1,469 research outputs found
Efficient Synchronous Byzantine Consensus
We present new protocols for Byzantine state machine replication and
Byzantine agreement in the synchronous and authenticated setting. The
celebrated PBFT state machine replication protocol tolerates Byzantine
faults in an asynchronous setting using replicas, and has since been
studied or deployed by numerous works. In this work, we improve the Byzantine
fault tolerance threshold to by utilizing a relaxed synchrony
assumption. We present a synchronous state machine replication protocol that
commits a decision every 3 rounds in the common case. The key challenge is to
ensure quorum intersection at one honest replica. Our solution is to rely on
the synchrony assumption to form a post-commit quorum of size , which
intersects at replicas with any pre-commit quorums of size . Our
protocol also solves synchronous authenticated Byzantine agreement in expected
8 rounds. The best previous solution (Katz and Koo, 2006) requires expected 24
rounds. Our protocols may be applied to build Byzantine fault tolerant systems
or improve cryptographic protocols such as cryptocurrencies when synchrony can
be assumed
On the Round Complexity of Randomized Byzantine Agreement
We prove lower bounds on the round complexity of randomized Byzantine agreement (BA) protocols, bounding the halting probability of such protocols after one and two rounds. In particular, we prove that:
1) BA protocols resilient against n/3 [resp., n/4] corruptions terminate (under attack) at the end of the first round with probability at most o(1) [resp., 1/2+ o(1)].
2) BA protocols resilient against n/4 corruptions terminate at the end of the second round with probability at most 1-Theta(1).
3) For a large class of protocols (including all BA protocols used in practice) and under a plausible combinatorial conjecture, BA protocols resilient against n/3 [resp., n/4] corruptions terminate at the end of the second round with probability at most o(1) [resp., 1/2 + o(1)].
The above bounds hold even when the parties use a trusted setup phase, e.g., a public-key infrastructure (PKI).
The third bound essentially matches the recent protocol of Micali (ITCS\u2717) that tolerates up to n/3 corruptions and terminates at the end of the third round with constant probability
Tight Bounds for Connectivity and Set Agreement in Byzantine Synchronous Systems
In this paper, we show that the protocol complex of a Byzantine synchronous
system can remain -connected for up to rounds,
where is the maximum number of Byzantine processes, and .
This topological property implies that rounds are
necessary to solve -set agreement in Byzantine synchronous systems, compared
to rounds in synchronous crash-failure systems. We
also show that our connectivity bound is tight as we indicate solutions to
Byzantine -set agreement in exactly synchronous
rounds, at least when is suitably large compared to . In conclusion, we
see how Byzantine failures can potentially require one extra round to solve
-set agreement, and, for suitably large compared to , at most that
In Search for an Optimal Authenticated Byzantine Agreement
In this paper, we challenge the conventional approach of state machine replication systems to design deterministic agreement protocols in the eventually synchronous communication model. We first prove that no such protocol can guarantee bounded communication cost before the global stabilization time and propose a different approach that hopes for the best (synchrony) but prepares for the worst (asynchrony). Accordingly, we design an optimistic byzantine agreement protocol that first tries an efficient deterministic algorithm that relies on synchrony for termination only, and then, only if an agreement was not reached due to asynchrony, the protocol uses a randomized asynchronous protocol for fallback that guarantees termination with probability 1.
We formally prove that our protocol achieves optimal communication complexity under all network conditions and failure scenarios. We first prove a lower bound of ?(ft+ t) for synchronous deterministic byzantine agreement protocols, where t is the failure threshold, and f is the actual number of failures. Then, we present a tight upper bound and use it for the synchronous part of the optimistic protocol. Finally, for the asynchronous fallback, we use a variant of the (optimal) VABA protocol, which we reconstruct to safely combine it with the synchronous part.
We believe that our adaptive to failures synchronous byzantine agreement protocol has an independent interest since it is the first protocol we are aware of which communication complexity optimally depends on the actual number of failures
Distributed Computability in Byzantine Asynchronous Systems
In this work, we extend the topology-based approach for characterizing
computability in asynchronous crash-failure distributed systems to asynchronous
Byzantine systems. We give the first theorem with necessary and sufficient
conditions to solve arbitrary tasks in asynchronous Byzantine systems where an
adversary chooses faulty processes. In our adversarial formulation, outputs of
non-faulty processes are constrained in terms of inputs of non-faulty processes
only. For colorless tasks, an important subclass of distributed problems, the
general result reduces to an elegant model that effectively captures the
relation between the number of processes, the number of failures, as well as
the topological structure of the task's simplicial complexes.Comment: Will appear at the Proceedings of the 46th Annual Symposium on the
Theory of Computing, STOC 201
All Byzantine Agreement Problems are Expensive
Byzantine agreement, arguably the most fundamental problem in distributed
computing, operates among n processes, out of which t < n can exhibit arbitrary
failures. The problem states that all correct (non-faulty) processes must
eventually decide (termination) the same value (agreement) from a set of
admissible values defined by the proposals of the processes (validity).
Depending on the exact version of the validity property, Byzantine agreement
comes in different forms, from Byzantine broadcast to strong and weak
consensus, to modern variants of the problem introduced in today's blockchain
systems. Regardless of the specific flavor of the agreement problem, its
communication cost is a fundamental metric whose improvement has been the focus
of decades of research. The Dolev-Reischuk bound, one of the most celebrated
results in distributed computing, proved 40 years ago that, at least for
Byzantine broadcast, no deterministic solution can do better than Omega(t^2)
exchanged messages in the worst case. Since then, it remained unknown whether
the quadratic lower bound extends to seemingly weaker variants of Byzantine
agreement. This paper answers the question in the affirmative, closing this
long-standing open problem. Namely, we prove that any non-trivial agreement
problem requires Omega(t^2) messages to be exchanged in the worst case. To
prove the general lower bound, we determine the weakest Byzantine agreement
problem and show, via a novel indistinguishability argument, that it incurs
Omega(t^2) exchanged messages
Byzantine Agreement Given Partial Broadcast
This paper considers unconditionally secure protocols for reliable broadcast among a set of n players, where up to t of the players can be corrupted by a (Byzantine) adversary but the remaining h = n - t players remain honest. In the standard model with a complete, synchronous network of bilateral authenticated communication channels among the players, broadcast is achievable if and only if 2n/h < 3. We show that, by extending this model by the existence of partial broadcast channels among subsets of b players, global broadcast can be achieved if and only if the number h of honest players satisfies 2n/h < b + 1. Achievability is demonstrated by protocols with communication and computation complexities polynomial in the size of the network, i.e., in the number of partial broadcast channels. A respective characterization for the related consensus problem is also give
- …