58 research outputs found
Quantum Clock Synchronization with a Single Qudit
Clock synchronization for nonfaulty processes in multiprocess networks is
indispensable for a variety of technologies. A reliable system must be able to
resynchronize the nonfaulty processes upon some components failing causing the
distribution of incorrect or conflicting information in the network. The task
of synchronizing such networks is related to detectable Byzantine agreement
(DBA), which can classically be solved using recursive algorithms if and only
if less than one-third of the processes are faulty. Here we introduce a
nonrecursive quantum algorithm that solves the DBA and achieves clock
synchronization in the presence of arbitrary many faulty processes by using
only a single quantum system
Efficient MPC with a Mixed Adversary
Over the past 20 years, the efficiency of secure multi-party protocols has been greatly improved. While the seminal protocols from the late 80âs require a communication of Ω(nâ¶) field elements per multiplication among n parties, recent protocols offer linear communication complexity. This means that each party needs to communicate a constant number of field elements per multiplication, independent of n. However, these efficient protocols only offer active security, which implies that at most t<n/3 (perfect security), respectively t<n/2 (statistical or computational security) parties may be corrupted. Higher corruption thresholds (i.e., tâ„ n/2) can only be achieved with degraded security (unfair abort), where one single corrupted party can prevent honest parties from learning their outputs. The aforementioned upper bounds (t<n/3 and t<n/2) have been circumvented by considering mixed adversaries (Fitzi et al., Crypto' 98), i.e., adversaries that corrupt, at the same time, some parties actively, some parties passively, and some parties in the fail-stop manner. It is possible, for example, to achieve perfect security even if 2/3 of the parties are faulty (three quarters of which may abort in the middle of the protocol, and a quarter may even arbitrarily misbehave). This setting is much better suited to many applications, where the crash of a party is more likely than a coordinated active attack. Surprisingly, since the presentation of the feasibility result for the mixed setting, no progress has been made in terms of efficiency: the state-of-the-art protocol still requires a communication of Ω(nâ¶) field elements per multiplication. In this paper, we present a perfectly-secure MPC protocol for the mixed setting with essentially the same efficiency as the best MPC protocols for the active-only setting. For the first time, this allows to tolerate faulty majorities, while still providing optimal efficiency. As a special case, this also results in the first fully-secure MPC protocol secure against any number of crashing parties, with optimal (i.e., linear in n) communication. We provide simulation-based proofs of our construction.ISSN:1868-896
Extended Validity and Consistency in Byzantine Agreement
A broadcast protocol allows a sender to distribute a value among a set of
players such that it is guaranteed that all players receive the same
value (consistency), and if the sender is honest, then all players
receive the sender\u27s value (validity). Classical broadcast protocols for
players provide security with respect to a fixed threshold ,
where both consistency and validity are guaranteed as long as at most
players are corrupted, and no security at all is guaranteed as soon as
players are corrupted. Depending on the environment, validity or
consistency may be the more important property.
We generalize the notion of broadcast by introducing an additional
threshold . In a {\em broadcast protocol with extended
validity}, both consistency and validity are achieved when no more than
players are corrupted, and validity is achieved even when up to
players are corrupted. Similarly, we define {\em broadcast with extended
consistency}. We prove that broadcast with extended validity as well as
broadcast with extended consistency is achievable if and only if
(or ).
For example, six players can achieve broadcast when at most one player is
corrupted (this result was known to be optimal), but they can even
achieve consistency (or validity) when two players are corrupted.
Furthermore, our protocols achieve {\em detection} in case of failure,
i.e., if at most players are corrupted then broadcast is achieved,
and if at most players are corrupted then broadcast is achieved or
every player learns that the protocol failed. This protocol can be
employed in the precomputation of a secure multi-party computation
protocol, resulting in {\em detectable multi-party computation}, where up
to corruptions can be tolerated and up to corruptions can
either be tolerated or detected in the precomputation, for any
with
Byzantine Agreement Given Partial Broadcast
This paper considers unconditionally secure protocols for reliable broadcast among a set of n players, where up to t of the players can be corrupted by a (Byzantine) adversary but the remaining h = n - t players remain honest. In the standard model with a complete, synchronous network of bilateral authenticated communication channels among the players, broadcast is achievable if and only if 2n/h < 3. We show that, by extending this model by the existence of partial broadcast channels among subsets of b players, global broadcast can be achieved if and only if the number h of honest players satisfies 2n/h < b + 1. Achievability is demonstrated by protocols with communication and computation complexities polynomial in the size of the network, i.e., in the number of partial broadcast channels. A respective characterization for the related consensus problem is also give
All Byzantine Agreement Problems are Expensive
Byzantine agreement, arguably the most fundamental problem in distributed
computing, operates among n processes, out of which t < n can exhibit arbitrary
failures. The problem states that all correct (non-faulty) processes must
eventually decide (termination) the same value (agreement) from a set of
admissible values defined by the proposals of the processes (validity).
Depending on the exact version of the validity property, Byzantine agreement
comes in different forms, from Byzantine broadcast to strong and weak
consensus, to modern variants of the problem introduced in today's blockchain
systems. Regardless of the specific flavor of the agreement problem, its
communication cost is a fundamental metric whose improvement has been the focus
of decades of research. The Dolev-Reischuk bound, one of the most celebrated
results in distributed computing, proved 40 years ago that, at least for
Byzantine broadcast, no deterministic solution can do better than Omega(t^2)
exchanged messages in the worst case. Since then, it remained unknown whether
the quadratic lower bound extends to seemingly weaker variants of Byzantine
agreement. This paper answers the question in the affirmative, closing this
long-standing open problem. Namely, we prove that any non-trivial agreement
problem requires Omega(t^2) messages to be exchanged in the worst case. To
prove the general lower bound, we determine the weakest Byzantine agreement
problem and show, via a novel indistinguishability argument, that it incurs
Omega(t^2) exchanged messages
Rational Broadcast Protocols against Timid Adversaries
We present a constant-round deterministic broadcast protocol against timid adversaries in the synchronous authenticated setting. A timid adversary is a game-theoretically rational adversary who tries to attack the protocol but prefers the actions to be undetected. Our protocol is secure against such an adversary corrupting t out of n parties for any t < n. The round complexity is 5 for timid adversaries and is at most t + 5 for general malicious adversaries. Our results demonstrate that game-theoretic rationality enables us to circumvent the impossibility of constructing constant-round deterministic broadcast protocols for t = Ï(1)
Beating the fault-tolerance bound and security loopholes for Byzantine agreement with a quantum solution
Byzantine agreement, the underlying core of blockchain, aims to make every
node in a decentralized network reach consensus. Classical Byzantine agreements
unavoidably face two major problems. One is fault-tolerance bound, which
means that the system to tolerate malicious players requires at least
players. The other is the security loopholes from its classical
cryptography methods. Here, we propose a strict quantum Byzantine agreement
with unconditional security to break this bound with nearly fault
tolerance due to multiparty correlation provided by quantum digital signatures.
Our work strictly obeys the original Byzantine conditions and can be extended
to any number of players without requirements for multiparticle entanglement.
We experimentally demonstrate three-party and five-party quantum consensus for
a digital ledger. Our work indicates the quantum advantage in terms of
consensus problems and suggests an important avenue for quantum blockchain and
quantum consensus networks.Comment: 22 pages, 10 figures. All comments are welcome
- âŠ