Scalable Byzantine Reliable Broadcast

Byzantine reliable broadcast is a powerful primitive that allows a set of processes to agree on a message from a designated sender, even if some processes (including the sender) are Byzantine. Existing broadcast protocols for this setting scale poorly, as they typically build on quorum systems with strong intersection guarantees, which results in linear per-process communication and computation complexity. We generalize the Byzantine reliable broadcast abstraction to the probabilistic setting, allowing each of its properties to be violated with a fixed, arbitrarily small probability. We leverage these relaxed guarantees in a protocol where we replace quorums with stochastic samples. Compared to quorums, samples are significantly smaller in size, leading to a more scalable design. We obtain the first Byzantine reliable broadcast protocol with logarithmic per-process communication and computation complexity. We conduct a complete and thorough analysis of our protocol, deriving bounds on the probability of each of its properties being compromised. During our analysis, we introduce a novel general technique that we call adversary decorators. Adversary decorators allow us to make claims about the optimal strategy of the Byzantine adversary without imposing any additional assumptions. We also introduce Threshold Contagion, a model of message propagation through a system with Byzantine processes. To the best of our knowledge, this is the first formal analysis of a probabilistic broadcast protocol in the Byzantine fault model. We show numerically that practically negligible failure probabilities can be achieved with realistic security parameters

An Algebraic Model For Quorum Systems

Quorum systems are a key mathematical abstraction in distributed fault-tolerant computing for capturing trust assumptions. A quorum system is a collection of subsets of all processes, called quorums, with the property that each pair of quorums have a non-empty intersection. They can be found at the core of many reliable distributed systems, such as cloud computing platforms, distributed storage systems and blockchains. In this paper we give a new interpretation of quorum systems, starting with classical majority-based quorum systems and extending this to Byzantine quorum systems. We propose an algebraic representation of the theory underlying quorum systems making use of multivariate polynomial ideals, incorporating properties of these systems, and studying their algebraic varieties. To achieve this goal we will exploit properties of Boolean Groebner bases. The nice nature of Boolean Groebner bases allows us to avoid part of the combinatorial computations required to check consistency and availability of quorum systems. Our results provide a novel approach to test quorum systems properties from both algebraic and algorithmic perspectives.Comment: 15 pages, 3 algorithm

Cost Reduction With Guarantees: Formal Reasoning Applied To Blockchain Technologies

Blockchain technologies are moving fast and their distributed nature as well as their high-stake (financial) applications make it crucial to “get things right”. Moreover, blockchain technologies often come with a high cost for maintaining blockchain infrastructure and for running applications. In this thesis formal reasoning is used for guaranteeing correctness while reducing the cost of (i) maintaining the infrastructure by optimising blockchain protocols, and (ii) running applications by optimising blockchain programs—so called smart contracts. Both have a clear cost measure: for protocols the amount of exchanged messages, and for smart contracts the monetary cost of execution. In the first result for blockchain protocols starting from a proof of correctness for an abstract blockchain consensus protocol using infinitely many messages and infinite state, a refinement proof transfers correctness to a concrete implementation of the protocol reducing the cost to finite resources. In the second result I move from a blockchain to a block graph. This block graph embeds the run of a deterministic byzantine fault tolerant protocol, thereby getting parallelism “for free” and reducing the exchanged messages to the point of omission. For blockchain programs, I optimise programs executed on the Ethereum blockchain. As a first result, I use superoptimisation and encode the search for cheaper, but observationally equivalent, program as a search problem for an automated theorem prover. Since solving this search problem is in itself expensive, my second result is an efficient encoding of the search problem. Finally for reusing found optimisations, my third results gives a framework to generate peephole optimisation rules for a smart contract compiler

Diversidade em sistemas de quóruns bizantinos

Trabalho de Conclusão de Curso (graduação)—Universidade de Brasília, Instituto de Ciências Exatas, Departamento de Ciência da Computação, 2018.Vulnerabilidades podem comprometer todo um sistema quando adequadamente exploradas por um atacante, fazendo com que haja um prejuízo financeiro e até social a depender da aplicação. Uma forma de mitigar riscos de indisponibilidade do sistema em caso de falhas ou ataques são os sistemas de quóruns. Esses sistemas geralmente compreendem um conjunto estático de servidores que fornecem um registro tolerante a falhas de leitura/escrita acessado por um conjunto de clientes. Porém como os nós dos sistemas de quóruns são réplicas uns dos outros, possíveis falhas e vulnerabilidades presentes em uma instância do sistema estarão presentes em todo sistema. Para evitar esse problema há a possibilidade da implementação de diversidade, trazendo para o sistema alta disponibilidade e tolerância a falhas devido ao uso de sistema de quóruns e diversidade conjuntamente. O presente projeto visa aumentar a segurança de replicação através de sistemas de quóruns Bizantinos, por meio do emprego de diversidade na implementação das réplicas que suportam o sistema.Vulnerabilities can compromise a system when correctly explored by an attacker. It can lead to a financial loss and even a social loss depending on the application. One way to defend your system against unavailability caused by crashes or atacks are quoruns systems. These system compreends a group of servers that have one fault tolerant register for write/read operations and can be accessed by a group of clients. Because systems are replicas of each other, possible failures and vulnerabilities that exists on an instance of the system should be present on the whole system. To avoid that problem, there is the possibility to implement diversity on the system, making it highly available and fault tolerant due to the use of quoruns system and diversity together. This project aims to increase the security of replication through Bizantine Quoruns Systems using diversity when implementing the replicas of the system

Formalização da reconfiguração de protocolos de consenso usando Alloy

Dissertação de mestrado integrado em Informatics EngineeringO protocolo de máquinas de estado replicadas (MER) é uma peça fundamental dos sistemas distribuídos. No centro deste protocolo estão os algoritmos de consenso, como o Paxos, usados para manter a consistência das MER. Todavia, os sistemas modernos não podem depender estritamente das técnicas de MER, estes devem também implementar estratégias de reconfiguração. Estas estratégias consistem em alterar a configuração do sistema, adicionando, removendo ou substituindo os processos que o compõem. Dada a sua complexidade, a implementação de protocolos de reconfiguração é muito suscetível a erros, daí que seja aconselhável a especificação, validação e verificação dos mesmos. No presente trabalho apresentamos uma especificação em linguagem Alloy do protocolo de reconfiguração Vertical Paxos e do protocolo de consenso Paxos. Além destes, modelamos o protocolo Multi-Paxos, o qual implementa uma MER. Estes protocolos estão intrinsecamente relacionados e a compreensão do primeiro é facilitada com o conhecimento dos demais. Atualmente, o Alloy é uma das linguagens de especificação mais populares, mas pouco explorada na modelação de algoritmos distribuídos e, tanto quanto sabemos, não existe ainda nenhuma especificação dos referidos protocolos em Alloy. O presente trabalho visa modelar e validar os referidos protocolos, bem como verificar as suas propriedades de safety, de modo a obtermos confiança nas especificações. Ademais, realizamos uma avaliação de desempenho de diferentes solvers e estratégias de decomposição nativas do Alloy, bem como uma breve análise comparativa com o TLA+.State machine replication (SMR) protocols have a crucial role in distributed systems. At the heart of these protocols are the consensus algorithm, such as Paxos, responsible for SMR’s consistency. However, modern systems cannot only rely on SMR thecniques, they must implement reconfiguration strategies, which consist in changing their configurations by adding, removing or replacing their processes. Due to its complexity, implementing a reconfiguration algorithm is error-prone, therefore its specification, validation and verification is advisable. In this work, we present a specification, in Alloy, of the reconfiguration protocol Vertical Paxos and the consensus protocol Paxos. Besides, we model the Multi-Paxos protocol which implements a SMR. These three protocols are intrinsically related and, once we are familiar with Paxos and Multi-Paxos, understanding Vertical Paxos becomes straigthfoward. Nowadays, Alloy is one of the most popular specification languages, but littleexplored in modeling and analyzing distributed algorithms. As far as we know, there is still no specification of these protocols in Alloy. The aim of this work is to model and validate these protocols, as well as to verify their safety properties, in order to obtain confidence in our specifications. Furthermore, we evaluate the performance of different solvers and decomposition strategies. Finally, we carry out a brief comparative analysis with TLA+