In this paper, we consider authentication codes where the adversary has access to a verification oracle. We formally study two attack games: offline attack and online attack. In an offline impersonation attack with verification query of order i, the adversary launches its attack through two stages. In the first stage — the query stage — the adversary can adaptively choose i distinct messages to query the verification oracle. The verification oracle will answer whether these queried messages are valid or invalid under the secret encoding rule agreed by the transmitter and the receiver. In the later stage — the spoofing stage — the adversary creates a fraudulent message which is different from all its queried messages and sends this message to the receiver. The adversary wins if the receiver accepts the fraudulent message as a valid message. In an online impersonation attack with verification query of order i, the adversary has i + 1 chances to query the verification oracle and wins as soon as one of the queries is a valid message. We make use of strategy trees, which allow optimal strategies in both attack games to be identified, to establish a number of relationships between the value of the two games. This allows us to formally prove a relationship between the value of the game when the adversary has i queries, and the one in which he does not have any. The relationship, though widely believed to be true, was only recently proved for computationally secure systems. Our result complements this latter work for the information theoretic setting.
Information-Theoretic Timed-Release Security: Key-Agreement, Encryption, and Authentication Codes
