Score:0

MAC Security - MAC verification queries

za flag

In the applied cryptography book by Boneh and Shoup, Chapter 6 on MACs, it is stated that an adversary that is also capable of requesting the challenger for verification queries (in addition to signing queries) is not stronger than an Adversary that can only ask for signing queries. I do not understand why a verification query cannot be emulated by the signing query Adversary by generating the pair (mi, ti) for himself, and then generate a signing query for the challenger with mi, getting back ti', compare ti'==ti if comparison succeeds, adversary wins, else it fails. Why do you need additional entity (B) between the Adversary to the Challenger?

poncho avatar
my flag
It's unclear what you're asking; Boneh and Shoup state that adding a verification oracle makes the adversary no stronger; you give some reasoning why adding a verification oracle makes the adversary no stronger (BTW: your reasoning does assume that the MAC is deterministic, as well as the (mi, ti) pair being queried in your process wouldn't count as a forgery). Since you appear to be agreeing with Boneh and Shoup, what's your question?
Evgeni Vaknin avatar
za flag
I wonder why it is needed to introduce an additional entity (B) between the Adversary (A) to the challenger in order to prove that the capability of verification queries does not make the Adversary stronger
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.