gain more experience typing the same password, they tend to type it faster. Assume users are slow when a new password is chosen, but the password typing pattern changes and they become fast soon after a new password is chosen. Also, passwords are not changed frequently.Assume an attacker has knowledge of such typing behavior of users. The attacker gains access to Bob's instruction table and history files but does not know when Bob's current password was first used.  Explain the strategy that should be used by the attacker to choose shares in the instruction table to minimize the computational effort required for reconstructing the hardened password to gain access to Bob's account.  (4 pts.)