The Byzantine Generals Problem Leslie Lamport Robert Shostak Marshall Pease.

Slides:



Advertisements
Similar presentations
Fault Tolerance. Basic System Concept Basic Definitions Failure: deviation of a system from behaviour described in its specification. Error: part of.
Advertisements

+ The Byzantine Generals Problem Leslie Lamport, Robert Shostak and Marshall Pease Presenter: Jose Calvo-Villagran
Byzantine Generals. Outline r Byzantine generals problem.
The Byzantine Generals Problem Leslie Lamport, Robert Shostak and Marshall Pease Presenter: Phyo Thiha Date: 4/1/2008.
Agreement: Byzantine Generals UNIVERSITY of WISCONSIN-MADISON Computer Sciences Department CS 739 Distributed Systems Andrea C. Arpaci-Dusseau Paper: “The.
BASIC BUILDING BLOCKS -Harit Desai. Byzantine Generals Problem If a computer fails, –it behaves in a well defined manner A component always shows a zero.
The Byzantine Generals Problem Boon Thau Loo CS294-4.
The Byzantine Generals Problem Leslie Lamport, Robert Shostak, Marshall Pease Distributed Algorithms A1 Presented by: Anna Bendersky.
Achieving Byzantine Agreement and Broadcast against Rational Adversaries Adam Groce Aishwarya Thiruvengadam Ateeq Sharfuddin CMSC 858F: Algorithmic Game.
Prepared by Ilya Kolchinsky.  n generals, communicating through messengers  some of the generals (up to m) might be traitors  all loyal generals should.
CSE 486/586, Spring 2012 CSE 486/586 Distributed Systems Byzantine Fault Tolerance Steve Ko Computer Sciences and Engineering University at Buffalo.
DISTRIBUTED SYSTEMS II FAULT-TOLERANT AGREEMENT Prof Philippas Tsigas Distributed Computing and Systems Research Group.
Byzantine Generals Problem: Solution using signed messages.
1 Principles of Reliable Distributed Systems Lecture 6: Synchronous Uniform Consensus Spring 2005 Dr. Idit Keidar.
Byzantine Generals Problem Anthony Soo Kaim Ryan Chu Stephen Wu.
1 Introduction to Computability Theory Lecture12: Reductions Prof. Amos Israeli.
The Byzantine Generals Problem (M. Pease, R. Shostak, and L. Lamport) January 2011 Presentation by Avishay Tal.
Distributed systems Module 2 -Distributed algorithms Teaching unit 1 – Basic techniques Ernesto Damiani University of Bozen Lesson 3 – Distributed Systems.
Copyright 2006 Koren & Krishna ECE655/ByzGen.1 UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Fault Tolerant Computing ECE 655.
Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Lecture 6: Synchronous Byzantine.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 15 Wenbing Zhao Department of Electrical and Computer Engineering.
1 Fault-Tolerant Consensus. 2 Failures in Distributed Systems Link failure: A link fails and remains inactive; the network may get partitioned Crash:
A Look at Byzantine Generals Problem R J Walters.
Byzantine Generals Problem in the Light of P2P Computing Natalya Fedotova Luca Veltri International Workshop on Ubiquitous Access Control July 17, 2006.
Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Lecture 6: Synchronous Byzantine.
The Byzantine Generals Problem L. Lamport R. Shostak M. Pease Presented by: Emmanuel Grumbach Raphael Unglik January 2004.
The Byzantine Generals Strike Again Danny Dolev. Introduction We’ll build on the LSP presentation. Prove a necessary and sufficient condition on the network.
Distributed Algorithms: Agreement Protocols. Problems of Agreement l A set of processes need to agree on a value (decision), after one or more processes.
Distributed Consensus Reaching agreement is a fundamental problem in distributed computing. Some examples are Leader election / Mutual Exclusion Commit.
Lecture #12 Distributed Algorithms (I) CS492 Special Topics in Computer Science: Distributed Algorithms and Systems.
Consensus and Its Impossibility in Asynchronous Systems.
Ch11 Distributed Agreement. Outline Distributed Agreement Adversaries Byzantine Agreement Impossibility of Consensus Randomized Distributed Agreement.
DISTRIBUTED SYSTEMS II FAULT-TOLERANT AGREEMENT Prof Philippas Tsigas Distributed Computing and Systems Research Group.
Practical Byzantine Fault Tolerance Jayesh V. Salvi
1 The Byzantine Generals Problem Leslie Lamport, Robert Shostak, Marshall Pease Presented by Radu Handorean.
Byzantine Fault Tolerance in Stateful Web Service Yilei ZHANG 30/10/2009.
1 Resilience by Distributed Consensus : Byzantine Generals Problem Adapted from various sources by: T. K. Prasad, Professor Kno.e.sis : Ohio Center of.
The Byzantine General Problem Leslie Lamport, Robert Shostak, Marshall Pease.SRI International presented by Muyuan Wang.
EECS 262a Advanced Topics in Computer Systems Lecture 25 Byzantine Agreement November 28 th, 2012 John Kubiatowicz and Anthony D. Joseph Electrical Engineering.
CS 425/ECE 428/CSE424 Distributed Systems (Fall 2009) Lecture 9 Consensus I Section Klara Nahrstedt.
CSE 60641: Operating Systems Implementing Fault-Tolerant Services Using the State Machine Approach: a tutorial Fred B. Schneider, ACM Computing Surveys.
Hwajung Lee. Reaching agreement is a fundamental problem in distributed computing. Some examples are Leader election / Mutual Exclusion Commit or Abort.
CSE 486/586 CSE 486/586 Distributed Systems Byzantine Fault Tolerance Steve Ko Computer Sciences and Engineering University at Buffalo.
Chap 15. Agreement. Problem Processes need to agree on a single bit No link failures A process can fail by crashing (no malicious behavior) Messages take.
UNIVERSITY of WISCONSIN-MADISON Computer Sciences Department
Byzantine Fault Tolerance
CSE 486/586, Spring 2013 CSE 486/586 Distributed Systems Byzantine Fault Tolerance Steve Ko Computer Sciences and Engineering University at Buffalo.
Distributed Agreement. Agreement Problems High-level goal: Processes in a distributed system reach agreement on a value Numerous problems can be cast.
1 AGREEMENT PROTOCOLS. 2 Introduction Processes/Sites in distributed systems often compete as well as cooperate to achieve a common goal. Mutual Trust/agreement.
Chapter 8 Fault Tolerance. Outline Introductions –Concepts –Failure models –Redundancy Process resilience –Groups and failure masking –Distributed agreement.
CSE 486/586, Spring 2014 CSE 486/586 Distributed Systems Byzantine Fault Tolerance Steve Ko Computer Sciences and Engineering University at Buffalo.
CSE 486/586 Distributed Systems Byzantine Fault Tolerance
reaching agreement in the presence of faults
Synchronizing Processes
The OM(m) algorithm Recall what the oral message model is.
COMP28112 – Lecture 14 Byzantine fault tolerance: dealing with arbitrary failures The Byzantine Generals’ problem (Byzantine Agreement) 13-Oct-18 COMP28112.
CSE 486/586 Distributed Systems Byzantine Fault Tolerance
COMP28112 – Lecture 13 Byzantine fault tolerance: dealing with arbitrary failures The Byzantine Generals’ problem (Byzantine Agreement) 19-Nov-18 COMP28112.
Distributed Consensus
Agreement Protocols CS60002: Distributed Systems
Distributed Consensus
Jacob Gardner & Chuan Guo
Byzantine Generals Problem
Byzantine Faults definition and problem statement impossibility
Consensus in Synchronous Systems: Byzantine Generals Problem
The Byzantine Generals Problem
COMP28112 – Lecture 13 Byzantine fault tolerance: dealing with arbitrary failures The Byzantine Generals’ problem (Byzantine Agreement) 22-Feb-19 COMP28112.
John Kubiatowicz Electrical Engineering and Computer Sciences
Byzantine Generals Problem
CSE 486/586 Distributed Systems Byzantine Fault Tolerance
Presentation transcript:

The Byzantine Generals Problem Leslie Lamport Robert Shostak Marshall Pease

Part I - Infrastructure Introduction – Why are we here and what do we want? Describing the Byzantine abstraction. Developing necessary conditions. Postulating the problem.

Introduction (1) Generally speaking, a component of a system can malfunction. Failed components may exhibit erratic behavior, including arbitrary, random or wrong output. Failed components may provide conflicting data to other components.

Introduction (2) If a system is to be reliable, it must ensure that it can cope with failed components. We’ll deal with the problem by means of the “Byzantine Generals” abstraction.

The Abstraction (1) Scenario: Imagine several divisions of the Byzantine army, camped outside an enemy city. Each division is commanded by a general. Division are separated geographically. Generals can communicate via messengers.

The Abstraction (2) Mode of Operation: Each general: –Input: General observe the city. –Calculation: General decide either of the two options: “Attack” or “Retreat”. –Communication: General may communicate his decision to other generals. –Output: General computes locally a plan of action, according to his decision and data he received.

The Abstraction – Traitors (3) A general can be either “loyal” or “traitor”. A traitor may do whatever he pleases, including sending conflicting messages to different generals. Traitors can try to prevent the loyal generals from reaching an agreement.

Abstraction vs. Reality The army is the “system”. A general is a component of the system. A traitor is a failed component of the system.

Objective We demand these two conditions: Condition A: All loyal generals decide upon the same plan of action. Condition B: A small number of traitors cannot cause the loyal generals to adopt a bad plan. Note nothing is demanded from the traitors’ behavior.

Satisfying the Conditions (1) Denote by v(i) the value communicated by the ith general. In order to satisfy condition A (all loyal generals follow the same plan), this must hold: Condition 1: Every loyal general must obtain the same information v(1),…,v(n). Condition 1 implies a general cannot use v(i) sent from the ith general, as he may be a traitor.

Satisfying the Conditions (2) In order for condition B (A small number of traitors cannot cause the loyal generals to adopt a bad plan) to hold: We must not introduce the possibility that the generals use a different value of v(i) if the ith general is loyal. E.g., If all loyal generals sent “retreat”, loyal generals must not base their decision on “attack” values only. We postulate: Condition 2: If the ith general is loyal, then the value that he sends must be used by every loyal general as the value of v(i).

Condition 1 Revisited Condition 1: Every loyal general must obtain the same information v(1),…,v(n). We rewrite condition 1 as: For every i, whether the ith general is loyal or not: Condition 1’: Any two loyal generals use the same value of v(i).

Simplifying the Problem Now, conditions 1’ and 2 are both conditions on the single value sent by the ith general. Thus we restrict the consideration to the problem of how a single general sends his value to the others. This single general becomes a commanding general, and the others become his lieutenants.

Byzantine Generals Problem A commanding general must send an order to his n-1 lieutenant generals such that: IC1: All loyal lieutenants obey the same order. IC2: If the commanding general is loyal, then every loyal lieutenant obeys the order he sends.

Byzantine Generals Problem - Notes IC1 and IC2 are called the interactive consistency conditions. If the commander is loyal, IC1 follows from IC2. If the Byzantine Generals problem is solved, the original problem is solved by having every general act as a commander, and the others as lieutenants.

Part II – Impossibility Result Degenerate case: Direct proof that there’s no solution if there are 2 loyal generals and 1 treacherous. General case: Proof by reduction to the degenerate case: No solution unless more than 2/3 are loyal.

Model Currently we assume that the messages are “oral”. –Sender can transmit any data. We assume (for now) a general can send a message to another general directly. That is, a message need not be relayed by any general in order to reach its destination.

Degenerate Case Assume: There are 3 generals – A commander and 2 lieutenants. Scenario A: Assume the commander and lieutenant 1 are loyal, but lieutenant 2 is a traitor. Commander orders both lieutenants to attack. Lieutenant 2 lies to lieutenant 1. IC2 -> lieutenant 1 must attack.

Scenario A Commander Lieutenant 2Lieutenant 1 Attack Commander ordered “Retreat” Commander and me are loyal. I have to attack.

Scenario B: Assume the commander is a traitor and both lieutenants are loyal. Commander orders lieutenant 1 to attack, but orders lieutenant 2 to retreat. Lieutenant 2 reports lieutenant 1 that the commander’s order is “Retreat”. Lieutenant 1 cannot distinguish between scenarios A and B. Thus, it must act as it acted in situation A and attack. Therefore: Commander order lieutenant 1 to attack -> lieutenant 1 attacks.

Scenario B Commander Lieutenant 2Lieutenant 1 Retreat Attack Commander ordered “Retreat” As far as I’m concerned, I’m in scenario A. So I must attack.

Symmetrically: Commander order lieutenant 2 to retreat -> lieutenant 2 retreats. If so: In situation B, lieutenant 1 attacks and lieutenant 2 retreats, thereby violating IC1. QED degenerate case.

General Case Assume there are m traitors. No solution is possible if there are fewer than 3m+1 generals. Proof by reduction: Assume, for contradiction, a solution to the general problem where there are less than 3m+1 generals. Show that the degenerate case is solvable.

Albanian Generals Assume there exists an Albanian Generals algorithm, solving the Byzantine Generals problem where n<3m+1 and number of traitors is m. We build the Byzantine Generals algorithm for the degenerate case: Intuition: Each Byzantine general simulate approximately 1/3 of the Albanian generals.

n/3 Albanian lieutenants act like Byzantine lieutenant 1 acts. n/3 of the Albanian lieutenants act like Byzantine lieutenant 2 acts. n/3 -1 Albanian lieutenants and the Albanian commander acts like the Byzantine commander acts.

Byzantine Lieutenant 1 Albanian Lieutenant 2 Albanian Lieutenant 3 Byzantine Commander Albanian Commander Albanian Lieutenant 1 Byzantine Lieutenant 2 Albanian Lieutenant 4 Albanian Lieutenant 5 Attack

There’s only 1 Byzantine traitor, and he’s simulating at most m Albanian generals, so there are no more than m Albanian traitors. Therefore, conditions IC1 and IC2 hold for the Albanian generals. IC1 -> All Albanian generals simulated by a loyal Byzantine general obey the same order. This is the order the (loyal) Byzantine general follows. This implies IC1 holds also for the Byzantine generals.

Byzantine IC2 IC2 holds for the Albanian generals. Thus the n/3 Albanian lieutenants simulated by the loyal lieutenant follow the commander’s order (if the commander is loyal). Therefore, IC2 also holds for the Byzantine generals. QED

Part III – Solution with Oral Messages We first solve the problem with “oral messages”. We make certain assumptions on the general’s message system: A1. Every message that is sent is delivered correctly. A2. The receiver of a message knows who sent it. A3. The absence of a message can be detected. We also require, currently, a full communication graph.

Messaging System - Implications A1 (all messages are delivered correctly) and A2 (sender is known to receiver) prevent a traitor from interfering with communications. A3 (detectable absence of messages) prevents a traitor from sabotaging by not sending a message. Default value for unsent messages is “retreat”.

OM(m) – Oral Messages Alg OM(m) is used by the commander in order to send his command to n-1 lieutenants. We use the majority function. The algorithm is defined recursively.

Base - OM(0) The commander sends his value to every lieutenant. Each lieutenant uses the value he receives from the commander, or uses the RETREAT default value if he receives no value.

Recursion - OM(m), m>0 The commander sends his value to every lieutenant. Lieutenant i denotes the value it received from the commander by v i. Every lieutenant acts as a commander, sending the value he received to n-2 other lieutenants using OM(m-1). For each i, and each j≠i, lieutenant i obeys majority( ), where v j is the value received from lieutenant j.

Lieutenant 1 Commander Lieutenant 3 Lieutenant 6 Lieutenant 4 Lieutenant 5 Lieutenant 2 v vv v v v v v v v vv v x x Kick off – commander sends his value v to all lieutenants. This is the first step of OM(2) Now, loyal lieutenant 2 uses OM(1) in order to convince others That the value he received from the commander is v. When lieutenants 1 and 3 get lieutenant 2’s value, they use OM(0) in order to send this value to all other lieutenants. Here we see only the values lieutenant 6 receives. Note the Traitors send wrong values. Now lieutenant 6 can use v lieutenant 2 value: majority(v,v,v,x,x)=v

Lemma For any m and k, algorithm OM(m) satisfies IC2 if there are more than 2k+m generals and at most k traitors. Recall IC2 assumes commander is loyal. Proof by induction: Base: m=0. By A1 (sent messages are received correctly), all the loyal lieutenants receive the same value the commander sent. QED base.

Lemma – Closure (1) Assume lemma’s true for m-1, m>0. According to the algorithm: Loyal commander sends value v to n-1 lieutenants. Then each lieutenant sends his value to other lieutenants. By hypothesis: n>2k+m, implying n-1>2k+m-1. Using induction hypothesis we get that every loyal lieutenant receives v as the value of other loyal lieutenants.

Lemma – Closure (2) There are at most k traitors and n-1>2k + (m-1)≥2k, a majority of the n-1 lieutenants are loyal. Thus, each loyal lieutenant has v as the majority of the n-1 values. QED lemma.

Correctness of OM(m) Theorem: For any m, OM(m) satisfies conditions IC1 and IC2 if there are more than 3m generals and at most m traitors. Proof by induction on m: Base m=0 is trivial – there are no traitors. Closure: Assume theorem holds for m-1.

Correctness of OM(m) – Closure(1) First assume commander is loyal. By taking k=m, the lemma assures us that IC2 holds. If the commander is loyal, IC1 follows from IC2. QED for this case. We need to prove that if the commander is a traitor, IC1 holds.

Correctness of OM(m) – Closure(2) There are at most m traitors, and the commander is one of them. There are more than 3m generals, implying there are more than 3m-1 lieutenants, and 3m-1>3(m-1), i.e. number of traitors is less than a third of the number of lieutenants.. Thus, the induction hypothesis holds for OM(m-1) (which the lieutenants use).

Correctness of OM(m) – Closure(3) By correctness of OM(m-1), each lieutenant i receives from lieutenant j the value lieutenant j received from the commander. Therefore, all loyal lieutenants receive the same vector of values. Therefore, they all obey the same value. IC1 holds. QED.

Part IV – Solution with Signed Messages The traitor’s ability to lie makes the Byzantine Generals problem difficult. We restrict this ability by introducing signed messages, which can’t be forged. We add the assumption: A4. (a) A loyal general’s signature can’t be forged, and any alteration of the content of his signed message can be detected. (b) Anyone can verify the authenticity of a general’s signature.

Notes on A4 Considering public key encryption and/or the possibility of pre-shared secretes between the generals, A4 is plausible. Note that traitors can forge each others signatures. This enables traitors to band against the loyal generals. Assuming A4, problem can be solved for and number of traitors.

SM Algorithm (informal) The commander sends his order signed. Each message a lieutenant receives is signed by him and forwarded to all other lieutenants who hadn’t signed the message yet. A lieutenant collects all values he receives from authentic messages in a set named V. In the end, a lieutenant obeys the order CHOICE(V), where CHOICE is some pre- defined deterministic function.

SM Correctness – Informal (1) For IC2, assume commander is loyal. Since no one can forge the commander’s signature, any authentic message can only contain the commander’s order. Thus, for every loyal lieutenant, V contains only one value. QED if commander is loyal.

SM Correctness – Informal (2) Assume commander is a traitor. We prove that all loyal lieutenants obtain the same V. If lieutenant i collected the order v (recall this implies the order was properly authenticated), then he sends this order to all other lieutenants. Thus any other loyal lieutenant will also collect the order v. QED SM correctness.

Part V - A Note on Reliable Systems - Pros Using the aforementioned algorithms, one can implement a reliable system. Reliability is obtained on the software level, and can cope with any hardware malfunctioning. Such a system uses redundancy of extra- computations in order to avoid a single malfunctioning module crashing the entire system.

A Note on Reliable Systems - Cons Then again, one need to make sure all of the assumptions hold… A1 – Messages are delivered correctly: Communication failures can always occur. A2 – The receiver of a message knows who sent it: Requires communication will carried on hard- wired lines. Unnecessary is A4 is assumed. A3 – The absence of a message can be detected: Requires synchronization. A4 – As stated before, quite reasonable.

In Conclusion We’ve found a necessary and sufficient condition on the number of traitors in order for the problem to be solvable. We’ve solved the problem for the cases it’s solvable. Achieving reliability in the face of arbitrary malfunctioning is a difficult problem. It seems any solution is inherently costly: –Long message paths. –Many messages. –Much transferred information.