42 research outputs found
Bounding the Impact of Unbounded Attacks in Stabilization
Self-stabilization is a versatile approach to fault-tolerance since it
permits a distributed system to recover from any transient fault that
arbitrarily corrupts the contents of all memories in the system. Byzantine
tolerance is an attractive feature of distributed systems that permits to cope
with arbitrary malicious behaviors. Combining these two properties proved
difficult: it is impossible to contain the spatial impact of Byzantine nodes in
a self-stabilizing context for global tasks such as tree orientation and tree
construction. We present and illustrate a new concept of Byzantine containment
in stabilization. Our property, called Strong Stabilization enables to contain
the impact of Byzantine nodes if they actually perform too many Byzantine
actions. We derive impossibility results for strong stabilization and present
strongly stabilizing protocols for tree orientation and tree construction that
are optimal with respect to the number of Byzantine nodes that can be tolerated
in a self-stabilizing context
Self-Stabilization, Byzantine Containment, and Maximizable Metrics: Necessary Conditions
Self-stabilization is a versatile approach to fault-tolerance since it
permits a distributed system to recover from any transient fault that
arbitrarily corrupts the contents of all memories in the system. Byzantine
tolerance is an attractive feature of distributed systems that permits to cope
with arbitrary malicious behaviors. We consider the well known problem of
constructing a maximum metric tree in this context. Combining these two
properties leads to some impossibility results. In this paper, we provide two
necessary conditions to construct maximum metric tree in presence of transients
and (permanent) Byzantine faults
On Byzantine Broadcast in Loosely Connected Networks
We consider the problem of reliably broadcasting information in a multihop
asynchronous network that is subject to Byzantine failures. Most existing
approaches give conditions for perfect reliable broadcast (all correct nodes
deliver the authentic message and nothing else), but they require a highly
connected network. An approach giving only probabilistic guarantees (correct
nodes deliver the authentic message with high probability) was recently
proposed for loosely connected networks, such as grids and tori. Yet, the
proposed solution requires a specific initialization (that includes global
knowledge) of each node, which may be difficult or impossible to guarantee in
self-organizing networks - for instance, a wireless sensor network, especially
if they are prone to Byzantine failures. In this paper, we propose a new
protocol offering guarantees for loosely connected networks that does not
require such global knowledge dependent initialization. In more details, we
give a methodology to determine whether a set of nodes will always deliver the
authentic message, in any execution. Then, we give conditions for perfect
reliable broadcast in a torus network. Finally, we provide experimental
evaluation for our solution, and determine the number of randomly distributed
Byzantine failures than can be tolerated, for a given correct broadcast
probability.Comment: 1
Reliable Communication in a Dynamic Network in the Presence of Byzantine Faults
We consider the following problem: two nodes want to reliably communicate in
a dynamic multihop network where some nodes have been compromised, and may have
a totally arbitrary and unpredictable behavior. These nodes are called
Byzantine. We consider the two cases where cryptography is available and not
available. We prove the necessary and sufficient condition (that is, the
weakest possible condition) to ensure reliable communication in this context.
Our proof is constructive, as we provide Byzantine-resilient algorithms for
reliable communication that are optimal with respect to our impossibility
results. In a second part, we investigate the impact of our conditions in three
case studies: participants interacting in a conference, robots moving on a grid
and agents in the subway. Our simulations indicate a clear benefit of using our
algorithms for reliable communication in those contexts
A Scalable Byzantine Grid
Modern networks assemble an ever growing number of nodes. However, it remains
difficult to increase the number of channels per node, thus the maximal degree
of the network may be bounded. This is typically the case in grid topology
networks, where each node has at most four neighbors. In this paper, we address
the following issue: if each node is likely to fail in an unpredictable manner,
how can we preserve some global reliability guarantees when the number of nodes
keeps increasing unboundedly ? To be more specific, we consider the problem or
reliably broadcasting information on an asynchronous grid in the presence of
Byzantine failures -- that is, some nodes may have an arbitrary and potentially
malicious behavior. Our requirement is that a constant fraction of correct
nodes remain able to achieve reliable communication. Existing solutions can
only tolerate a fixed number of Byzantine failures if they adopt a worst-case
placement scheme. Besides, if we assume a constant Byzantine ratio (each node
has the same probability to be Byzantine), the probability to have a fatal
placement approaches 1 when the number of nodes increases, and reliability
guarantees collapse. In this paper, we propose the first broadcast protocol
that overcomes these difficulties. First, the number of Byzantine failures that
can be tolerated (if they adopt the worst-case placement) now increases with
the number of nodes. Second, we are able to tolerate a constant Byzantine
ratio, however large the grid may be. In other words, the grid becomes
scalable. This result has important security applications in ultra-large
networks, where each node has a given probability to misbehave.Comment: 17 page
Parameterizable Byzantine Broadcast in Loosely Connected Networks
We consider the problem of reliably broadcasting information in a multihop
asynchronous network, despite the presence of Byzantine failures: some nodes
are malicious and behave arbitrarly. We focus on non-cryptographic solutions.
Most existing approaches give conditions for perfect reliable broadcast (all
correct nodes deliver the good information), but require a highly connected
network. A probabilistic approach was recently proposed for loosely connected
networks: the Byzantine failures are randomly distributed, and the correct
nodes deliver the good information with high probability. A first solution
require the nodes to initially know their position on the network, which may be
difficult or impossible in self-organizing or dynamic networks. A second
solution relaxed this hypothesis but has much weaker Byzantine tolerance
guarantees. In this paper, we propose a parameterizable broadcast protocol that
does not require nodes to have any knowledge about the network. We give a
deterministic technique to compute a set of nodes that always deliver authentic
information, for a given set of Byzantine failures. Then, we use this technique
to experimentally evaluate our protocol, and show that it significantely
outperforms previous solutions with the same hypotheses. Important disclaimer:
these results have NOT yet been published in an international conference or
journal. This is just a technical report presenting intermediary and incomplete
results. A generalized version of these results may be under submission
Optimal self-stabilizing mobile byzantine-tolerant regular register with bounded timestamps
This paper proposes the first implementation of a self-stabilizing regular register emulated by n servers that is tolerant to both Mobile Byzantine Agents and transient failures in a round-free synchronous model. Differently from existing Mobile Byzantine Tolerant register implementations, this paper considers a weaker model where: (i) the computation of the servers is decoupled from the movements of the Byzantine agents, i.e., movements may happen before, concurrently, or after the generation or the delivery of a message, and (ii) servers are not aware of their failure state i.e., they do not know if and when they have been corrupted by a Mobile Byzantine agent. The proposed protocol tolerates (i) any finite number of transient failures, and (ii) up to f Mobile Byzantine agents. In addition, our implementation uses bounded timestamps from the Z13 domain and it is optimal with respect to the number of servers needed to tolerate f Mobile Byzantine agents in the given model (i.e., n>6f when Δ=2δ, and n>8f when Δ=δ, where Δ represents the period at which the Byzantine agents move and δ is the upper bound on the communication latency)
Self-Stabilization in the Distributed Systems of Finite State Machines
The notion of self-stabilization was first proposed by Dijkstra in 1974 in his classic paper. The paper defines a system as self-stabilizing if, starting at any, possibly illegitimate, state the system can automatically adjust itself to eventually converge to a legitimate state in finite amount of time and once in a legitimate state it will remain so unless it incurs a subsequent transient fault. Dijkstra limited his attention to a ring of finite-state machines and provided its solution for self-stabilization. In the years following his introduction, very few papers were published in this area. Once his proposal was recognized as a milestone in work on fault tolerance, the notion propagated among the researchers rapidly and many researchers in the distributed systems diverted their attention to it. The investigation and use of self-stabilization as an approach to fault-tolerant behavior under a model of transient failures for distributed systems is now undergoing a renaissance. A good number of works pertaining to self-stabilization in the distributed systems were proposed in the yesteryears most of which are very recent. This report surveys all previous works available in the literature of self-stabilizing systems