Reaching Consensus for Asynchronous Distributed Key Generation

We give a protocol for Asynchronous Distributed Key Generation (A-DKG) that is optimally resilient (can withstand f < n over 3 faulty parties), has a constant expected number of rounds, has Õ (n3) expected communication complexity, and assumes only the existence of a PKI. Prior to our work, the best A-DKG protocols required Ω(n) expected number of rounds, and Ω(n4) expected communication. Our A-DKG protocol relies on several building blocks that are of independent interest. We define and design a Proposal Election (PE) protocol that allows parties to retrospectively agree on a validproposal after enough proposals have been sent from different parties. With constant probability the elected proposal was proposed by a nonfaulty party. In building our PE protocol, we design a Verifiable Gather protocol which allows parties to communicate which proposals they have and have not seen in a verifiable manner. The final building block to our A-DKG is a Validated Asynchronous Byzantine Agreement (VABA) protocol. We use our PE protocol to construct a VABA protocol that does not require leaders or an asynchronous DKG setup. Our VABA protocol can be used more generally when it is not possible to use threshold signatures.

[1]  Victor Shoup,et al.  Random Oracles in Constantinople: Practical Asynchronous Byzantine Agreement Using Cryptography , 2000, Journal of Cryptology.

[2]  Victor Shoup,et al.  Secure and Efficient Asynchronous Broadcast Protocols , 2001, CRYPTO.

[3]  Aniket Kate,et al.  Asynchronous Computational VSS with Reduced Communication Complexity , 2013, CT-RSA.

[4]  Robbert van Renesse,et al.  APSS: proactive secret sharing in asynchronous systems , 2005, TSEC.

[5]  Michael Ben-Or,et al.  Another advantage of free choice (Extended Abstract): Completely asynchronous agreement protocols , 1983, PODC '83.

[6]  Ashish Choudhury,et al.  Almost-Surely Terminating Asynchronous Byzantine Agreement Revisited , 2018, IACR Cryptol. ePrint Arch..

[7]  D. Dolev,et al.  Bounds on information exchange for Byzantine agreement , 1985, JACM.

[8]  Tal Rabin,et al.  Asynchronous secure computations with optimal resilience (extended abstract) , 1994, PODC '94.

[9]  Martin Hirt,et al.  Simple and Efficient Perfectly-Secure Asynchronous MPC , 2007, ASIACRYPT.

[10]  Silvio Micali,et al.  Optimal algorithms for Byzantine agreement , 1988, STOC '88.

[11]  Michael J. Fischer,et al.  Scalable Bias-Resistant Distributed Randomness , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[12]  Silvio Micali,et al.  An Optimal Probabilistic Protocol for Synchronous Byzantine Agreement , 1997, SIAM J. Comput..

[13]  Gabriel Bracha,et al.  An asynchronous [(n - 1)/3]-resilient consensus protocol , 1984, PODC '84.

[14]  Ittai Abraham,et al.  HotStuff: BFT Consensus with Linearity and Responsiveness , 2019, PODC.

[15]  Gabriel Bracha,et al.  Asynchronous Byzantine Agreement Protocols , 1987, Inf. Comput..

[16]  Jonathan Katz,et al.  On Expected Constant-Round Protocols for Byzantine Agreement , 2006, CRYPTO.

[17]  Dahlia Malkhi,et al.  Asynchronous Distributed Key Generation for Computationally-Secure Randomness, Consensus, and Threshold Signatures. , 2020, CCS.

[18]  Ittai Abraham,et al.  Information Theoretic HotStuff , 2020, OPODIS.

[19]  Enis Ceyhun Alp,et al.  CALYPSO: Private Data Management for Decentralized Ledgers , 2020, Proc. VLDB Endow..

[20]  Hans-Peter Seidel,et al.  Image-based reconstruction of spatial appearance and geometric detail , 2003, TOGS.

[21]  Danny Dolev,et al.  Optimal Resilience Asynchronous Approximate Agreement , 2004, OPODIS.

[22]  Guiling Wang,et al.  Dumbo-MVBA: Optimal Multi-Valued Validated Asynchronous Byzantine Agreement, Revisited , 2020, IACR Cryptol. ePrint Arch..

[23]  Danny Dolev,et al.  Bounds on information exchange for Byzantine agreement , 1985, JACM.

[24]  Ran Canetti,et al.  Asynchronous secure computation , 1993, STOC.

[25]  C. Pandu Rangan,et al.  Simple and efficient asynchronous byzantine agreement with optimal resilience , 2009, PODC '09.

[26]  Ran Canetti,et al.  Fast asynchronous Byzantine agreement with optimal resilience , 1993, STOC.

[27]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1985, JACM.

[28]  Anna Lysyanskaya,et al.  Asynchronous verifiable secret sharing and proactive cryptosystems , 2002, CCS '02.

[29]  Adam Gągol,et al.  Aleph , 2019, Proceedings of the 1st ACM Conference on Advances in Financial Technologies.

[30]  Martin Hirt,et al.  Asynchronous Multi-Party Computation with Quadratic Communication , 2008, ICALP.

[31]  Ittai Abraham,et al.  Asymptotically Optimal Validated Asynchronous Byzantine Agreement , 2019, PODC.

[32]  Ashish Choudhury,et al.  Optimally Resilient Asynchronous MPC with Linear Communication Complexity , 2015, ICDCN.

[33]  Guy Golan Gueta,et al.  HotStuff , 2019, Proceedings of the 2019 ACM Symposium on Principles of Distributed Computing.

[34]  Gilad Stern,et al.  Aggregatable Distributed Key Generation , 2021, IACR Cryptol. ePrint Arch..

[35]  Ian Goldberg,et al.  Distributed Key Generation in the Wild , 2012, IACR Cryptol. ePrint Arch..

[36]  Stefano Tessaro,et al.  Asynchronous Verifiable Information Dispersal , 2005, DISC.

[37]  Danny Dolev,et al.  An almost-surely terminating polynomial protocol for asynchronous byzantine agreement with optimal resilience , 2008, PODC '08.

[38]  Damian Lesniak,et al.  Aleph: Efficient Atomic Broadcast in Asynchronous Networks with Byzantine Nodes , 2019, AFT.