1,152 research outputs found
Improved Extension Protocols for Byzantine Broadcast and Agreement
Byzantine broadcast (BB) and Byzantine agreement (BA) are two most fundamental problems and essential building blocks in distributed computing, and improving their efficiency is of interest to both theoreticians and practitioners. In this paper, we study extension protocols of BB and BA, i.e., protocols that solve BB/BA with long inputs of l bits using lower costs than l single-bit instances. We present new protocols with improved communication complexity in almost all settings: authenticated BA/BB with t < n/2, authenticated BB with t < (1-?)n, unauthenticated BA/BB with t < n/3, and asynchronous reliable broadcast and BA with t < n/3. The new protocols are advantageous and significant in several aspects. First, they achieve the best-possible communication complexity of ?(nl) for wider ranges of input sizes compared to prior results. Second, the authenticated extension protocols achieve optimal communication complexity given the current best available BB/BA protocols for short messages. Third, to the best of our knowledge, our asynchronous and authenticated protocols in the setting are the first extension protocols in that setting
Blockchain Consensus Protocols in the Wild
A blockchain is a distributed ledger for recording transactions, maintained
by many nodes without central authority through a distributed cryptographic
protocol. All nodes validate the information to be appended to the blockchain,
and a consensus protocol ensures that the nodes agree on a unique order in
which entries are appended. Consensus protocols for tolerating Byzantine faults
have received renewed attention because they also address blockchain systems.
This work discusses the process of assessing and gaining confidence in the
resilience of a consensus protocols exposed to faults and adversarial nodes. We
advocate to follow the established practice in cryptography and computer
security, relying on public reviews, detailed models, and formal proofs; the
designers of several practical systems appear to be unaware of this. Moreover,
we review the consensus protocols in some prominent permissioned blockchain
platforms with respect to their fault models and resilience against attacks.
The protocol comparison covers Hyperledger Fabric, Tendermint, Symbiont,
R3~Corda, Iroha, Kadena, Chain, Quorum, MultiChain, Sawtooth Lake, Ripple,
Stellar, and IOTA
Multi-hop Byzantine reliable broadcast with honest dealer made practical
We revisit Byzantine tolerant reliable broadcast with honest dealer algorithms in multi-hop networks. To tolerate Byzantine faulty nodes arbitrarily spread over the network, previous solutions require a factorial number of messages to be sent over the network if the messages are not authenticated (e.g., digital signatures are not available). We propose modifications that preserve the safety and liveness properties of the original unauthenticated protocols, while highly decreasing their observed message complexity when simulated on several classes of graph topologies, potentially opening to their employment
Verification of Threshold-Based Distributed Algorithms by Decomposition to Decidable Logics
Verification of fault-tolerant distributed protocols is an immensely
difficult task. Often, in these protocols, thresholds on set cardinalities are
used both in the process code and in its correctness proof, e.g., a process can
perform an action only if it has received an acknowledgment from at least half
of its peers. Verification of threshold-based protocols is extremely
challenging as it involves two kinds of reasoning: first-order reasoning about
the unbounded state of the protocol, together with reasoning about sets and
cardinalities. In this work, we develop a new methodology for decomposing the
verification task of such protocols into two decidable logics: EPR and BAPA.
Our key insight is that such protocols use thresholds in a restricted way as a
means to obtain certain properties of "intersection" between sets. We define a
language for expressing such properties, and present two translations: to EPR
and BAPA. The EPR translation allows verifying the protocol while assuming
these properties, and the BAPA translation allows verifying the correctness of
the properties. We further develop an algorithm for automatically generating
the properties needed for verifying a given protocol, facilitating fully
automated deductive verification. Using this technique we have verified several
challenging protocols, including Byzantine one-step consensus, hybrid reliable
broadcast and fast Byzantine Paxos.Comment: 23 pages, extended version of the paper with the same title presented
in CAV 201
Byzantine Preferential Voting
In the Byzantine agreement problem, n nodes with possibly different input
values aim to reach agreement on a common value in the presence of t < n/3
Byzantine nodes which represent arbitrary failures in the system. This paper
introduces a generalization of Byzantine agreement, where the input values of
the nodes are preference rankings of three or more candidates. We show that
consensus on preferences, which is an important question in social choice
theory, complements already known results from Byzantine agreement. In addition
preferential voting raises new questions about how to approximate consensus
vectors. We propose a deterministic algorithm to solve Byzantine agreement on
rankings under a generalized validity condition, which we call Pareto-Validity.
These results are then extended by considering a special voting rule which
chooses the Kemeny median as the consensus vector. For this rule, we derive a
lower bound on the approximation ratio of the Kemeny median that can be
guaranteed by any deterministic algorithm. We then provide an algorithm
matching this lower bound. To our knowledge, this is the first non-trivial
multi-dimensional approach which can tolerate a constant fraction of Byzantine
nodes
Verifying the Consistency of Remote Untrusted Services with Conflict-Free Operations
A group of mutually trusting clients outsources a computation service to a
remote server, which they do not fully trust and that may be subject to
attacks. The clients do not communicate with each other and would like to
verify the correctness of the remote computation and the consistency of the
server's responses. This paper presents the Conflict-free Operation
verification Protocol (COP) that ensures linearizability when the server is
correct and preserves fork-linearizability in any other case. All clients that
observe each other's operations are consistent, in the sense that their own
operations and those operations of other clients that they see are
linearizable. If the server forks two clients by hiding an operation, these
clients never again see operations of each other. COP supports wait-free client
operations in the sense that when executed with a correct server,
non-conflicting operations can run without waiting for other clients, allowing
more parallelism than earlier protocols. A conflict arises when an operation
causes a subsequent operation to produce a different output value for the
client who runs it. The paper gives a precise model for the guarantees of COP
and includes a formal analysis that these are achieved.Comment: A predecessor of this paper with a slightly different title appears
in the proceedings of OPODIS 2014, Lecture Notes in Computer Science,
vol.~8878, Springer, 201
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
Optimal Error-Free Multi-Valued Byzantine Agreement
Byzantine agreement (BA) is a distributed consensus problem where n processors want to reach agreement on an ?-bit message or value, but up to t of the processors are dishonest or faulty. The challenge of this BA problem lies in achieving agreement despite the presence of dishonest processors who may arbitrarily deviate from the designed protocol. In this work by using coding theory, together with graph theory and linear algebra, we design a coded BA protocol (termed as COOL) that achieves consensus on an ?-bit message with optimal resilience, asymptotically optimal round complexity, and asymptotically optimal communication complexity when ? ? t log t, simultaneously. The proposed COOL is a deterministic BA protocol that is guaranteed to be correct in all executions (error free) and does not rely on cryptographic technique such as signatures, hashing, authentication and secret sharing (signature free). It is secure against computationally unbounded adversary who takes full control over the dishonest processors (information-theoretic secure). The main idea of the proposed COOL is to use a carefully-crafted error correction code that provides an efficient way of exchanging "compressed" information among distributed nodes, while keeping the ability of detecting errors, masking errors, and making a consistent and validated agreement at honest distributed nodes. We show that our results can also be extended to the setting of Byzantine broadcast, aka Byzantine generals problem, where the honest processors want to agree on the message sent by a leader who is potentially dishonest. The results reveal that coding is an effective approach for achieving the fundamental limits of Byzantine agreement and its variants. Our protocol analysis borrows tools from coding theory, graph theory and linear algebra
A Formally Verified Protocol for Log Replication with Byzantine Fault Tolerance
Byzantine fault tolerant protocols enable state replication in the presence
of crashed, malfunctioning, or actively malicious processes. Designing such
protocols without the assistance of verification tools, however, is remarkably
error-prone. In an adversarial environment, performance and flexibility come at
the cost of complexity, making the verification of existing protocols extremely
difficult. We take a different approach and propose a formally verified
consensus protocol designed for a specific use case: secure logging. Our
protocol allows each node to propose entries in a parallel subroutine, and
guarantees that correct nodes agree on the set of all proposed entries, without
leader election. It is simple yet practical, as it can accommodate the workload
of a logging system such as Certificate Transparency. We show that it is
optimal in terms of both required rounds and tolerable faults. Using
Isabelle/HOL, we provide a fully machine-checked security proof based upon the
Heard-Of model, which we extend to support signatures. We also present and
evaluate a prototype implementation.Comment: International Symposium on Reliable Distributed Systems (SRDS) 202
- …