$(5)$ Because of the known risks of the UND password system, the SunOS$-4\mathrm{.}0$ documentation recommends that the password file be removed and replace with a publicly readable file called $/$ete$/$public$-$key. An entry in the file for user A consists of a user's identifiser ID $A_A$ the user's public key, $PU$ a$,$ and the comesponding private key $PR$ a$.$ This private key is encrypted using DES with a key derived from the user's login password $P_a.$ When A logs in$,$ the system decrypts $E(P_a,P{R}_a)$ to obtain $P{R}_a.$

a$.$ The system then verifies that $P$ a was correctly supplied. How?

b$.$ How can an opponent attack this system?