1) Please summarize the Brumley paper.

2) In their attack in Section 3, the attacker can observe
the time it takes the server to decrypt some value g.  Suppose
that it was impossible for an attacker to choose these values:
assume values for g are chosen randomly (by some other source
not under the attacker's control), and the attacker can observe
the value of g and the time it takes to decrypt.  Would the
attack in Section 3 still work under these conditions?  Why
or why not?

3) Was there anything about the paper that you'd like
to discuss in class?  Or, what's the one thing you'd most
like us to discuss in class today?