Prasant Gopal Anumanchipalli
ABSTRACT
Global consistency or Byzantine Agreement (BA) and reliable point-to-point communication are two of the most important and well-studied problems in distributed computing. Informally, BA is about maintaining a consistent view of the world among all the non-faulty players in the presence of faults. In a synchronous network over n nodes of which up to any t are corrupted by a Byzantine adversary, BA is possible only if all pair point-to-point reliable communication is possible [Dol82, DDWY93] Specifically, in the standard unauthenticated model, (2t + 1)-connectivity is necessary whereas in the authenticated setting (t + 1)-connectivity is required. Thus, a folklore is that maintaining global consistency is at least as hard as the problem of all pair point-to-point communication. Equivalently, it is widely believed that protocols for BA over incomplete graphs exist only if it is possible to simulate an overlay-ed complete graph. Surprisingly, we show that the folklore is far from true-- achieving global consistency can be strictly easier than all-pair point-to-point communication.
In the authenticated model, it is assumed that the adversary can forge the signatures of only those nodes under its control. In contrast, the unauthenticated model assumes that the adversary can forge the signatures of all the nodes (that is, secure signatures are not used). We initiate a study on the entire gamut of BA's in between, viz., the adversary can forge the signatures of up to any k nodes apart from the up to t nodes that it can actively corrupt. We completely characterize the possibility of BA across the spectrum. Thus, our work attempts to unify the extant literature on agreement. It is, however, more than a mere attempt towards unification as it provides insights into the field. Specifically, apart from the extremes (of k = 0 and k = n − t where aforementioned folklore is known to hold), for every intermediate k, there are several networks over which BA is possible but all-pair point-to-point communication is not.
- {DDS87} Danny Dolev, Cynthia Dwork, and Larry Stockmeyer. On the minimal synchronism needed for distributed consensus. J. ACM, 34(1):77--97, 1987. Google Scholar
Digital Library
- {DDWY93} D. Dolev, C. Dwork, O. Waarts, and M. Yung. Perfectly Secure Message Transmission. Journal of the Association for Computing Machinery (JACM), 40(1):17--47, January 1993. Google ScholarDigital Library
- {Dol82} D. Dolev. The Byzantine Generals Strike Again. Journal of Algorithms, 3(1):14--30, March 1982.Google ScholarCross Ref
- {FLP85} Michael J. Fischer, Nancy A. Lynch, and Michael S. Paterson. Impossibility of distributed consensus with one faulty process. J. ACM, 32(2):374--382, 1985. Google ScholarDigital Library
- {Gam85} Taher El Gamal. A public key cryptosystem and a signature scheme based on discrete logarithms. In Proceedings of CRYPTO 84 on Advances in cryptology, pages 10--18, New York, NY, USA, 1985. Springer-Verlag New York, Inc. Google ScholarDigital Library
- {Gar94} J. A. Garay. Reaching (and Maintaining) Agreement in the Presence of Mobile Faults. In Proceedings of the 8th International Workshop on Distributed Algorithms-WDAG '94, volume 857 of Lecture Notes in Computer Science (LNCS), pages 253--264, 1994. Google ScholarDigital Library
- {GPV08} Craig Gentry, Chris Peikert, and Vinod Vaikuntanathan. Trapdoors for hard lattices and new cryptographic constructions. In STOC, pages 197--206, 2008. Google ScholarDigital Library
- {HKN+05} Danny Harnik, Joe Kilian, Moni Naor, Omer Reingold, and Alon Rosen. On robust combiners for oblivious transfer and other primitives. In EUROCRYPT, pages 96--113, 2005.Google ScholarDigital Library
- {Lyn96} N. Lynch. Distributed Algorithms. Morgan Kaufmann, San Mateo, CA, USA, 1996. Google ScholarDigital Library
- {MP06} Remo Meier and Bartosz Przydatek. On robust combiners for private information retrieval and other primitives. In CRYPTO, pages 555--569, 2006.Google ScholarDigital Library
- {MPW07} Remo Meier, Bartosz Przydatek, and Jüurg Wullschleger. Robuster combiners for oblivious transfer. In TCC, pages 404--418, 2007.Google ScholarCross Ref
- {PSL80} M. Pease, R. Shostak, and L. Lamport. Reaching agreement in the presence of faults. J. ACM, 27(2):228--234, 1980. Google ScholarDigital Library
- {Reg04} Oded Regev. New lattice-based cryptographic constructions. In J. ACM, volume 51, pages 899--942, New York, NY, USA, 2004. ACM. Google ScholarDigital Library
- {RSA78} R. L. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public-key cryptosystems. In Communications of the ACM, volume 21, pages 120--126, 1978. Google ScholarDigital Library
- {Sha93} Adi Shamir. Efficient signature schemes based on birational permutations. In CRYPTO, pages 1--12, 1993. Google ScholarDigital Library
Index Terms
- Brief announcement: global consistency can be easier than point-to-point communication
Recommendations
Brief announcement: secret handshakes from CA-oblivious encryption
PODC '04: Proceedings of the twenty-third annual ACM symposium on Principles of distributed computingSecret handshake protocols were recently introduced by Balfanz, et al. [1] to allow members of the same group to authenticate each other secretly, in the sense that someone who is not a group member cannot tell, by engaging in the handshake protocol, ...
Efficient reliable communication over partially authenticated networks
Special issue: PODC 02Reliable communication between processors in a network is a basic requirement for executing any protocol. Dolev [7] and Dolev et al. [8] showed that reliable communication is possible if and only if the communication network is sufficiently connected. ...
Brief announcement: k-shot distributed broadcasting in radio networks
PODC '10: Proceedings of the 29th ACM SIGACT-SIGOPS symposium on Principles of distributed computingWe study distributed broadcasting protocols with few transmissions ('shots') in radio networks with unknown topology. In particular, we examine the case in which a bound k is given and a node may transmit at most k times during the broadcasting ...
Comments