Presentation is loading. Please wait.

Presentation is loading. Please wait.

Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 1 Principles of Reliable Distributed Systems Lecture 6: Synchronous Byzantine.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 1 Principles of Reliable Distributed Systems Lecture 6: Synchronous Byzantine."— Presentation transcript:

1 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 1 Principles of Reliable Distributed Systems Lecture 6: Synchronous Byzantine Consensus Spring 2008 Prof. Idit Keidar

2 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 2 Today’s Material Attiya and Welch, Distributed Computing, –Ch. 5 Nancy Lynch, Distributed Algorithms, –Ch. 6

3 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 3 Debt from Last Week “Two Generals” Problem

4 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 4 Weak Coordinated Attack Agreement: If both generals decide, they decide the same Termination: Every general eventually decides Weak (Conditional) Validity: If both inputs are “not ready” the decision is “no attack”; if both inputs are “ready” and no messages are lost then the decision is “attack”

5 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 5 Lemma 1’ There is no protocol that solves the Weak Coordinated Attack problem and does not send any messages before deciding in runs when both inputs are “ready”. Proof: –Similar to Lemma 1 from last week. –Homework question.

6 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 6 Impossibility of Weak Coordinated Attack By induction –Lemma 1’ – base case On board

7 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 7 … and now for our feature presentation … Synchronous Byzantine Consensus

8 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 8 The Byzantine Generals Problem First formulation of the consensus problem [Pease, Shostak, Lamport 80] Let’s attack Let’s not attack

9 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 9 Byzantine Faults Faulty process can behave arbitrarily, i.e., they don’t have to follow the protocol. E.g., –can suffer benign failures – crash, timing; –can send bogus values in messages; –can send messages at the wrong time; –can send different messages to different processes; etc. Captures software bugs, hacker intrusions

10 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 10 Byzantine Nodes can Lead Correct Nodes to Conflicting Decisions Correct nodes cannot know whom to believe נדיח את מרינה נדיח את גיא

11 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 11 Byzantine-Fault-Tolerant (BFT) Consensus Only non-uniform makes sense. Why? Recall, we defined consensus as follows: –Agreement: correct processes’ decisions are the same –Termination: eventually all correct processes decide –Validity: decision is input of one process Problem?

12 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 12 Validity: Take II Strong unanimity: If the input of all the correct processes is v then no correct process decides a value other than v How resilient can an algorithm satisfying this property be? –Homework: prove this!

13 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 13 Today’s Problem: Consensus with Strong Unanimity Each process has input, should on decide output Agreement: correct processes’ decisions are the same Validity (Strong Unanimity): If the input of all the correct processes is v then no correct process decides a value other than v Termination: eventually all correct processes decide

14 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 14 2 Byzantine Models 1.Authenticated –Uses digital signatures –Assumes PKI – Public Key Infrastructure 2.Un-authenticated –No digital signatures –Secure point-to-point communication –Over the Internet – implemented with symmetric keys

15 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 15 1. Authenticated (Byzantine) Model Authentication: The receiver of a message can ascertain its origin –An intruder cannot masquerade as someone else Integrity: The receiver of a message can verify that it has not been modified in transit –An intruder cannot substitute a false message for a legitimate one Nonrepudiation: A sender cannot falsely deny later that he sent a message

16 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 16 Implementing Authentication Uses a Cryptographic Public Key Infrastructure (PKI) Each process has a well-know public key and a matching private key –  M  p is message M signed by p’s private key –Only p can generate  M  p –Every process can verify p’s signature on  M  p using p’s public key

17 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 17 Exploiting Authentication All messages are signed by their source Every receiver can verify the message Signed messages can be forwarded as proof “I can prove that Idit said that I don’t have to submit this homework assignment” –  Yossy does not have to submit homework assignment 2  Idit Liars can be exposed

18 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 18 Today’s Model 1 Round-based synchronous Static set P = {p 1, …, p n } of processes t-out-of-n Byzantine (arbitrary) failures –t < n/2 Authentication

19 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 19 Exponential Information Gathering (EIG) Algorithms Forward all received messages in each round, for t+1 rounds: In round 1: send your value to all In later rounds: for every received message m (w/out my_id) forward m + my_id to all

20 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 20 EIG with Signatures for t <n/2 send  v i  pi to all in every round 2 ≤ k ≤ t+1: for every received message m: if (m has k-1 different valid signatures and not mine) then send  m  pi to all Valid i = {  v j  pj | all messages with t+1 different valid signatures starting with p j ’s have same value v j } decide on most common value in Valid i in case of a tie – choose the default value

21 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 21 Signatures Expose Liars גיא  דן  נדיח את מרינה   דן  נדיח את גיא  דן  נדיח את מרינה  מרינה  דן  נדיח את גיא   Remove from Valid

22 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 22 Validity Need to prove Strong Unanimity: If the input of all correct processes is v then no correct process decides a value other than v Claim: At every correct p i, for all correct p j, Valid i includes  v j  pj Validity follows

23 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 23 Agreement Claim: For two correct processes p i and p j, Valid i and Valid j include the same values Agreement follows

24 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 24 Termination Decide always happens after t+1 rounds

25 Can We Improve the Resilience? Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 25

26 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 26 Validity: Take III Weak unanimity: If the input of all the correct processes is v and no process fails then no correct process decides a value other than v Does this prevent a trivial solution? Resilience? –See recitation

27 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 27 Summary of Known Results Synchronous, Byzantine Fault-Tolerant, t-resilient consensus algorithms – –Strong unanimity with authentication iff t < n/2 As we just saw –Weak unanimity with authentication: iff t < n Recitation –Without authentication: iff t < n/3 Up next

28 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 28 Model 2: Unauthenticated Byzantine Round-based synchronous Static set P = {p 1, …, p n } of processes t-out-of-n Byzantine (arbitrary) failures –t < n/3 No signatures (no authentication) –But secure point-to-point channels –Model of [Lamport, Pease, Shostak 80]

29 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 29 EIG: Reminder round 1: send  v i, p i  to all in every round 2 ≤ k ≤ t+1: for every received message m: if (m has k-1 different ids and not mine) then send  m, p i  to all Forward all received messages in every round t+1 rounds Exponential messages

30 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 30 Information Gathering Tree at Each Process v1v1 v2v2 vnvn … v 1 p 2 v 1 p 3 … v 2 p 1 v 2 p 3 v n p 1 v n p 2 …… Round 1 Round 2 v n p 1 p 2..p f … v 1 p 2 p 3 …p f+1 … Round f+1

31 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 31 EIG Decision W/Out Signatures Resolve tree from leaves upward –Decide on root’s value, default value if nil  For each internal node: take strict majority of child values –nil  if none exists Each node has at least n-t children (t+1 levels) –At least n-2t  3t+1-2t = t+1 correct ones –Correct children are a majority –If node does not lie – all correct children are the same  

32 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 32 Validity At a correct p i, for a correct p j –in the resolved information gathering tree –level 1 node j holds correct v j Strong Unanimity: If the input of all correct processes is v then all correct processes decide v v1v1 v2v2 vnvn …Round 1

33 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 33 Agreement Common node: resolved value agreed upon by all correct processes Lemma: in every sub-tree, if there is a common node in every path from a leaf to the root, then the root is common ……

34 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 34 Agreement Follows The depth of the tree is t+1 So there is a correct process on the path to the root from every leaf in the tree All correct processes are common –Proven where we showed Validity From the lemma, the root is common

35 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 35 EIG Algorithm: Summary Optimal worst-case number of rounds –t+1 –Not early-deciding Optimal resilience –t<n/3 Exponential messages –Send entire tree in one big message –Size  (n t+2 )

Download ppt "Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2008 1 Principles of Reliable Distributed Systems Lecture 6: Synchronous Byzantine."

Similar presentations

Fault Tolerance. Basic System Concept Basic Definitions Failure: deviation of a system from behaviour described in its specification. Error: part of.

Fault Tolerance. Basic System Concept Basic Definitions Failure: deviation of a system from behaviour described in its specification. Error: part of.
Impossibility of Distributed Consensus with One Faulty Process

Impossibility of Distributed Consensus with One Faulty Process
Agreement: Byzantine Generals UNIVERSITY of WISCONSIN-MADISON Computer Sciences Department CS 739 Distributed Systems Andrea C. Arpaci-Dusseau Paper: “The.

Agreement: Byzantine Generals UNIVERSITY of WISCONSIN-MADISON Computer Sciences Department CS 739 Distributed Systems Andrea C. Arpaci-Dusseau Paper: “The.
6.852: Distributed Algorithms Spring, 2008 Class 7.

6.852: Distributed Algorithms Spring, 2008 Class 7.
Computer Science 425 Distributed Systems CS 425 / ECE 428 Consensus

Computer Science 425 Distributed Systems CS 425 / ECE 428 Consensus
The Byzantine Generals Problem Boon Thau Loo CS294-4.

The Byzantine Generals Problem Boon Thau Loo CS294-4.
The Byzantine Generals Problem Leslie Lamport, Robert Shostak, Marshall Pease 10.05.2015Distributed Algorithms A1 Presented by: Anna Bendersky.

The Byzantine Generals Problem Leslie Lamport, Robert Shostak, Marshall Pease Distributed Algorithms A1 Presented by: Anna Bendersky.
Prepared by Ilya Kolchinsky.  n generals, communicating through messengers  some of the generals (up to m) might be traitors  all loyal generals should.

Prepared by Ilya Kolchinsky.  n generals, communicating through messengers  some of the generals (up to m) might be traitors  all loyal generals should.
DISTRIBUTED SYSTEMS II FAULT-TOLERANT AGREEMENT Prof Philippas Tsigas Distributed Computing and Systems Research Group.

DISTRIBUTED SYSTEMS II FAULT-TOLERANT AGREEMENT Prof Philippas Tsigas Distributed Computing and Systems Research Group.
Byzantine Generals Problem: Solution using signed messages.

Byzantine Generals Problem: Solution using signed messages.
Failure Detectors. Can we do anything in asynchronous systems? Reliable broadcast –Process j sends a message m to all processes in the system –Requirement:

Failure Detectors. Can we do anything in asynchronous systems? Reliable broadcast –Process j sends a message m to all processes in the system –Requirement:
CPSC 668Set 10: Consensus with Byzantine Failures1 CPSC 668 Distributed Algorithms and Systems Fall 2009 Prof. Jennifer Welch.

CPSC 668Set 10: Consensus with Byzantine Failures1 CPSC 668 Distributed Algorithms and Systems Fall 2009 Prof. Jennifer Welch.
1 Principles of Reliable Distributed Systems Lectures 11: Authenticated Byzantine Consensus Spring 2005 Dr. Idit Keidar.

1 Principles of Reliable Distributed Systems Lectures 11: Authenticated Byzantine Consensus Spring 2005 Dr. Idit Keidar.
1 Principles of Reliable Distributed Systems Lecture 6: Synchronous Uniform Consensus Spring 2005 Dr. Idit Keidar.

1 Principles of Reliable Distributed Systems Lecture 6: Synchronous Uniform Consensus Spring 2005 Dr. Idit Keidar.
1 Principles of Reliable Distributed Systems Lecture 3: Synchronous Uniform Consensus Spring 2006 Dr. Idit Keidar.

1 Principles of Reliable Distributed Systems Lecture 3: Synchronous Uniform Consensus Spring 2006 Dr. Idit Keidar.
Sergio Rajsbaum 2006 Lecture 3 Introduction to Principles of Distributed Computing Sergio Rajsbaum Math Institute UNAM, Mexico.

Sergio Rajsbaum 2006 Lecture 3 Introduction to Principles of Distributed Computing Sergio Rajsbaum Math Institute UNAM, Mexico.
Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2009 1 Principles of Reliable Distributed Systems Lecture 5: Synchronous (Uniform)

Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Lecture 5: Synchronous (Uniform)
 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2006 1 Principles of Reliable Distributed Systems Lecture 7: Failure Detectors.

 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Lecture 7: Failure Detectors.
 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2009 1 Principles of Reliable Distributed Systems Lecture 10: SMR with Paxos.

 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Lecture 10: SMR with Paxos.
CPSC 668Set 10: Consensus with Byzantine Failures1 CPSC 668 Distributed Algorithms and Systems Fall 2006 Prof. Jennifer Welch.

CPSC 668Set 10: Consensus with Byzantine Failures1 CPSC 668 Distributed Algorithms and Systems Fall 2006 Prof. Jennifer Welch.

Similar presentations

Ads by Google