This sentence in section 11.1 is confusing, in particular the part in bold.
The latter
version bears a resemblance to a stripping attack, which parallel
signatures are subject to, but is slightly different in that the
cross-protocol EUF-CMA game also considers modification message
definition as signed differs from the message the verifier accepts.
I don't even have a suggestion on how to fix that, so I'll leave it to the authors.
Also I suggest this text to fix the next sentence:
In contrast, stripping attacks consider removing one component signature and attempting to verify the remaining signature with the
same message.
This sentence in section 11.1 is confusing, in particular the part in bold.
The latter version bears a resemblance to a stripping attack, which parallel signatures are subject to, but is slightly different in that the cross-protocol EUF-CMA game also considers modification message definition as signed differs from the message the verifier accepts.
I don't even have a suggestion on how to fix that, so I'll leave it to the authors.
Also I suggest this text to fix the next sentence:
In contrast, stripping attacks consider removing one component signature and attempting to verify the remaining signature with the same message.