4.5-4.8, due on September 22

1. (Difficult) The Meet-in-the-Middle Attacks section was somewhat difficult to understand.  I'm not entirely sure how the attack works, although I get the idea that the effort required is only about doubled, instead of squared.  
2. (Reflective) One thing I was curious that the authors didn't mention about password cracking is that attackers can just look for the salts that exist in the actual password file you are looking at, rather than trying all 4096.  They did mention this possibility for trying to attack one specific password, but I don't recall the idea being extended to an entire password file.  We discussed this in CS 465.
   I wonder about the idea of the salt-enhanced password version of DES being more secure because DES chips can't be used to assist in the process.  The text does say that a different chip would have to be designed in order to facilitate the altered DES, but I don't see why it would be all that much harder than a regular DES chips?  Are DES-cracking chips common?  If so, maybe there's just much more demand for the traditional version.
   Also, the discussion on passwords seems to be a little outdated, in that int concludes by saying there are new schemes being studied; I think probably there's other schemes already in use (e.g. it appears the OS I am using used SHA-512).
   Many of these things we discussed in CS 465, but I am appreciating this additional viewpoint.