I did some researches about forgery attack and chosen-message attack.
For me, forgery attacks are more focused on the verifiability whereas chosen-message attacks are similar to brute-force attacks.
I am in the right way? If not, could you help me to understant better.
Thank you,
In the forgery of a Digital signature ( or a MAC), the signature system has a flaw so that the attackers are able to create a message $m$ and a valid signature $\sigma = sign(m)$ that has never been created by the valid user ( the owner of the signature key).
The forgery is the target/aim of the attacker against a digital signature*. Like in the encryption schemes, we have game settings between the attacker and challenger.
There are various models for signature security, for details, see our canonical Q/A. What you considered is;
UF under Chosen-Message Attack (UF-CMA).
The adversary $\mathsf{A}$ is a polynomial-time probabilistic machine, $\mathcal{M}$ is the message space, $\mathsf{K} $ is the keyspace and $\lambda$ is the security parameter. The game;
Sample key $(sk,pk)\leftarrow\mathsf{K}(1^\lambda)$, run the adversary $\mathsf{A}(1^\lambda,pk)$ and initialise a set $\mathcal{M}'=\emptyset$.
If $\mathsf{A}$ queries for signature on a message $m\in\mathcal{M}$, responds with $\sigma(m)$, and add $m$ to $\mathcal{M}'$
a. Challenge $\mathsf{A}$ on an arbitrary message $m^*\not\in\mathcal{M}'$
In this attack, the adversary chooses the messages as they like so that they learn information about the signature system. Then, given the challenge message they produce a valid signature on the signature scheme.
An example attack was executed on ISO/IEC 9796–1 Signature Scheme by our moderator;
*There is also a total break in which the adversary access the signature key!
