2018.02.04 02:32:52 (959962930421825536) from Daniel J. Bernstein, replying to "Paulo Barreto (@pbarreto)" (959959038346670080):
The only construction of a "Simon" oracle in this paper is a trivial encoding of the period s. For comparison, Simon's paper efficiently converts a small conventional circuit for f into a small composition of Hadamard and Toffoli gates to compute s, _without_ having s as input.
2018.02.04 02:17:24 (959959038346670080) from "Paulo Barreto (@pbarreto)":
Would you care to elaborate that claim? That sounds kind of a definition of oracle in general, not just here: an indirect access to the information. Like, "attacker can access oracle; oracle can access secret; therefore attacker can access secret." Or...?