Why make it difficult to disable MFA tokens?

Some websites make it easy to enrol multiple TOTP apps at the same time but make it difficult to disable these apps. For instance, the user would have to completely reset the MFA settings instead of just disabling one TOTP app, or the user would have to provide a state-issued ID to have this done by user support.

What type of threat scenario does this address? After all, an attacker who would be able to authenticate as a legitimate user would then be able to change the password and lock the legitimate user out, so what is the difference?

Can spellcasters try to make it difficult to identify what spell they’re casting?

How to identify a spell being cast? discusses how to identify a spell.

This question seeks to discover whether there are steps a spellcaster could take during casting to make this identification more difficult. The question is not about hiding the casting (such as casting the spell round a corner, then releasing it with a reaction) – the person trying to identify the spell has full view of the spellcaster casting it.

Such steps might include:

  • Putting some irrelevant words around the actual mystic words of the verbal component
  • Waving your hands as if performing a somatic component, despite the spell not having one

Is this sort of thing possible while casting a spell (to be clear, without any special capability such as the Sorcerer’s Subtle Spell), and if so what effects does doing so have on spell identification?

Set which is easy to sample, but difficult to sample from its complement

Given a set $ S \subseteq \{0,1\}^*$ , the algorithm $ A$ is a generator for $ S$ if given $ n$ random bits $ x \in \{0,1\}^n$ , $ A$ generates an element of $ S$ of size $ n$ , and $ A$ can generate at least $ \frac{2}{3}$ members of $ S$ of size $ n$ (for all $ n$ ). $ A$ does not have to be uniform.

Is there a set $ S$ such that there exists an efficient algorithm $ A$ such that for all $ n$ , $ A$ generates at least $ \frac{2}{3}$ members of $ S$ (of size $ n$ ), but any efficient algorithm for $ S^C$ can only generate at most $ \frac{1}{3}$ elements from $ S^C$ of size $ n$ (under complexity asuumptions)?

Would a difficult to access “Key” be an option to securely solve the Apple vs. FBI problem?

In recent times, there has been an escalating demand by legislators in the US and the world around to be able to decrypt phones that come pre-configured with strong encryption. Key escrow is commonly suggested as a solution, with the risk seeming to arise out of the escrow agent misusing or not appropriately securing the keys — allowing for remote, illegal, or surreptitious access to the secured data.

Could a system secure from remote attack be devised by adding an offline tamper-evident key to the device? This could be an unconnected WLCSP flash chip or a barcode within the device with the plaintext of a decryption key.

I recognize the evil maid attack, but presume a tamper seal could be made sufficiently challenging to thwart all but the most motivated attackers from surreptitious access to the data.

What would be lost in this scheme relative to the current security afforded by a consumer-grade pre-encrypted device (cf. iPhone)? Bitcoin, Subpoena efficacy, and other scenarios that seem fine with “smash and grab” tactics come to mind.

Does NP $\cap$ coNP less difficult than NP-complete?

I am taking a complexity class now, and I struggle to understand the concept of “hardness”:
Assume that $ L \in \textit{NP } \cap \textit{ coNP}$ . In means that under the assumption $ NP \neq coNP$ , $ L$ cannot be NP-complete. The formal meaning is that not all languages in NP can be reduced to $ L$ , but does it mean that $ L$ is easier to solve than NP-complete language (in the sense that it is more likely to have non-exponential algorithm which decides it)?
Does is plausible that the optimal algorithm for $ L$ is exponential? (For 3-SAT there is a known assumption, ETH, which as far as I understand states that the optimal algorithm for it has to be exponential).

Is jumping farther than STR feet possible, how difficult is it, and does it take an Action when performed in combat?

I am slightly confused about how far a PC can jump in combat. On page 182, the PHB defines the mechanics of the long jump:

When you make a long jump, you cover a number of feet up to your Strength score if you move at least 10 feet on foot immedialely before the jump. When you make a standing long jump, you can leap only half that distance. Either way, each foot you clear on the jump costs a foot of movement.

The subsequent description of the high jump is essentially analoguous with the Strength score replaced with the Strength modifier. However, it also features the following addition:

In some circumstances, your DM might allow you to make a Strength (Athletics) check to jump higher than you normally can.

Since this is explictly spelled out for the high jump and no similar mechanic is mentioned in the context of the long jump, I’d be inclined to infer that being able to jump farther by making a successful Strength check is not intended by the game designers. However, on page 175, the PHB explictily lists the following as an example of an Athletics check:

You try to jump an unusually long distance

Questions:

  1. Is it possible to exceed your normal maximum jump length by passing a Strength (Athletics) check?
  2. If so, is there a guideline for the DC of jumping a given number of feet farther than one’s Strength score?
  3. Would such an unusually long jump still be simply a part of one’s Movement, or would it consume an Action? Would it maybe cost extra feet of Movement?

Context:

When playing on a grid, the relevant jump lengths are usually multiples of 5 feet. If for example a PC has a Strength score of 8, that effectively means they can jump only 5 feet. In my opinion, letting them jump 10 feet instead should obviously not come for free, but it also shouldn’t be too big a deal. If someone could refer me to an official source that offers clarification on that matter, I’d be very happy.

How to find a context-free grammar from a difficult language?

Some Languages are trivial to find their respective context-free grammar. Like for example $ L= \{a^nb^n: n \geqslant 0\}$ . However some are really difficult to solve. I would like to have some advice on how I can tackle them.

For example I have the following language that I have been trying to solve for a while :enter image description here

I tried to divide the problem into three cases as follow:

case i: na $ \le$ nb

case ii: nb $ \le$ na $ <$ 2nb

case iii: na $ \ge$ 2nb

The first case was easy to solve however I am stuck in case ii. At this point I don’t even know if the procedure that I chose is the correct one.

Is the illusion created by Invoke Duplicity affected by difficult terrain?

Is the illusion created by the Trickery Domain Cleric affected by difficult terrain when moving?

As a DM, I’m assuming that it is not affected by difficult terrain. Is that correct?

I assume if a player does move the illusion at normal pace on difficult terrain you would give the NPC / monster some form of saving throw to realise it’s an illusion.