Why EUF-CMA without verification oracle is not equivalent to EUF-CMA with verification oracle?

killertoge

8/18/23, 11:44 AM

In the book we have talked about sEUF-CMA-secure with verification oracle being equivalent to sEUF-CMA-secure without verification oracle. The proof idea is simple. One direction is trivial. The other direction is proofed by this idea. For every adversary on sEUF-CMA-vq with max q-Verify requests, we can just guess at which Verify request the EUF-CMA-vq adversary is succesful. So we can simulate a verificaton oracle by always answering with Verify(m,t) = 0 for every Verify request except the last j-th one, which is hopefully our valid tag. Why we cannot argue exactly the same way for EUF-CMA?

0 + 0

authentication

mac

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Why EUF-CMA without verification oracle is not equivalent to EUF-CMA with verification oracle?

TH: เหตุใด EUF-CMA ที่ไม่มี oracle การตรวจสอบจึงไม่เทียบเท่ากับ EUF-CMA ที่มี oracle การตรวจสอบ

RO: De ce EUF-CMA fără oracol de verificare nu este echivalent cu EUF-CMA cu oracol de verificare?

RU: Почему EUF-CMA без проверочного оракула не эквивалентен EUF-CMA с проверочным оракулом?

VI: Tại sao EUF-CMA không có tiên tri xác minh không tương đương với EUF-CMA có tiên tri xác minh?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.