Data Consistency in Sensor Networks: Secure Agreement Fatemeh Borran Supervised by: Panos Papadimitratos, Marcin Poturalski Prof. Jean-Pierre Hubaux IC-29.

Slides:



Advertisements
Similar presentations
ON THE COMPLEXITY OF ASYNCHRONOUS GOSSIP Presented by: Tamar Aizikowitz, Spring 2009 C. Georgiou, S. Gilbert, R. Guerraoui, D. R. Kowalski.
Advertisements

Fault Tolerance. Basic System Concept Basic Definitions Failure: deviation of a system from behaviour described in its specification. Error: part of.
Impossibility of Distributed Consensus with One Faulty Process
DISTRIBUTED SYSTEMS II FAULT-TOLERANT BROADCAST Prof Philippas Tsigas Distributed Computing and Systems Research Group.
BASIC BUILDING BLOCKS -Harit Desai. Byzantine Generals Problem If a computer fails, –it behaves in a well defined manner A component always shows a zero.
Teaser - Introduction to Distributed Computing
Chapter 15 Basic Asynchronous Network Algorithms
Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.
Distributed Computing 8. Impossibility of consensus Shmuel Zaks ©
Introduction to Wireless Sensor Networks
Failure detector The story goes back to the FLP’85 impossibility result about consensus in presence of crash failures. If crash can be detected, then consensus.
Prepared by Ilya Kolchinsky.  n generals, communicating through messengers  some of the generals (up to m) might be traitors  all loyal generals should.
Distributed Computing 8. Impossibility of consensus Shmuel Zaks ©
Byzantine Generals Problem: Solution using signed messages.
Randomized Algorithms for Reliable Broadcast (IBM T.J. Watson) Vinod Vaikuntanathan Michael Ben-OrShafi GoldwasserElan Pavlov.
1 Principles of Reliable Distributed Systems Lecture 6: Synchronous Uniform Consensus Spring 2005 Dr. Idit Keidar.
Byzantine Generals Problem Anthony Soo Kaim Ryan Chu Stephen Wu.
Fail-Safe Mobility Management and Collision Prevention Platform for Cooperative Mobile Robots with Asynchronous Communications Rami Yared School of Information.
1 Complexity of Network Synchronization Raeda Naamnieh.
Distributed Systems Fall 2010 Time and synchronization.
1 Principles of Reliable Distributed Systems Lecture 3: Synchronous Uniform Consensus Spring 2006 Dr. Idit Keidar.
CS 582 / CMPE 481 Distributed Systems Fault Tolerance.
Distributed systems Module 2 -Distributed algorithms Teaching unit 1 – Basic techniques Ernesto Damiani University of Bozen Lesson 3 – Distributed Systems.
Asynchronous Consensus (Some Slides borrowed from ppt on Web.(by Ken Birman) )
CPSC 668Set 9: Fault Tolerant Consensus1 CPSC 668 Distributed Algorithms and Systems Fall 2006 Prof. Jennifer Welch.
CPSC 668Set 9: Fault Tolerant Consensus1 CPSC 668 Distributed Algorithms and Systems Spring 2008 Prof. Jennifer Welch.
CPSC 668Set 10: Consensus with Byzantine Failures1 CPSC 668 Distributed Algorithms and Systems Fall 2006 Prof. Jennifer Welch.
Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Lecture 6: Synchronous Byzantine.
1 Fault-Tolerant Consensus. 2 Failures in Distributed Systems Link failure: A link fails and remains inactive; the network may get partitioned Crash:
1 Principles of Reliable Distributed Systems Lecture 5: Failure Models, Fault-Tolerant Broadcasts and State-Machine Replication Spring 2005 Dr. Idit Keidar.
Distributed systems Module 2 -Distributed algorithms Teaching unit 1 – Basic techniques Ernesto Damiani University of Bozen Lesson 4 – Consensus and reliable.
Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Lecture 6: Synchronous Byzantine.
Aran Bergman, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Recitation 5: Reliable.
 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Lecture 12: Impossibility.
Reaching Approximate Agreement in an Asynchronous Environment And what does it have to do with the Witness Protection Program.
Distributed Algorithms: Agreement Protocols. Problems of Agreement l A set of processes need to agree on a value (decision), after one or more processes.
On the Cost of Fault-Tolerant Consensus When There are no Faults Idit Keidar & Sergio Rajsbaum Appears in SIGACT News; MIT Tech. Report.
1 Principles of Reliable Distributed Systems Recitation 7 Byz. Consensus without Authentication ◊S-based Consensus Spring 2008 Alex Shraer.
Consensus and Related Problems Béat Hirsbrunner References G. Coulouris, J. Dollimore and T. Kindberg "Distributed Systems: Concepts and Design", Ed. 4,
Safeguarding Wireless Service Access Panos Papadimitratos Electrical and Computer Engineering Virginia Tech.
1 Fault Tolerance in Collaborative Sensor Networks for Target Detection IEEE TRANSACTIONS ON COMPUTERS, VOL. 53, NO. 3, MARCH 2004.
1 A Modular Approach to Fault-Tolerant Broadcasts and Related Problems Author: Vassos Hadzilacos and Sam Toueg Distributed Systems: 526 U1580 Professor:
Securing Every Bit: Authenticated Broadcast in Wireless Networks Dan Alistarh, Seth Gilbert, Rachid Guerraoui, Zarko Milosevic, and Calvin Newport.
Ch11 Distributed Agreement. Outline Distributed Agreement Adversaries Byzantine Agreement Impossibility of Consensus Randomized Distributed Agreement.
Byzantine fault-tolerance COMP 413 Fall Overview Models –Synchronous vs. asynchronous systems –Byzantine failure model Secure storage with self-certifying.
CS4231 Parallel and Distributed Algorithms AY 2006/2007 Semester 2 Lecture 8 Instructor: Haifeng YU.
Agenda Fail Stop Processors –Problem Definition –Implementation with reliable stable storage –Implementation without reliable stable storage Failure Detection.
Approximation of δ-Timeliness Carole Delporte-Gallet, LIAFA UMR 7089, Paris VII Stéphane Devismes, VERIMAG UMR 5104, Grenoble I Hugues Fauconnier, LIAFA.
CS 425/ECE 428/CSE424 Distributed Systems (Fall 2009) Lecture 9 Consensus I Section Klara Nahrstedt.
Re-Configurable Byzantine Quorum System Lei Kong S. Arun Mustaque Ahamad Doug Blough.
Multi-channel Wireless Sensor Network MAC protocol based on dynamic route.
Sliding window protocol The sender continues the send action without receiving the acknowledgements of at most w messages (w > 0), w is called the window.
Chap 15. Agreement. Problem Processes need to agree on a single bit No link failures A process can fail by crashing (no malicious behavior) Messages take.
SysRép / 2.5A. SchiperEté The consensus problem.
1 Fault tolerance in distributed systems n Motivation n robust and stabilizing algorithms n failure models n robust algorithms u decision problems u impossibility.
Fault-Tolerant Broadcast Terminology: broadcast(m) a process broadcasts a message to the others deliver(m) a process delivers a message to itself 1.
Fault tolerance and related issues in distributed computing Shmuel Zaks GSSI - Feb
DISTRIBUTED ALGORITHMS Spring 2014 Prof. Jennifer Welch Set 9: Fault Tolerant Consensus 1.
1 Fault-Tolerant Consensus. 2 Communication Model Complete graph Synchronous, network.
March 9, Broadcasting with Bounded Number of Redundant Transmissions Majid Khabbazian.
Randomized Algorithms for Distributed Agreement Problems Peter Robinson.
Unreliable Failure Detectors for Reliable Distributed Systems Tushar Deepak Chandra Sam Toueg Presentation for EECS454 Lawrence Leinweber.
1 AGREEMENT PROTOCOLS. 2 Introduction Processes/Sites in distributed systems often compete as well as cooperate to achieve a common goal. Mutual Trust/agreement.
Intrusion Tolerant Consensus in Wireless Ad hoc Networks Henrique Moniz, Nuno Neves, Miguel Correia LASIGE Dep. Informática da Faculdade de Ciências Universidade.
When Is Agreement Possible
CSCE 668 DISTRIBUTED ALGORITHMS AND SYSTEMS
Outline Distributed Mutual Exclusion Distributed Deadlock Detection
Agreement Protocols CS60002: Distributed Systems
CSCE 668 DISTRIBUTED ALGORITHMS AND SYSTEMS
M. Mock and E. Nett and S. Schemmer
Presentation transcript:

Data Consistency in Sensor Networks: Secure Agreement Fatemeh Borran Supervised by: Panos Papadimitratos, Marcin Poturalski Prof. Jean-Pierre Hubaux IC-29 Self-Organised Wireless and Sensor Networks

Outline Introduction Problem Statement Assumptions System Model Algorithms Results Conclusion March 6, 20072

Introduction Classical Sensor Networks –centralized and reliable base station –one-to-many association Distributed Sensor Networks –decentralized architecture –every node could be faulty or malicious –many-to-many association March 6, 20073

4 Problem Statement Environment produces single actual value α Each sensor node measures the noisy environment Measurement error is bounded by ε All sensor nodes don’t behave correctly incorrect measurement or malicious behavior Problem: value of single sensor node is not reliable Goal: ensure data consistency among sensor nodes Approach: agreement on actual value α

March 6, Fault Model Correct Sensor: behave according to the protocol specification measurement error is bounded by ε Faulty Sensor: measurement error is not bounded follow assigned protocol Byzantine Sensor: under control of a unique adversary behave arbitrary (crash-failure, omission-failure,…) |F|≤ k |B|≤ t |C|≥ n-k-t

March 6, System Model System Synchronous: transmission delay and process speed are bounded and known Asynchronous: slow process is not detectable Authentication Unique identity and signature A modified message is detectable Communication Channels Integrity: every received message was previously sent No-duplication: each message is received at most once Reliability: messages sent by a correct node are received by all nodes and are not modified.

March 6, Secure Agreement Problem Properties: Validity: if s i decides v, then |v-v i |≤ε and v i is initial value of some non-Byzantine node Strong Validity: if s i decides v, then |v-α|≤ε Agreement: if s i decides v i and s j decides v j then |v i -v j |≤Φ Termination: every non-Byzantine node eventually decides Primitives: broadcast( v i ) decide( v )

March 6, Algorithm I: Synchronous One-hop V p := r := 1 while r < t+1 do broadcast(V p ) to all nodes V p := V p U {V q | V q is received from q} r := r + 1 end while T := all duplicated values in V p V p := V p - T decide(f(V p )) f : trimming and averaging function W p := reduce(V p,k+t-|T|/2) f(V p ) := mean(W p ) r ≤ 1

March 6, Theorem I Theorem I: Algorithm I solves secure agreement for one-hop synchronous sensor networks with authenticated messages. Lemma I: After t+1 rounds, all nodes have the same set. Lemma II: All nodes apply the same deterministic function: f. Communication complexity: O ((t+1)n 2 ) S PQ x Round 1 S PQ x Round 2 S PQ x Round 1 S PQ x Round 2 y y S is Byzantine

March 6, Algorithm II: Synchronous One-hop r := 1 while true do broadcast(x p ) to all nodes V p := U { | x q is received from q} W p := reduce(V p,t+k) x p := median(W p ) if (δ(W p ) < Φ) then decide(x p ) end if r := r + 1 end while Φ = ε => one round is required Φ two rounds are required δ(W p ):= max(W p ) – min(W p )

March 6, Theorem II Theorem II: Algorithm II solves secure agreement for one- hop synchronous sensor networks with authenticated messages. Lemma I: W p contains only the values from correct nodes. Lemma II: Every faulty node corrects its value after first round. Communication complexity: O (n) Question: Is it possible to achieve O (c) complexity?

March 6, Algorithm III: Synchronous One-hop r := 1 S := arbitrary set of 2t+2k+1 nodes while true do if p in S then broadcast(x p ) to all nodes end if … // same as Algorithm II r := r + 1 end while Communication complexity: O (2t+2k+1)

March 6, Modified Algorithm II: Asynchronous One-hop r := 1 while true do broadcast(x p ) to all nodes V p := U { | x q is received from q} if (|V p | ≥ n-t) then W p := reduce(V p,t+k) x p := median(W p ) if (δ(W p ) < Φ) then decide(x p ) end if r := r + 1 end while |V|: cardinality of V Φ = ε => one round is required in best case Φ t rounds are required in best case

Multi-hop Communication Connectivity: there is a path between each pair of non- Byzantine nodes in the network. t-connectivity: there are no t nodes whose removal disconnects the network March 6, Correct node Faulty node Byzantine node Communication range unconnected network

Multi-hop Communication Connectivity: there is a path between each pair of non- Byzantine nodes in the network. t-connectivity: there are no t nodes whose removal disconnects the network March 6, Correct node Faulty node Byzantine node Communication range unconnected network

Multi-hop Communication Connectivity: there is a path between each pair of non- Byzantine nodes in the network. t-connectivity: there are no t nodes whose removal disconnects the network March 6, connected network Correct node Faulty node Byzantine node Communication range

March 6, Modified Algorithm I: Synchronous Multi-hop V p := r := 1 while r < t+d+1 do broadcast(V p ) to all nodes V p := V p U {V q | V q is received from q} r := r + 1 end while T := all duplicated values in V p V p := V p – T decide(f(V p )) f : trimming and averaging function W p := reduce(V p,k+t-|T|/2) f(V p ) := mean(W p ) d: network diameter r < d+1

March 6, Theorem III Theorem III: Algorithm I solves secure agreement for multi-hop synchronous sensor networks with authenticated messages. Lemma I: After t+d+1 rounds, all nodes have the same set. Lemma II: All nodes apply the same deterministic function: f. Lemma III: t-connectivity ensures agreement and termination. Communication complexity: O ((t+d+1)n 2 )

March 6, Algorithm IV: Asynchronous Multi-hop V p := r := 1 while true do broadcast(V p ) to all nodes V p := V p U {V q | V q is received from q} if (|V p | > 2(t+k)) then W p := reduce(V p,t+k) x p := median(W p ) if (δ(W p ) < Φ) then decide(x p ) end if V p := r := r + 1 end while Φ = ε => one round is required in best case Φ n-2t-2k rounds are required in best case

March 6, Theorem IV Theorem IV: Algorithm IV solves secure agreement for multi-hop asynchronous sensor networks with authenticated messages. Lemma I: Within 2(t+k)+1 values, t+k+1 values are correct. Lemma II: All nodes apply the same deterministic function: f. Lemma III: t-connectivity ensures termination. Communication complexity: O (2(t+k)n)

Results: One-hop March 6, AlgorithmSystemAssumptionCommunication complexity Algorithm ISynchronousn > 2t+2kO(n 2 ) Algorithm IISynchronousn > 2t+2kO(n) Algorithm IIISynchronousn > 2t+2kO(2(t+k)) Algorithm II’Asynchronousn > 3t+2kO(n) * Table I: Secure Agreement with Strong Validity * best case results

Results: One-hop March 6, AlgorithmSystemAssumptionCommunication complexity Algorithm ISynchronousn > 2tO(tn 2 ) Algorithm IISynchronousn > 2tO(tn) Algorithm IIISynchronousn > 2tO(2t(t+k)) Algorithm II’Asynchronousn > 3tO(tn) * Table II: Secure Agreement with Validity * best case results

Results: Multi-hop March 6, AlgorithmSystemAssumptionCommunication complexity Algorithm I’Synchronousn > 2t+2kO(dn 2 ) Algorithm IVAsynchronousn > 2t+2kO(2(t+k)n) * Table III: Secure Agreement with Strong Validity * best case results

Results: Multi-hop March 6, AlgorithmSystemAssumptionCommunication complexity Algorithm I’Synchronousn > 2tO((t+d+1)n 2 ) Algorithm IVAsynchronousn > 2tO(2(t+k)(n-2t-2k)n)* Table IV: Secure Agreement with Validity * best case results

March 6, Conclusion Distributed sensor networks vs. Classical sensor networks. save communication bandwidth provide redundancy eliminate single-point of failure use broadcast instead of unicast inform quickly and easily the end-user Data consistency as agreement problem. New variant of agreement problem: secure agreement. Φ can be chosen arbitrarily small to get as close to consensus as desired. t-connectivity is not required to be held in every round.

March 6, Future works Strong validity requires n>2(t+k) Impossibility results with n≤2(t+k) ? Asynchronous algorithm with constant communication complexity? Analyse communication complexity of worst case in asynchronous algorithms? Simulation results