How to spread adversarial nodes?: rotate!

In this paper we study the problem of how to keep a dynamic system of nodes well-mixed even under adversarial behavior. This problem is very important in the context of distributed systems.More specifically, we consider the following game: There are n white pebbles and ε n black pebbles for some fixed constant ε < 1. Initially, all of the white pebbles are laid down in a ring, and the adversary has all of the black pebbles in its bag. In each round, the adversary can look at the entire ring and can select to add a black pebble to the ring (if its bag is not empty) or to take any black pebble from the ring and put it back into its bag (i.e. we consider adaptive adversaries). However, the adversary cannot place a black pebble into any position it likes. This is handled by a join strategy to be specified by the system. The goal is to find an oblivious join strategy, i.e. a strategy that cannot distinguish between the white and black pebbles in the ring, that integrates the black pebbles into this ring and may do some further rearrangements so that for a polynomial number of rounds the adversary will not manage to include its black pebbles into the ring so that there is a sequence of s=Θ(log n) consecutive pebbles in which at least half of the pebbles are black. If this is achieved by the join strategy, it wins. Otherwise, the adversary wins.Of course, the brute-force strategy of rearranging all of the pebbles in the ring at random after each insertion of a black pebble will achieve the stated goal, with high probability, but this would be a very expensive strategy. The challenge is to find a join strategy that needs as little randomness and as few rearrangements as possible in order to win with high probability. In this paper, we present and analyze a very simple strategy called k-rotation that chooses k-1 existing positions uniformly at random in the ring, creates a new position uniformly at random in the ring, and then rotates the new pebble and the k-1 old pebbles along these positions. Interestingly, even if the adversary has just $s$ pebbles, it can still win for k=2. But the k-rotation rule wins with high probability for k=3 as long as ε<2/3, demonstrating that there is a sharp threshold for keeping pebbles in a sufficiently perturbed state.

[1]  Antony I. T. Rowstron,et al.  Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems , 2001, Middleware.

[2]  Moti Yung,et al.  Proactive RSA , 1997, CRYPTO.

[3]  Robert Tappan Morris,et al.  Security Considerations for Peer-to-Peer Distributed Hash Tables , 2002, IPTPS.

[4]  Mark Handley,et al.  A scalable content-addressable network , 2001, SIGCOMM '01.

[5]  Hugo Krawczyk,et al.  Proactive Secret Sharing Or: How to Cope With Perpetual Leakage , 1995, CRYPTO.

[6]  Ran Canetti,et al.  Proactive Security: Long-term protection against break-ins , 1997 .

[7]  Ran Canetti,et al.  Maintaining Authenticated Communication in the Presence of Break-Ins , 1997, PODC '97.

[8]  Markus Jakobsson,et al.  Proactive public key and signature systems , 1997, CCS '97.

[9]  Amir Herzberg,et al.  Network Randomization Protocol: A Proactive Pseudo-Random Generator , 1995, USENIX Security Symposium.

[10]  Moti Yung,et al.  Optimal-resilience proactive public-key cryptosystems , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[11]  Dan S. Wallach,et al.  A Taxonomy of Rational Attacks , 2005, IPTPS.

[12]  Tal Rabin,et al.  A Simplified Approach to Threshold and Proactive RSA , 1998, CRYPTO.

[13]  P. Diaconis,et al.  Generating a random permutation with random transpositions , 1981 .

[14]  Rafail Ostrovsky,et al.  How to withstand mobile virus attacks (extended abstract) , 1991, PODC '91.

[15]  Matthew K. Franklin,et al.  Efficient generation of shared RSA keys , 2001, JACM.

[16]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[17]  Tal Rabin,et al.  Simplified VSS and fast-track multiparty computations with applications to threshold cryptography , 1998, PODC '98.

[18]  Mudhakar Srivatsa,et al.  Vulnerabilities and security threats in structured overlay networks: a quantitative analysis , 2004, 20th Annual Computer Security Applications Conference.

[19]  Dan S. Wallach,et al.  Denial of Service via Algorithmic Complexity Attacks , 2003, USENIX Security Symposium.

[20]  Moni Naor,et al.  Scalable and dynamic quorum systems , 2003, PODC.

[21]  Miguel Castro,et al.  Secure routing for structured peer-to-peer overlay networks , 2002, OSDI '02.

[22]  Ben Y. Zhao,et al.  An Infrastructure for Fault-tolerant Wide-area Location and Routing , 2001 .

[23]  Moni Naor,et al.  Fault-Tolerant Storage in a Dynamic Environment , 2004, DISC.

[24]  Peter Druschel,et al.  Pastry: Scalable, distributed object location and routing for large-scale peer-to- , 2001 .

[25]  Christian Scheideler,et al.  Group Spreading: A Protocol for Provably Secure Distributed Name Service , 2004, ICALP.

[26]  Ittai Abraham,et al.  Probabilistic Quorums for Dynamic Systems , 2003, DISC.

[27]  James Aspnes,et al.  Skip graphs , 2003, SODA '03.

[28]  Ran Canetti,et al.  Maintaining Security in the Presence of Transient Faults , 1994, CRYPTO.

[29]  Anna Lysyanskaya,et al.  Asynchronous verifiable secret sharing and proactive cryptosystems , 2002, CCS '02.

[30]  Miguel Castro,et al.  Security for Structured Peer-to-peer Overlay Networks , 2004 .

[31]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[32]  Baruch Awerbuch,et al.  Verifiable secret sharing and achieving simultaneity in the presence of faults , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[33]  Matthew K. Franklin,et al.  Efficient Generation of Shared RSA Keys (Extended Abstract) , 1997, CRYPTO.

[34]  R. Canetti,et al.  Proactive Security : Long-term Protection Against Break , 1997 .

[35]  Ben Y. Zhao,et al.  Tapestry: An Infrastructure for Fault-tolerant Wide-area Location and , 2001 .

[36]  C. Scheideler Probabilistic Methods for Coordination Problems , 2000 .

[37]  David R. Karger,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.

[38]  Yuval Ishai,et al.  The round complexity of verifiable secret sharing and secure multicast , 2001, STOC '01.

[39]  Rafail Ostrovsky,et al.  How To Withstand Mobile Virus Attacks , 1991, PODC 1991.

[40]  Hugo Krawczyk,et al.  Robust Threshold DSS Signatures , 1996, Inf. Comput..