Selfishness and Malice in Distributed Systems

Large-scale distributed systems are increasingly prevalent. Two issues can impact the performance of such systems: selfishness and malice. Selfish players can reduce social welfare of games, and malicious nodes can disrupt networks. In this dissertation, we provide algorithms to address both of these issues. One approach to ameliorating selfishness in large networks is the idea of a mediator. A mediator implements a correlated equilibrium when it proposes a strategy to each player privately such that the mediators proposal is the best interest for every player to follow. In this dissertation, we present a mediator that implements the best correlated equilibrium for an extended El Farol game. The extended El Farol game we consider has both positive and negative network effects. We study the degree to which this type of mediator can decrease the social cost. In particular, we give an exact characterization of Mediation Value (MV) and Enforcement Value (EV) for this game. MV measures the efficiency of our mediator compared to the best Nash equilibrium, and EV measures the efficiency of our mediator compared to the optimal social cost. This sort of exact characterization is uncommon for games with both kinds of network effects. An interesting outcome of our results is that both the MV and EV values can be unbounded for our game. Recent years have seen significant interest in designing networks that are self-healing in the sense that they can automatically recover from adversarial attacks. Previous work shows that it is possible for a network to automatically recover, even when an adversary repeatedly deletes nodes in the network. However, there have not yet been any algorithms that self-heal in the case where an adversary takes over nodes in the network. In this dissertation, we address this gap. In particular, we describe a communication network over n nodes that ensures the following properties, even when an adversary controls up to t ≤ (1/4 − ε)n nodes, for any constant ε \u3e 0. First, the network provides point-to-point communication with message cost and latency that are asymptotically optimal in an amortized sense. Second, the expected total number of message corruptions is O(t(log* n)^2), after which the adversarially controlled nodes are effectively quarantined so that they cause no more corruptions. In the problem of reliable multiparty computation (RMC), there are n parties, each with an individual input, and the parties want to jointly and reliably compute a function f over n inputs, assuming that it is not necessary to maintain the privacy of the inputs. The problem is complicated by the fact that an omniscient adversary controls a hidden fraction of the parties. We describe a self-healing algorithm for this problem. In particular, for a fixed function f, with n parties and m gates, we describe how to perform RMC repeatedly as the inputs to f change. Our algorithm maintains the following properties, even when an adversary controls up to t ≤ (1/4 − ε)n parties, for any constant ε \u3e 0. First, our algorithm performs each reliable computation with the following amortized resource costs: O(m + n log n) messages, O(m + n log n) computational operations, and O(\ell) latency, where \ell is the depth of the circuit that computes f. Second, the expected total number of corruptions is O(t(log* n)^2). Our empirical results show that the message cost reduces by up to a factor of 60 for communication and a factor of 65 for computation, compared to algorithms of no self-healing

08371 Abstracts Collection -- Fault-Tolerant Distributed Algorithms on VLSI Chips

From September the $7^{text{th}}$, 2008 to September the $10^{text{th}}$, 2008 the Dagstuhl Seminar 08371 ``Fault-Tolerant Distributed Algorithms on VLSI Chips \u27\u27 was held in Schloss Dagstuhl~--~Leibniz Center for Informatics. The seminar was devoted to exploring whether the wealth of existing fault-tolerant distributed algorithms research can be utilized for meeting the challenges of future-generation VLSI chips. During the seminar, several participants from both the VLSI and distributed algorithms\u27 discipline, presented their current research, and ongoing work and possibilities for collaboration were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available

Self-Healing Computation

In the problem of reliable multiparty computation (RC), there are $n$ parties, each with an individual input, and the parties want to jointly compute a function $f$ over $n$ inputs. The problem is complicated by the fact that an omniscient adversary controls a hidden fraction of the parties. We describe a self-healing algorithm for this problem. In particular, for a fixed function $f$, with $n$ parties and $m$ gates, we describe how to perform RC repeatedly as the inputs to $f$ change. Our algorithm maintains the following properties, even when an adversary controls up to $t \leq (\frac{1}{4} - \epsilon) n$ parties, for any constant $\epsilon >0$. First, our algorithm performs each reliable computation with the following amortized resource costs: $O(m + n \log n)$ messages, $O(m + n \log n)$ computational operations, and $O(\ell)$ latency, where $\ell$ is the depth of the circuit that computes $f$. Second, the expected total number of corruptions is $O(t (\log^{*} m)^2)$, after which the adversarially controlled parties are effectively quarantined so that they cause no more corruptions.Comment: 17 pages and 1 figure. It is submitted to SSS'1

Robust Routing Made Easy

Designing routing schemes is a multidimensional and complex task that depends on the objective function, the computational model (centralized vs. distributed), and the amount of uncertainty (online vs. offline). Nevertheless, there are quite a few well-studied general techniques, for a large variety of network problems. In contrast, in our view, practical techniques for designing robust routing schemes are scarce; while fault-tolerance has been studied from a number of angles, existing approaches are concerned with dealing with faults after the fact by rerouting, self-healing, or similar techniques. We argue that this comes at a high burden for the designer, as in such a system any algorithm must account for the effects of faults on communication. With the goal of initiating efforts towards addressing this issue, we showcase simple and generic transformations that can be used as a blackbox to increase resilience against (independently distributed) faults. Given a network and a routing scheme, we determine a reinforced network and corresponding routing scheme that faithfully preserves the specification and behavior of the original scheme. We show that reasonably small constant overheads in terms of size of the new network compared to the old are sufficient for substantially relaxing the reliability requirements on individual components. The main message in this paper is that the task of designing a robust routing scheme can be decoupled into (i) designing a routing scheme that meets the specification in a fault-free environment, (ii) ensuring that nodes correspond to fault-containment regions, i.e., fail (approximately) independently, and (iii) applying our transformation to obtain a reinforced network and a robust routing scheme that is fault-tolerant

Tiny Groups Tackle Byzantine Adversaries

A popular technique for tolerating malicious faults in open distributed systems is to establish small groups of participants, each of which has a non-faulty majority. These groups are used as building blocks to design attack-resistant algorithms. Despite over a decade of active research, current constructions require group sizes of $O(\log n)$, where $n$ is the number of participants in the system. This group size is important since communication and state costs scale polynomially with this parameter. Given the stubbornness of this logarithmic barrier, a natural question is whether better bounds are possible. Here, we consider an attacker that controls a constant fraction of the total computational resources in the system. By leveraging proof-of-work (PoW), we demonstrate how to reduce the group size exponentially to $O(\log\log n)$ while maintaining strong security guarantees. This reduction in group size yields a significant improvement in communication and state costs.Comment: This work is supported by the National Science Foundation grant CCF 1613772 and a C Spire Research Gif