2,717 research outputs found
Distributed eventual leader election in the crash-recovery and general omission failure models.
102 p.Distributed applications are present in many aspects of everyday life. Banking, healthcare or transportation are examples of such applications. These applications are built on top of distributed systems. Roughly speaking, a distributed system is composed of a set of processes that collaborate among them to achieve a common goal. When building such systems, designers have to cope with several issues, such as different synchrony assumptions and failure occurrence. Distributed systems must ensure that the delivered service is trustworthy.Agreement problems compose a fundamental class of problems in distributed systems. All agreement problems follow the same pattern: all processes must agree on some common decision. Most of the agreement problems can be considered as a particular instance of the Consensus problem. Hence, they can be solved by reduction to consensus. However, a fundamental impossibility result, namely (FLP), states that in an asynchronous distributed system it is impossible to achieve consensus deterministically when at least one process may fail. A way to circumvent this obstacle is by using unreliable failure detectors. A failure detector allows to encapsulate synchrony assumptions of the system, providing (possibly incorrect) information about process failures. A particular failure detector, called Omega, has been shown to be the weakest failure detector for solving consensus with a majority of correct processes. Informally, Omega lies on providing an eventual leader election mechanism
Lower Bounds on Implementing Robust and Resilient Mediators
We consider games that have (k,t)-robust equilibria when played with a
mediator, where an equilibrium is (k,t)-robust if it tolerates deviations by
coalitions of size up to k and deviations by up to players with unknown
utilities. We prove lower bounds that match upper bounds on the ability to
implement such mediators using cheap talk (that is, just allowing communication
among the players). The bounds depend on (a) the relationship between k, t, and
n, the total number of players in the system; (b) whether players know the
exact utilities of other players; (c) whether there are broadcast channels or
just point-to-point channels; (d) whether cryptography is available; and (e)
whether the game has a k+t$ players, guarantees that every player gets a
worse outcome than they do with the equilibrium strategy
Consensus of Multi-Agent Networks in the Presence of Adversaries Using Only Local Information
This paper addresses the problem of resilient consensus in the presence of
misbehaving nodes. Although it is typical to assume knowledge of at least some
nonlocal information when studying secure and fault-tolerant consensus
algorithms, this assumption is not suitable for large-scale dynamic networks.
To remedy this, we emphasize the use of local strategies to deal with
resilience to security breaches. We study a consensus protocol that uses only
local information and we consider worst-case security breaches, where the
compromised nodes have full knowledge of the network and the intentions of the
other nodes. We provide necessary and sufficient conditions for the normal
nodes to reach consensus despite the influence of the malicious nodes under
different threat assumptions. These conditions are stated in terms of a novel
graph-theoretic property referred to as network robustness.Comment: This report contains the proofs of the results presented at HiCoNS
201
Byzantine Failures and Security: Arbitrary is not (always) Random
The Byzantine failure model allows arbitrary behavior of a certain fraction of network nodes in a distributed system. It was introduced to model and analyse the effects of very severe hardware faults in aircraft control systems. Lately, the Byzantine failure model has been used in the area of network security where Byzantine-tolerance is equated with resilience against malicious attackers. We discuss two reasons why one should be careful in doing so. Firstly, Byzantine-tolerance is not concerned with secrecy and so special means have to be employed if secrecy is a desired system property. Secondly, in contrast to the domain of hardware faults, in a security setting it is difficult to compute the assumption coverage of the Byzantine failure model, i.e., the probability that the failure assumption holds in practice. For this latter point we develop a methodology which allows to estimate the reliability of a Byzantine-tolerant solution exposed to attackers of different strengths
Leakage-resilient coin tossing
Proceedings 25th International Symposium, DISC 2011, Rome, Italy, September 20-22, 2011.The ability to collectively toss a common coin among n parties
in the presence of faults is an important primitive in the arsenal of
randomized distributed protocols. In the case of dishonest majority, it
was shown to be impossible to achieve less than 1
r bias in O(r) rounds
(Cleve STOC ’86). In the case of honest majority, in contrast, unconditionally
secure O(1)-round protocols for generating common unbiased
coins follow from general completeness theorems on multi-party secure
protocols in the secure channels model (e.g., BGW, CCD STOC ’88).
However, in the O(1)-round protocols with honest majority, parties
generate and hold secret values which are assumed to be perfectly hidden
from malicious parties: an assumption which is crucial to proving the
resulting common coin is unbiased. This assumption unfortunately does
not seem to hold in practice, as attackers can launch side-channel attacks
on the local state of honest parties and leak information on their secrets.
In this work, we present an O(1)-round protocol for collectively generating
an unbiased common coin, in the presence of leakage on the local
state of the honest parties. We tolerate t ≤ ( 1
3
− )n computationallyunbounded
Byzantine faults and in addition a Ω(1)-fraction leakage on
each (honest) party’s secret state. Our results hold in the memory leakage
model (of Akavia, Goldwasser, Vaikuntanathan ’08) adapted to the
distributed setting.
Additional contributions of our work are the tools we introduce to
achieve the collective coin toss: a procedure for disjoint committee election,
and leakage-resilient verifiable secret sharing.National Defense Science and Engineering Graduate FellowshipNational Science Foundation (U.S.) (CCF-1018064
- …