diff --git a/exam/ex.tex b/exam/ex.tex
index f48f261..6116048 100644
--- a/exam/ex.tex
+++ b/exam/ex.tex
@@ -81,7 +81,14 @@
       $E$ is not present if the adversary is nonce-respecting. Additionally, the
       distinguisher is computationally unbounded and never repeats a query.
 
-    \item \TODO
+    \item The practical relevance is high, in my opinion. This is due to the
+      fact that the EWCDM construction is secure against nonce-misusing
+      adversaries up to the birthday bound. It has been shown that implementing
+      nonces securely is a difficult task. If a scheme is easily broken by wrong
+      handling of nonces, there is no \emph{fallback} security guarantee. The
+      EWCDM construction, however, provides such a \emph{fallback} security
+      guarantee and is of high practical relevance.
+
     \item \TODO
     \item \TODO
     \item \TODO