17 research outputs found
Scalable Byzantine Reliable Broadcast
Byzantine reliable broadcast is a powerful primitive that allows a set of processes to agree on a message from a designated sender, even if some processes (including the sender) are Byzantine. Existing broadcast protocols for this setting scale poorly, as they typically build on quorum systems with strong intersection guarantees, which results in linear per-process communication and computation complexity.
We generalize the Byzantine reliable broadcast abstraction to the probabilistic setting, allowing each of its properties to be violated with a fixed, arbitrarily small probability. We leverage these relaxed guarantees in a protocol where we replace quorums with stochastic samples. Compared to quorums, samples are significantly smaller in size, leading to a more scalable design. We obtain the first Byzantine reliable broadcast protocol with logarithmic per-process communication and computation complexity.
We conduct a complete and thorough analysis of our protocol, deriving bounds on the probability of each of its properties being compromised. During our analysis, we introduce a novel general technique that we call adversary decorators. Adversary decorators allow us to make claims about the optimal strategy of the Byzantine adversary without imposing any additional assumptions. We also introduce Threshold Contagion, a model of message propagation through a system with Byzantine processes. To the best of our knowledge, this is the first formal analysis of a probabilistic broadcast protocol in the Byzantine fault model. We show numerically that practically negligible failure probabilities can be achieved with realistic security parameters
Practical Byzantine Reliable Broadcast on Partially Connected Networks
In this paper, we consider the Byzantine reliable broadcast problem on authenticated and partially connected networks. The state-of-the-art method to solve this problem consists in combining two algorithms from the literature. Handling asynchrony and faulty senders is typically done thanks to Gabriel Brachaâs authenticated double-echo broadcast protocol, which assumes an asynchronous fully connected network. Danny Dolevâs algorithm can then be used to provide reliable communications between processes in the global fault model, where up to f processes among N can be faulty in a communication network that is at least 2f+1-connected. Following recent works that showed how Dolevâs protocol can be made more practical thanks to several optimizations, we show that the state-of-the-art methods to solve our problem can be optimized thanks to layer-specific and cross-layer optimizations. Our simulations with the Omnet ++ network simulator show that these optimizations can be efficiently combined to decrease the total amount of information transmitted or the protocolâs latency (e.g., respectively, -25% and -50% with a 16B payload, N=31 and f=4) compared to the state-of-the-art combination of Brachaâs and Dolevâs protocols
Foiling Sybils with HAPS in Permissionless Systems: An Address-based Peer Sampling Service
International audienceBlockchains and distributed ledgers have brought renewed interest in Byzantine fault-tolerant protocols and decentralized systems, two domains studied for several decades. Recent promising works have in particular proposed to use epidemic protocols to overcome the limitations of popular Blockchain mechanisms , such as proof-of-stake or proof-of-work. These works unfortunately assume a perfect peer-sampling service, immune to malicious attacks, a property that is difficult and costly to achieve. We revisit this fundamental problem in this paper, and propose a novel Byzantine-tolerant peer-sampling service that is resilient to Sybil attacks in open systems by exploiting the underlying structure of wide-area networks
Security Analysis of Filecoin's Expected Consensus in the Byzantine vs Honest Model
Filecoin is the largest storage-based open-source blockchain, both by storage
capacity (>11EiB) and market capitalization. This paper provides the first
formal security analysis of Filecoin's consensus (ordering) protocol, Expected
Consensus (EC). Specifically, we show that EC is secure against an arbitrary
adversary that controls a fraction of the total storage for , where is a parameter that corresponds to the expected
number of blocks per round, currently in Filecoin. We then present an
attack, the -split attack, where an adversary splits the honest miners
between multiple chains, and show that it is successful for , thus proving that is the tight
security threshold of EC. This corresponds roughly to an adversary with
of the total storage pledged to the chain. Finally, we propose two improvements
to EC security that would increase this threshold. One of these two fixes is
being implemented as a Filecoin Improvement Proposal (FIP).Comment: AFT 202
Communication-Efficient BFT Using Small Trusted Hardware to Tolerate Minority Corruption
Agreement protocols for partially synchronous networks tolerate fewer than one-third Byzantine faults. If parties are equipped with trusted hardware that prevents equivocation, then fault tolerance can be improved to fewer than one-half Byzantine faults, but typically at the cost of increased communication complexity. In this work, we present results that use small trusted hardware without worsening communication complexity assuming the adversary controls a fraction of the network that is less than one-half. In particular, we show a version of HotStuff that retains linear communication complexity in each view, leveraging trusted hardware to tolerate a minority of corruptions. Our result uses expander graph techniques to achieve efficient communication in a manner that may be of independent interest
Context Adaptive Cooperation
Reliable broadcast and consensus are the two pillars that support a lot of
non-trivial fault-tolerant distributed middleware and fault-tolerant
distributed systems. While they have close definitions, they strongly differ in
the underlying assumptions needed to implement each of them. Reliable broadcast
can be implemented in asynchronous systems in the presence of crash or
Byzantine failures while Consensus cannot. This key difference stems from the
fact that consensus involves synchronization between multiple processes that
concurrently propose values, while reliable broadcast simply involves
delivering a message from a predefined sender. This paper strikes a balance
between these two agreement abstractions in the presence of Byzantine failures.
It proposes CAC, a novel agreement abstraction that enables multiple processes
to broadcast messages simultaneously, while guaranteeing that (despite
potential conflicts, asynchrony, and Byzantine behaviors) the non-faulty
processes will agree on messages deliveries. We show that this novel
abstraction can enable more efficient algorithms for a variety of applications
(such as money transfer where several people can share a same account). This is
obtained by focusing the need for synchronization only on the processes that
actually need to synchronize
Reliable Broadcast despite Mobile Byzantine Faults
We investigate the solvability of the Byzantine Reliable Broadcast and
Byzantine Broadcast Channel problems in distributed systems affected by Mobile
Byzantine Faults. We show that both problems are not solvable even in one of
the most constrained system models for mobile Byzantine faults defined so far.
By endowing processes with an additional local failure oracle, we provide a
solution to the Byzantine Broadcast Channel problem
Balanced byzantine reliable broadcast with near-optimal communication and improved computation
CNS-1718135 - National Science Foundation; CNS-1801564 - National Science Foundation; CNS-1931714 - National Science Foundation; CNS-1915763 - National Science Foundation; HR00112020021 - Department of Defense/DARPA; 000000000000000000000000000000000000000000000000000000037211 - SRI Internationalhttps://eprint.iacr.org/2022/776.pdfFirst author draf