Security evaluation

Recall that in both the Face and Story schemes, images are grouped into non-overlapping categories. In our derivations below, we make the simplifying assumption that images in a category are equivalent, that is, the specific images in a category that are available do not significantly influence a user's choice in picking a specific category.

First we introduce some notation. An $\ell$-element tuple $x$ is denoted ${x}^{(\ell)}$. If ${\cal S}$ is either the Face or Story scheme, then the expression ${x}^{(\ell)} \leftarrow {\cal S}$ denotes the selection of an $\ell$-tuple ${x}^{(\ell)}$ (a password or password prefix, consisting of $\ell$ image categories) according to ${\cal S}$, involving both user choices and random algorithm choices.