1) What is the worst that could happen if the private key of a user is stolen (i.e., becomes known to an adversary)? 2) What is the worst that could happen if the private key of a service is stolen? 3) How should the compromised user or service recover? Think about possible vulnerabilities in the recovery process if the user or service key is known to an adversary.