Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Byzantine Generals Problem

Published byЉиљана Јовић Modified over 6 years ago

Similar presentations

Presentation on theme: "The Byzantine Generals Problem"— Presentation transcript:

1 The Byzantine Generals Problem
Siqiu Yao

2 Authors Leslie Lamport Robert Shostak Marshall Pease you again!
we all know him Robert Shostak PhD in Applied Math, Harvard SRI International Founder, Ansa Software Founder, Mira Tech Borland Software Founder Portera System Founder Vocera Marshall Pease

3 Another story from Lamport?
Time, Clocks, and the Ordering of Events in a Distributed System 1978 The part-time parliament 1990

4 Another story from Lamport?
Time, Clocks, and the Ordering of Events in a Distributed System 1978 The Byzantine Generals Problem 1982 The part-time parliament 1990

5 How this story came “I have long felt that, because it was posed as a cute problem about philosophers seated around a table, Dijkstra's dining philosopher's problem received much more attention than it deserves. …... The popularity of the dining philosophers problem taught me that the best way to attract attention to a problem is to present it in terms of a story. ” ˈdɛɪkstra *

6 How this story came “There is a problem in distributed computing that is sometimes called the Chinese Generals Problem, in which two generals have to come to a common agreement on whether to attack or retreat, but can communicate only by sending messengers who might never arrive. *

7 How this story came “I stole the idea of the generals and posed the problem in terms of a group of generals, some of whom may be traitors, who have to reach a common decision. *

8 What is the Byzantine generals problem

9 Byzantine generals problem
“several divisions of the Byzantine army are camped outside an enemy city, each division commanded by its own general. The generals can communicate with one another only by messenger. After observing the enemy, they must decide upon a common plan of action.” *castle: *general: *lieutenant:

10 Byzantine generals problem
ATTACK! Byzantine generals problem ATTACK! Generals should reach a consensus on the plan It could be ATTACK ATTACK! ATTACK! *castle: *general: *lieutenant:

11 Byzantine generals problem
RETREAT! Byzantine generals problem RETREAT! Generals should reach a consensus on the plan Or RETREAT RETREAT! RETREAT! *castle: *general: *lieutenant:

12 Byzantine generals problem
ATTACK! Byzantine generals problem ATTACK! But there might be traitors All loyal generals should reach a consensus ATTACK! ATTACK! *castle: *general: *lieutenant: *traitor:

13 Byzantine generals problem
ATTACK! Byzantine generals problem ATTACK! But traitors can act arbitrarily All loyal generals should reach a consensus Let’s RETREAT! ATTACK! ATTACK! *castle: *general: *lieutenant: *traitor:

14 Byzantine generals problem
Opps! Byzantine generals problem Opps! But traitors can act arbitrarily All loyal generals should reach a consensus Haha! ??? *castle: *general: *lieutenant: *traitor:

15 Byzantine generals problem
A simplified version “A commanding general sends an order to his n-1 lieutenant generals such that IC1. All loyal lieutenants obey the same order. IC2. If the commanding general is loyal, then every loyal lieutenant obeys the order he sends.”

16 What is the byzantine generals problem
IC1. All loyal lieutenants obey the same order IC2. If the commanding general is loyal, then every loyal lieutenant obeys the order he sends.

17 What is the byzantine generals problem
Consistency/Agreement IC2. If the commanding general is loyal, then every loyal lieutenant obeys the order he sends.

18 What is the byzantine generals problem
Consistency/Agreement Validity

19 What is the byzantine generals problem
Consistency/Agreement IC2. If the commanding general is loyal, then every loyal lieutenant obeys the order he sends.

20 What is the byzantine generals problem
Consistency/Agreement Validity Liveness/Termination?

21 Impossibility Result

22 Impossibility result “if the generals can send only oral messages, then no solution will work unless more than ⅔ of the generals are loyal.”

23 Impossibility result “if the generals can send only oral messages, then no solution will work unless more than ⅔ of the generals are loyal.” what are oral messages?

24 Impossibility result oral messages:
every message that is sent is delivered correctly the receiver of a message knows who sent it the absence of a message can be detected

25 Impossibility result oral messages:
every message that is sent is delivered correctly the receiver of a message knows who sent it the absence of a message can be detected

26 Impossibility result oral messages:
every message that is sent is delivered correctly authenticated channel the absence of a message can be detected

27 Impossibility result oral messages:
every message that is sent is delivered correctly authenticated channel the absence of a message can be detected

28 Impossibility result oral messages:
every message that is sent is delivered correctly authenticated channel synchronous network

29 Impossibility result “if the generals can send only oral messages, then no solution will work unless more than ⅔ of the generals are loyal.” in a synchronous network, with authenticated channel, when m generals are traitors, no solution will work unless there are more than 3m generals

30 impossibility result - proof
case m = 1:

31 impossibility result - proof
case m = 1: scenario 1: the commander is loyal one lieutenant is a traitor

32 impossibility result - proof
case m = 1: scenario 1: the commander is loyal one lieutenant is a traitor the left lieutenant should ATTACK ATTACK! ATTACK! the commander said “RETREAT!”

33 impossibility result - proof
case m = 1: scenario 2: the commander is a traitor RETREAT! ATTACK! the commander said “RETREAT!” the commander said “ATTACK!”

34 Three scenarios I should ATTACK! I should RETREAT! RETREAT! RETREAT!
the commander said “ATTACK!” the commander said “RETREAT!” the commander said “RETREAT!” the commander said “ATTACK!” I should ATTACK! I should RETREAT!

35 Three scenarios Consistency broken! I should ATTACK! I should RETREAT!
the commander said “ATTACK!” the commander said “RETREAT!” the commander said “RETREAT!” the commander said “ATTACK!” I should ATTACK! I should RETREAT!

36 impossibility result prove m > 1 by contradiction
assume we have a solution protocol f for 3m generals when m > 1 we can solve m = 1 case by leveraging f

37 impossibility result prove m > 1 by contradiction
assume the three generals are x, y, z, and x is the commander; according to protocol f x simulates one commander and m-1 lieutenants each of y and z simulates m lieutenants

38 impossibility result prove m > 1 by contradiction
assume the three generals are x, y, z, and x is the commander; according to protocol f x simulates one commander and m-1 lieutenants each of y and z simulates m lieutenants at most one of x, y, z is a traitor at most m simulated traitors protocol f can solve the case when there are at most m traitors

39 impossibility result prove m > 1 by contradiction
if we can solve case m > 1 then we can solve m = 1 we proved case m = 1 cannot be solved contradiction!

40 Oral messages’ fault With only oral messages, traitors can lie by telling the wrong command they received

41 Three scenarios I should ATTACK! I should RETREAT! RETREAT! RETREAT!
the commander said “ATTACK!” the commander said “RETREAT!” the commander said “RETREAT!” the commander said “ATTACK!” I should ATTACK! I should RETREAT!

42 Signed message With only oral messages, traitors can lie by telling the wrong command they received Signed messages cannot be forged anyone can verify the authenticity

43 Solutions: oral messages and signed messages

44 Solutions - with oral messages
OM(k) k == 0 commander sends the value to every one everyone return the value they received

45 Solutions - with oral messages
OM(k) k == 0 commander sends the value to every one everyone return the value they received k > 0 everyone start a smaller bgp OM(k-1) containing all ones but the current commander and become the new commander everyone participated n-1 OM(k-1) and get n-1 values, return the majority

46 OM(1) ATTACK! ATTACK! ATTACK!

47 OM(1) - 3*OM(0) ATTACK! ATTACK! ATTACK! ATTACK! ATTACK! RETREAT!

48 Solutions - with oral messages
OM(k) k == 0 commander sends the value to every one everyone return the value they received k > 0 everyone start a smaller bgp OM(k-1) containing all ones but the current commander and become the new commander everyone participated n-1 OM(k-1) and get n-1 values, return the majority Intuition: for every message M received, solve a smaller bgp containing all but the current commander to tell others you received M

49 Solutions - with oral messages
OM(k) k == 0 commander sends the value to every one everyone return the value they received k > 0 everyone start a smaller bgp OM(k-1) containing all ones but the current commander and become the new commander everyone participated n-1 OM(k-1) and get n-1 values, return the majority Intuition: for every message M received, solve a smaller bgp containing all but the current commander to tell others you received M OM(m) for m traitors when 3m < n

50 Solutions - with oral messages
OM(k) - Message complexity: (n-1)*MC(OM(k-1)) + n-1 = O(n^m) k == 0 commander sends the value to every one everyone return the value they received k > 0 everyone start a smaller bgp OM(k-1) containing all ones but the current commander and become the new commander everyone participated n-1 OM(k-1) and get n-1 values, return the majority Intuition: for every message M received, solve a smaller bgp containing all but the current commander to tell others you received M OM(m) for m traitors when 3m < n

51 Solutions - with signed messages
SM(k) every lieutenant maintains a value set V(i) the commander sends the value to every lieutenant with its signature

52 Solutions - with signed messages
SM(k) every lieutenant maintains a value set V(i) the commander sends the value to every lieutenant with its signature for every lieutenant every time it receive a new value v put it in V(i) if v is associated with less than m lieutenants’ signatures, sign it and send to everyone

53 Solutions - with signed messages
SM(k) every lieutenant maintains a value set V(i) the commander sends the value to every lieutenant with its signature for every lieutenant every time it receive a new value v put it in V(i) if v is associated with less than m lieutenants’ signatures, sign it and send to everyone when there will be no more messages, return choice(V(i)) choice(V) return v then V = {v} return RETREAT when |V| = 0

54 SM(1) RETREAT!:0 ATTACK!:0 2 1

55 SM(1) RETREAT!:0 ATTACK!:0 RETREAT!:0:2 ATTACK!:0:1 2 1

56 SM(1) RETREAT!:0 ATTACK!:0 RETREAT!:0:2 ATTACK!:0:1 2 1 V(1) = V(2)

57 SM(1) Choice(V(1)) = Choice(V(2)) RETREAT!:0 ATTACK!:0 RETREAT!:0:2
RETREAT!:0 ATTACK!:0 RETREAT!:0:2 ATTACK!:0:1 2 1 Choice(V(1)) = Choice(V(2))

58 Solutions - with signed messages
SM(k) every lieutenant maintains a value set V(i) the commander sends the value to every lieutenant with its signature for every lieutenant every time it receive a new value v put it in V(i) if v is associated with less than k lieutenants’ signatures, sign it and send to everyone when there will be no more messages, return choice(V(i)) choice(V) return v then V = {v} return RETREAT when |V| = 0 intuition: ensure every message received by a loyal lieutenant is sent to every loyal lieutenant

59 Solutions - with signed messages
SM(k) every lieutenant maintains a value set V(i) the commander sends the value to every lieutenant with its signature for every lieutenant every time it receive a new value v put it in V(i) if v is associated with less than k lieutenants’ signatures, sign it and send to everyone when there will be no more messages, return choice(V(i)) choice(V) return v then V = {v} return RETREAT when |V| = 0 intuition: ensure every message received by a loyal lieutenant is sent to every loyal lieutenant SM(m+1) for m traitors

60 Solutions - with signed messages
SM(k) - message complexity: O(n^2) every lieutenant maintains a value set V(i) the commander sends the value to every lieutenant with its signature for every lieutenant every time it receive a new value v put it in V(i) if v is associated with less than k lieutenants’ signatures, sign it and send to everyone when there will be no more messages, return choice(V(i)) choice(V) return v then V = {v} return RETREAT when |V| = 0 intuition: ensure every message received by a loyal lieutenant is sent to every loyal lieutenant SM(m+1) for m traitors

61 Solutions - with signed messages
SM(k) - message complexity: O(n^2) every lieutenant maintains a value set V(i) the commander sends the value to every lieutenant with its signature for every lieutenant every time it receive a new value v put it in V(i) if v is associated with less than k lieutenants’ signatures, sign it and send to everyone when there will be no more messages, return choice(V(i)) choice(V) return v then V = {v} return RETREAT when |V| = 0 intuition: ensure every message received by a loyal lieutenant is sent to every loyal lieutenant SM(m+1) for m traitors

62 Minimum number required for which
an f-resilient consensus protocol exists synchrony asynchrony partial synchrony fail-stop f+1 inf 2f+1 crash 2f+1 (Paxos) byzantine with digital signature f+1 (SM(f+1)) byzantine with authenticated channel 3f+1 (OM(f))

63 Minimum number required for which
an f-resilient consensus protocol exists synchrony asynchrony partial synchrony fail-stop f+1 inf 2f+1 crash 2f+1 (Paxos) byzantine with digital signature f+1 (SM(f+1)) ??? byzantine with authenticated channel 3f+1 (OM(f))

64 Byzantine with digital signature in partial synchrony
No partial synchronous protocols can tolerate ⅓ faults. Sound familiar? Assume there exist a protocol that can solve it.

65 Byzantine with digital signature in partial synchrony
RETREAT! RETREAT! ATTACK! ATTACK! ATTACK! RETREAT! the commander said “RETREAT!” It takes less than T_r to reach a consensus It takes less than T_l to reach a consensus the commander said “ATTACK!” I should ATTACK! I should RETREAT! It takes more than max(T_l, T_r) for messaged to be delivered

66 Practical Byzantine Fault Tolerance
Commander sends the value to every lieutenant Every lieutenant if it receives a new value v, broadcast (prepare, v) if it receives 2f+1 (prepare, v), broadcast (commit, v) if it receives 2f+1 (commit, v), broadcast (committed, v) if it receivers f+1 (committed, v), broadcast (committed, v)

67 Practical Byzantine Fault Tolerance
Commander sends the value to every lieutenant Every lieutenant if it receives a new value v, broadcast (prepare, v) if it receives 2f+1 (prepare, v), broadcast (commit, v) if it receives 2f+1 (commit, v), broadcast (committed, v) if it receivers f+1 (committed, v), broadcast (committed, v) Ensure agreement Ensure liveness under an loyal commander

68 Practical Byzantine Fault Tolerance
Commander sends the value to every lieutenant Every lieutenant if it receives a new value v, broadcast (prepare, v) if it receives 2f+1 (prepare, v), broadcast (commit, v) if it receives 2f+1 (commit, v), broadcast (committed, v) if it receivers f+1 (committed, v), broadcast (committed, v) Ensure agreement Ensure liveness under an loyal commander What if the commander is faulty? we need view change

69 Minimum number required for which
an f-resilient consensus protocol exists synchrony asynchrony partial synchrony fail-stop f+1 inf 2f+1 crash 2f+1 (Paxos) byzantine with digital signature f+1 (SM(f+1)) 3f+1(PBFT) byzantine with authenticated channel 3f+1 (OM(f))

70 Thoughts Defined Byzantine generals problem
Proved lower bound in synchronous environment with authenticated channel Introduced solutions in synchronous environment with authenticated channel and with digital signature But today we usually discuss about the case when in partial synchronous/asynchronous environment with digital signature where PBFT works

71 Timeline 1982 1998 ???? 1990 2008 The Byzantine Generals Problem
OM() sync/authenticated channel SM() sync/digital signature 1998 Practical Byzantine Fault Tolerance PBFT: partial sync/ digital signature/ state machine replication ???? ??? The part-time parliament Paxos: async/non-byzantine(crash- failure) 1990 2008 Bitcoin: A peer-to-peer electronic cash system Blockchain: partial sync/ proof of work/ state machine replication

Download ppt "The Byzantine Generals Problem"

Similar presentations

Fault Tolerance. Basic System Concept Basic Definitions Failure: deviation of a system from behaviour described in its specification. Error: part of.

Fault Tolerance. Basic System Concept Basic Definitions Failure: deviation of a system from behaviour described in its specification. Error: part of.
+ The Byzantine Generals Problem Leslie Lamport, Robert Shostak and Marshall Pease Presenter: Jose Calvo-Villagran

+ The Byzantine Generals Problem Leslie Lamport, Robert Shostak and Marshall Pease Presenter: Jose Calvo-Villagran
Byzantine Generals. Outline r Byzantine generals problem.

Byzantine Generals. Outline r Byzantine generals problem.
The Byzantine Generals Problem Leslie Lamport, Robert Shostak and Marshall Pease Presenter: Phyo Thiha Date: 4/1/2008.

The Byzantine Generals Problem Leslie Lamport, Robert Shostak and Marshall Pease Presenter: Phyo Thiha Date: 4/1/2008.
Agreement: Byzantine Generals UNIVERSITY of WISCONSIN-MADISON Computer Sciences Department CS 739 Distributed Systems Andrea C. Arpaci-Dusseau Paper: “The.

Agreement: Byzantine Generals UNIVERSITY of WISCONSIN-MADISON Computer Sciences Department CS 739 Distributed Systems Andrea C. Arpaci-Dusseau Paper: “The.
The Byzantine Generals Problem Boon Thau Loo CS294-4.

The Byzantine Generals Problem Boon Thau Loo CS294-4.
The Byzantine Generals Problem Leslie Lamport, Robert Shostak, Marshall Pease 10.05.2015Distributed Algorithms A1 Presented by: Anna Bendersky.

The Byzantine Generals Problem Leslie Lamport, Robert Shostak, Marshall Pease Distributed Algorithms A1 Presented by: Anna Bendersky.
Prepared by Ilya Kolchinsky.  n generals, communicating through messengers  some of the generals (up to m) might be traitors  all loyal generals should.

Prepared by Ilya Kolchinsky.  n generals, communicating through messengers  some of the generals (up to m) might be traitors  all loyal generals should.
CSE 486/586, Spring 2012 CSE 486/586 Distributed Systems Byzantine Fault Tolerance Steve Ko Computer Sciences and Engineering University at Buffalo.

CSE 486/586, Spring 2012 CSE 486/586 Distributed Systems Byzantine Fault Tolerance Steve Ko Computer Sciences and Engineering University at Buffalo.
DISTRIBUTED SYSTEMS II FAULT-TOLERANT AGREEMENT Prof Philippas Tsigas Distributed Computing and Systems Research Group.

DISTRIBUTED SYSTEMS II FAULT-TOLERANT AGREEMENT Prof Philippas Tsigas Distributed Computing and Systems Research Group.
Byzantine Generals Problem: Solution using signed messages.

Byzantine Generals Problem: Solution using signed messages.
Byzantine Generals Problem Anthony Soo Kaim Ryan Chu Stephen Wu.

Byzantine Generals Problem Anthony Soo Kaim Ryan Chu Stephen Wu.
Copyright 2006 Koren & Krishna ECE655/ByzGen.1 UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Fault Tolerant Computing ECE 655.

Copyright 2006 Koren & Krishna ECE655/ByzGen.1 UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Fault Tolerant Computing ECE 655.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 15 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 15 Wenbing Zhao Department of Electrical and Computer Engineering.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 15 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 15 Wenbing Zhao Department of Electrical and Computer Engineering.
Distributed Algorithms: Agreement Protocols. Problems of Agreement l A set of processes need to agree on a value (decision), after one or more processes.

Distributed Algorithms: Agreement Protocols. Problems of Agreement l A set of processes need to agree on a value (decision), after one or more processes.
The Byzantine Generals Problem Leslie Lamport Robert Shostak Marshall Pease.

The Byzantine Generals Problem Leslie Lamport Robert Shostak Marshall Pease.
Distributed Consensus Reaching agreement is a fundamental problem in distributed computing. Some examples are Leader election / Mutual Exclusion Commit.

Distributed Consensus Reaching agreement is a fundamental problem in distributed computing. Some examples are Leader election / Mutual Exclusion Commit.
Lecture #12 Distributed Algorithms (I) CS492 Special Topics in Computer Science: Distributed Algorithms and Systems.

Lecture #12 Distributed Algorithms (I) CS492 Special Topics in Computer Science: Distributed Algorithms and Systems.
DISTRIBUTED SYSTEMS II FAULT-TOLERANT AGREEMENT Prof Philippas Tsigas Distributed Computing and Systems Research Group.

DISTRIBUTED SYSTEMS II FAULT-TOLERANT AGREEMENT Prof Philippas Tsigas Distributed Computing and Systems Research Group.

Similar presentations

Ads by Google