[Recall to include a *short* (~1 paragraph) summary of the reading.]

1) The protocol assumes that the Crypto Service Provider and the Evaluator can only be *independently* malicious. That is, they *cannot* collude. What happens if they *do* collude?

2) Let's say there are only 10 users in the system, of which 9 are colluding with the evaluator. Describe at a high level an attack that would allow the attacker to recover information about the honest user's data.