2. (30 points) Client puzzles is one effective method that is proposed against DDoS. Specifically,after the client sends a connection request, the server will generate a fresh pair of k and ???? suchthat HMACk(????) ends with n bits of 0. Afterward, this random challenge k and the difficultyparameter n will be sent to the client. Now, the client has to provide the server with a solution ?????such that HMACk(?????) also ends in n zero bits. (Lets assume that the server and the client agree onthe hash function in HMAC. It doesnt matter whether ???? = ?????.)a) The output of HMAC is uniformly random. Given n, what is the probability that the client canfind at least one solution after trying N times? Pick a n by yourself and draw the probability-Ngraph to explain the tendency.b) How does n affect the security?c) How many HMAC calculation does the server need to do in this protocol (not including thepair generation)?d) Do you think k needs to be random for each clients request? Why?
3. (20 points) Describe how a DNS poisoning attack works and ways to mitigate it. List a case wherea DNS poisoning took place. Which network was poisoned, who were the victims, and how didhackers exploit the poisoned system? Could this exploit have been stopped? How? Whoseresponsibility is it to stop these kinds of attacks? (You may refer online sources but theinformation should be in your words)