218 research outputs found
06371 Abstracts Collection -- From Security to Dependability
From 10.09.06 to 15.09.06, the Dagstuhl Seminar 06371 ``From Security to Dependability\u27\u27 was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl.
During the seminar, several participants presented their current
research, and ongoing work and open problems were discussed. Abstracts of
the presentations given during the seminar as well as abstracts of
seminar results and ideas are put together in this paper. The first section
describes the seminar topics and goals in general.
Links to extended abstracts or full papers are provided, if available
Communication and Agreement Abstractions in the Presence of Byzantine Processes
Byzantine process is a process that --intentionally or not-- behaves arbitrarily (Byzantine failures include crash and omission failures). Considering message-passing systems, this paper presents communication and agreement abstractions that allow non-faulty processes to correctly cooperate, despite the uncertainty created by the net effect of asynchrony and Byzantine failures. The world is distributed. Consequently more and more applications are distributed, and the ''no Byzantine failure'' assumption is no longer reasonable. Hence, due to both the development of clouds and security requirements, such abstractions are becoming more and more important. The aim of this paper is to be a simple and homogeneous introduction to (a) communication and agreement abstractions, and (b) algorithms that implement these abstractions, in the context of asynchronous distributed message-passing systems where an a priori unknown subset of processes may exhibit Byzantine failures. To that end the paper presents existing abstractions and algorithms, and new ones. In this sense the paper has a mixed ''pedagogical/survey/research'' flavor.Cet article présente des abstractions de communication et d'accord en présence de processus byzantins
Self-stabilizing Byzantine Multivalued Consensus
Consensus, abstracting a myriad of problems in which processes have to agree
on a single value, is one of the most celebrated problems of fault-tolerant
distributed computing. Consensus applications include fundamental services for
the environments of the Cloud and Blockchain, and in such challenging
environments, malicious behaviors are often modeled as adversarial Byzantine
faults.
At OPODIS 2010, Mostefaoui and Raynal (in short MR) presented a
Byzantine-tolerant solution to consensus in which the decided value cannot be a
value proposed only by Byzantine processes. MR has optimal resilience coping
with up to t < n/3 Byzantine nodes over n processes. MR provides this
multivalued consensus object (which accepts proposals taken from a finite set
of values) assuming the availability of a single Binary consensus object (which
accepts proposals taken from the set {0,1}).
This work, which focuses on multivalued consensus, aims at the design of an
even more robust solution than MR. Our proposal expands MR's fault-model with
self-stabilization, a vigorous notion of fault-tolerance. In addition to
tolerating Byzantine, self-stabilizing systems can automatically recover after
the occurrence of arbitrary transient-faults. These faults represent any
violation of the assumptions according to which the system was designed to
operate (provided that the algorithm code remains intact).
To the best of our knowledge, we propose the first self-stabilizing solution
for intrusion-tolerant multivalued consensus for asynchronous message-passing
systems prone to Byzantine failures. Our solution has a O(t) stabilization time
from arbitrary transient faults.Comment: arXiv admin note: text overlap with arXiv:2110.0859
Asynchronous Byzantine Systems: From Multivalued to Binary Consensus with t < n/3, O(nÂČ) Messages, O(1) Time, and no Signature
International audienceThis paper presents a new algorithm that reduces multivalued consensus to binary consensus in an asyn-chronous message-passing system made up of n processes where up to t may commit Byzantine failures. This algorithm has the following noteworthy properties: it assumes t < n/3 (and is consequently optimal from a resilience point of view), uses O(nÂČ) messages, has a constant time complexity, and does not use signatures. The design of this reduction algorithm relies on two new all-to-all communication abstractions. The first one allows the non-faulty processes to reduce the number of proposed values to c, where c is a small constant. The second communication abstraction allows each non-faulty process to compute a set of (proposed) values such that, if the set of a non-faulty process contains a single value, then this value belongs to the set of any non-faulty process. Both communication abstractions have an O(nÂČ) message complexity and a constant time complexity. The reduction of multivalued Byzantine consensus to binary Byzantine consensus is then a simple sequential use of these communication abstractions. To the best of our knowledge, this is the first asynchronous message-passing algorithm that reduces multivalued consensus to binary consensus with O(nÂČ) messages and constant time complexity (measured with the longest causal chain of messages) in the presence of up to t < n/3 Byzantine processes, and without using cryptography techniques. Moreover, this reduction algorithm tolerates message reordering by Byzantine processes
Asynchronous Byzantine Systems: From Multivalued to Binary Consensus with t < n/3, O(n 2 ) Messages, O(1) Time, and no Signature
This paper presents a new algorithm that reduces multivalued consensus to binary consensus in an asynchronous message-passing system made up of n processes where up to t may commit Byzantine failures. This algorithm has the following noteworthy properties: it assumes t < n/3 (and is consequently optimal from a resilience point of view), uses O(n 2) messages, has a constant time complexity, and does not use signatures. The design of this reduction algorithm relies on two new all-to-all communication abstractions. The first one allows the non-faulty processes to reduce the number of proposed values to c, where c is a small constant. The second communication abstraction allows each non-faulty process to compute a set of (proposed) values such that, if the set of a non-faulty process contains a single value, then this value belongs to the set of any non-faulty process. Both communication abstractions have an O(n 2) message complexity and a constant time complexity. The reduction of multivalued Byzantine consensus to binary Byzantine consensus is then a simple sequential use of these communication abstractions. To the best of our knowledge, this is the first asynchronous message-passing algorithm that reduces multivalued consensus to binary consensus with O(n 2) messages and constant time complexity (measured with the longest causal chain of messages) in the presence of up to t < n/3 Byzantine processes, and without using cryptography techniques. Moreover, this reduction algorithm tolerates message re-ordering by Byzantine processes. Une rĂ©duction du consensus multivaluĂ© au consensus binaire en prĂ©sence d'asynchronisme, de t < n/3 processus byzantins, avec un temps constant, O(n 2) messages, et pas de signatures RĂ©sumĂ© : Cet article prĂ©sente un algorithme rĂ©parti qui, dans un systĂšme asynchrone de n processus qui communiquent par passage de messages, et qui comprend jusqu'Ă t processus byzantins, ramĂšne le problĂšme du consensus multivaluĂ© au problĂšme du consensus binaire. Cette rĂ©duction est optimale par rapport Ă t (t < n/3), requiert un temps constant et O(n 2) messages, et n'utilise aucun Ă©lĂ©ment cryptographique (i.e., pas de signatures). Elle considĂšre donc un adversaire donc la la puissance de calcul peut ĂȘtre illimitĂ©e
Signature-Free Asynchronous Binary Byzantine Consensus with tn/3, O(nÂČ) Messages, and O(1) Expected Time
International audienceThis paper is on broadcast and agreement in asynchronous message-passing systems made up of n processes, and where up to t processes may have a Byzantine Behavior. Its first contribution is a powerful , yet simple, all-to-all broadcast communication abstraction suited to binary values. This abstraction, which copes with up to t < n/3 Byzantine processes, allows each process to broadcast a binary value, and obtain a set of values such that (1) no value broadcast only by Byzantine processes can belong to the set of a correct process, and (2) if the set obtained by a correct process contains a single value v, then the set obtained by any correct process contains v. The second contribution of the paper is a new round-based asynchronous consensus algorithm that copes with up to t < n/3 Byzantine processes. This algorithm is based on the previous binary broadcast abstraction and a weak common coin. In addition of being signature-free and optimal with respect to the value of t, this consensus algorithm has several noteworthy properties: the expected number of rounds to decide is constant; each round is composed of a constant number of communication steps and involves O(nÂČ) messages; each message is composed of a round number plus a constant number of bits. Moreover , the algorithm tolerates message reordering by the adversary (i.e., the Byzantine processes)
Intrusion Resilience Systems for Modern Vehicles
Current vehicular Intrusion Detection and Prevention Systems either incur
high false-positive rates or do not capture zero-day vulnerabilities, leading
to safety-critical risks. In addition, prevention is limited to few primitive
options like dropping network packets or extreme options, e.g., ECU Bus-off
state. To fill this gap, we introduce the concept of vehicular Intrusion
Resilience Systems (IRS) that ensures the resilience of critical applications
despite assumed faults or zero-day attacks, as long as threat assumptions are
met. IRS enables running a vehicular application in a replicated way, i.e., as
a Replicated State Machine, over several ECUs, and then requiring the
replicated processes to reach a form of Byzantine agreement before changing
their local state. Our study rides the mutation of modern vehicular
environments, which are closing the gap between simple and resource-constrained
"real-time and embedded systems", and complex and powerful "information
technology" ones. It shows that current vehicle (e.g., Zonal) architectures and
networks are becoming plausible for such modular fault and intrusion tolerance
solutions,deemed too heavy in the past. Our evaluation on a simulated
Automotive Ethernet network running two state-of-the-art agreement protocols
(Damysus and Hotstuff) shows that the achieved latency and throughout are
feasible for many Automotive applications
Reliable Broadcast despite Mobile Byzantine Faults
We investigate the solvability of the Byzantine Reliable Broadcast and
Byzantine Broadcast Channel problems in distributed systems affected by Mobile
Byzantine Faults. We show that both problems are not solvable even in one of
the most constrained system models for mobile Byzantine faults defined so far.
By endowing processes with an additional local failure oracle, we provide a
solution to the Byzantine Broadcast Channel problem
Oracular Byzantine Reliable Broadcast
Byzantine Reliable Broadcast (BRB) is a fundamental distributed computing primitive, with applications ranging from notifications to asynchronous payment systems. Motivated by practical consideration, we study Client-Server Byzantine Reliable Broadcast (CSB), a multi-shot variant of BRB whose interface is split between broadcasting clients and delivering servers. We present Draft, an optimally resilient implementation of CSB. Like most implementations of BRB, Draft guarantees both liveness and safety in an asynchronous environment. Under good conditions, however, Draft achieves unparalleled efficiency. In a moment of synchrony, free from Byzantine misbehaviour, and at the limit of infinitely many broadcasting clients, a Draft server delivers a b-bits payload at an asymptotic amortized cost of 0 signature verifications, and (log?(c) + b) bits exchanged, where c is the number of clients in the system. This is the information-theoretical minimum number of bits required to convey the payload (b bits, assuming it is compressed), along with an identifier for its sender (log?(c) bits, necessary to enumerate any set of c elements, and optimal if broadcasting frequencies are uniform or unknown). These two achievements have profound practical implications. Real-world BRB implementations are often bottlenecked either by expensive signature verifications, or by communication overhead. For Draft, instead, the network is the limit: a server can deliver payloads as quickly as it would receive them from an infallible oracle
- âŠ