12 research outputs found
From Partial to Global Asynchronous Reliable Broadcast
Broadcast is a fundamental primitive in distributed computing. It allows a sender to consistently distribute a message among n recipients. The seminal result of Pease et al. [JACM\u2780] shows that in a complete network of synchronous bilateral channels, broadcast is achievable if and only if the number of corruptions is bounded by t < n/3. To overcome this bound, a fascinating line of works, Fitzi and Maurer [STOC\u2700], Considine et al. [JC\u2705], and Raykov [ICALP\u2715], proposed strengthening the communication network by assuming partial synchronous broadcast channels, which guarantee consistency among a subset of recipients.
We extend this line of research to the asynchronous setting. We consider reliable broadcast protocols assuming a communication network which provides each subset of b parties with reliable broadcast channels. A natural question is to investigate the trade-off between the size b and the corruption threshold t. We answer this question by showing feasibility and impossibility results:
- A reliable broadcast protocol ?_{RBC} that:
- For 3 ? b ? 4, is secure up to t < n/2 corruptions.
- For b > 4 even, is secure up to t < ((b-4)/(b-2) n + 8/(b-2)) corruptions.
- For b > 4 odd, is secure up to t < ((b-3)/(b-1) n + 6/(b-1)) corruptions.
- A nonstop reliable broadcast ?_{nRBC}, where parties are guaranteed to obtain output as in reliable broadcast but may need to run forever, secure up to t < (b-1)/(b+1) n corruptions.
- There is no protocol for (nonstop) reliable broadcast secure up to t ? (b-1)/(b+1) n corruptions, implying that ?_{RBC} is an asymptotically optimal reliable broadcast protocol, and ?_{nRBC} is an optimal nonstop reliable broadcast protocol
A Fair and Resilient Decentralized Clock Network for Transaction Ordering
Traditional blockchain design gives miners or validators full control over
transaction ordering, i.e., they can freely choose which transactions to
include or exclude, as well as in which order. While not an issue initially,
the emergence of decentralized finance has introduced new transaction order
dependencies allowing parties in control of the ordering to make a profit by
front-running others' transactions. In this work, we present the Decentralized
Clock Network, a new approach for achieving fair transaction ordering. Users
submit their transactions to the network's clocks, which run an agreement
protocol that provides each transaction with a timestamp of receipt which is
then used to define the transactions' order. By separating agreement from
ordering, our protocol is efficient and has a simpler design compared to other
available solutions. Moreover, our protocol brings to the blockchain world the
paradigm of asynchronous fallback, where the algorithm operates with stronger
fairness guarantees during periods of synchronous use, switching to an
asynchronous mode only during times of increased network delay.Comment: In Proceedings of 27th International Conference on Principles of
Distributed Systems (OPODIS
Communication-Optimal Convex Agreement
Byzantine Agreement (BA) allows a set of parties to agree on a value even when up to of the parties involved are corrupted.
While previous works have shown that, for -bit inputs, BA can be achieved with the optimal communication complexity for sufficiently large , BA only ensures that honest parties agree on a meaningful output when they hold the same input, rendering the primitive inadequate for many real-world applications.
This gave rise to the notion of Convex Agreement (CA), introduced by Vaidya and Garg [PODC\u2713], which requires the honest parties\u27 outputs to be in the convex hull of the honest inputs. Unfortunately, all existing CA protocols incur a communication complexity of at least .
In this work, we introduce the first CA protocol with the optimal communication of bits for inputs in of size , where is the security parameter
Optimal Synchronous Approximate Agreement with Asynchronous Fallback
Approximate Agreement (AA) allows a set of parties that start with real-valued inputs to obtain values that are at most within a parameter from each other and within the range of their inputs. Existing AA protocols, both for the synchronous network model (where any message is delivered within a known delay time) and the asynchronous network model, are secure when up to of the parties are corrupted and require no initial setup (such as a public-key infrastructure (PKI) for signatures).
We consider AA protocols where a PKI is available, and show the first AA protocol that achieves simultaneously security against corruptions when the network is synchronous and corruptions when the network is asynchronous, for any such that . We further show that our protocol is optimal by proving that achieving AA for is impossible (even with setup). Remarkably, this is also the first AA protocol that tolerates more than corruptions in the synchronous network model
Round-Optimal Byzantine Agreement
Byzantine agreement is a fundamental primitive in cryptography and distributed computing, and minimizing its round complexity is of paramount importance. It is long known that any randomized -round protocol must fail with probability at least , for some constant , when the number of corruptions is linear in the number of parties, . On the other hand, current protocols fail with probability at least . Whether we can match the lower bound agreement probability remains unknown.
In this work, we resolve this long-standing open question. We present a protocol that matches the lower bound up to constant factors. Our results hold under a (strongly rushing) adaptive adversary that can corrupt up to parties, and our protocols use a public-key infrastructure and a trusted setup for unique threshold signatures. This is the first protocol that decreases the failure probability (overall) by a \u27super-constant\u27 factor per round
Multidimensional Approximate Agreement with Asynchronous Fallback
Multidimensional Approximate Agreement considers a setting of parties, where each party holds a vector in as input. The honest parties are required to obtain very close outputs in that lie inside the convex hull of their inputs.
Existing Multidimensional Approximate Agreement protocols achieve resilience against corruptions under a synchronous network where messages are delivered within some time , but become completely insecure as soon as a single message is further delayed. On the other hand, asynchronous solutions do not rely on any delay upper bound, but only achieve resilience up to corruptions.
We investigate the feasibility of achieving Multidimensional Approximate Agreement protocols that achieve simultaneously guarantees in both network settings: We want to tolerate corruptions when the network is synchronous, and also tolerate corruptions when the network is asynchronous. We provide a protocol that works as long as , and matches several existing lower bounds
Meeting in a Convex World: Convex Consensus with Asynchronous Fallback
Convex Consensus (CC) allows a set of parties to agree on a value inside the convex hull of their inputs with respect to a predefined convexity notion, even in the presence of byzantine parties. In this work, we focus on achieving CC in the best-of-both-worlds paradigm, i.e., simultaneously tolerating at most corruptions if communication is synchronous, and at most corruptions if it is asynchronous. Our protocol is randomized, which is a requirement under asynchrony, and we prove that it achieves optimal resilience. In the process, we introduce communication primitives tailored to the best-of-both-worlds model, which we believe to be of independent interest. These are a deterministic primitive, which allows honest parties to obtain intersecting views, and a randomized primitive, leading to identical views (which is impossible to achieve deterministically).
Afterwards, we consider achieving consensus using deterministic protocols, for which the agreement condition must be appropriately relaxed depending on the convexity space. For the relevant case of graph convexity spaces, we find that a previous asynchronous approximate agreement protocol for chordal graphs is incorrect, and hereby give a new protocol for the problem designed for the best-of-both-worlds model and achieving tight point-wise resilience bounds. Finally, we show that asynchronous graph approximate agreement remains unsolvable by deterministic protocols even when corruptions are restricted to at most two crashing nodes and the distance agreement threshold is linear in the size of the graph
Hybrid Post-Quantum Signatures in Hardware Security Keys
Recent advances in quantum computing are increasingly jeopardizing the security of cryptosystems currently in widespread use, such as RSA or elliptic-curve signatures. To address this threat, researchers and standardization institutes have accelerated the transition to quantum-resistant cryptosystems, collectively known as Post-Quantum Cryptography (PQC). These PQC schemes present new challenges due to their larger memory and computational footprints and their higher chance of latent vulnerabilities.
In this work, we address these challenges by introducing a scheme to upgrade the digital signatures used by security keys to PQC. We introduce a hybrid digital signature scheme based on two building blocks: a classically-secure scheme, ECDSA, and a post-quantum secure one, Dilithium.
Our hybrid scheme maintains the guarantees of each underlying building block even if the other one is broken, thus being resistant to classical and quantum attacks.
We experimentally show that our hybrid signature scheme can successfully execute on current security keys, even though secure PQC schemes are known to require substantial resources.
We publish an open-source implementation of our scheme at https://github.com/google/OpenSK/releases/tag/hybrid-pqc so that other researchers can reproduce our results on a nRF52840 development kit
Evaluarea ciclului de viaţă a ambalajelor de carton ondulat
In this paper corrugated board packaging life cycle was evaluated with life cycle assessment (LCA) methodology. Two LCA methods were considered for the evaluation: CML 2001-Jan.2016 and ReCiPe 1.08, both included in GaBi software. Results showed that corrugated board packaging has negative impacts on the environment even if there were registered low values. Elimination methods like landfilling and incineration of corrugated board packaging waste are increasing the negative impacts on the environment, while recovery of packaging waste and their use in the corrugated board production leads to the reduction of these impactsand natural resources conservation