Optimal and Error-Free Multi-Valued Byzantine Consensus Through Parallel Execution

Multi-valued Byzantine Consensus (BC), in which n processes must reach agreement on a single L-bit value, is an essential primitive in the design of distributed cryptographic protocols and fault-tolerant distributed systems. One of the most desirable traits for a multi-valued BC protocol is to be error-free. In other words, have zero probability of producing incorrect results. The most efficient error-free multi-valued BC protocols are built as extension protocols, which reduce agreement on large values to agreement on small sequences of bits whose lengths are independent of L. The best extension protocols achieveO(Ln) communication complexity, which is optimal, when L is large relative to n. Unfortunately, all known error-free and communicationoptimal BC extension protocols require each process to broadcast at least n bits with a binary Byzantine Broadcast (BB) protocol. This design limits the scalability of these protocols to many processes, since when n is large, the binary broadcasts significantly inflate the overall number of bits communicated by the extension protocol. In this paper, we present Byzantine Consensus with Parallel Execution (BCPE), the first error-free and communication-optimal BC extension protocol in which each process only broadcasts a single bit with a binary BB protocol. BCPE is a synchronous and deterministic protocol, and tolerates f < n/3 faulty processes (the best resilience possible). Our evaluation shows that BCPE’s design makes it significantly more scalable than the best existing protocol by Ganesh and Patra. For 1,000 processes to agree on 2 MB of data, BCPE communicates 10.92× fewer bits. For agreement on 10 MB of data, BCPE communicates 6.97× fewer bits. BCPE also matches the best existing protocol in all other standard efficiency metrics. ∗Submitted to the ACM Symposium on Principles of Distributed Computing (PODC) 2020

[1]  Nitin H. Vaidya,et al.  Experimental performance comparison of Byzantine Fault-Tolerant protocols for data centers , 2012, 2012 Proceedings IEEE INFOCOM.

[2]  Andrew Chi-Chih Yao,et al.  Some complexity questions related to distributive computing(Preliminary Report) , 1979, STOC.

[3]  Nancy A. Lynch,et al.  Simple and efficient Byzantine generals algorithm , 1982 .

[4]  Yehuda Lindell,et al.  Secure Multi-Party Computation without Agreement , 2005, Journal of Cryptology.

[5]  Roger M. Kieckhafer,et al.  Exploiting Omissive Faults in Synchronous Approximate Agreement , 2000, IEEE Trans. Computers.

[6]  Ashish Choudhury,et al.  Multi-valued Asynchronous Reliable Broadcast with a Strict Honest Majority , 2017, ICDCN.

[7]  Kartik Nayak,et al.  Practical Synchronous Byzantine Consensus , 2017, IACR Cryptol. ePrint Arch..

[8]  Leslie Lamport,et al.  Reaching Agreement in the Presence of Faults , 1980, JACM.

[9]  Matthias Fitzi,et al.  Optimally efficient multi-valued byzantine agreement , 2006, PODC '06.

[10]  Ian Goldberg,et al.  Distributed Key Generation in the Wild , 2012, IACR Cryptol. ePrint Arch..

[11]  Juan A. Garay,et al.  Efficient Distributed Consensus with n = (3 + epsilon) t Processors (Extended Abstract) , 1991, WDAG.

[12]  F. Moore,et al.  Polynomial Codes Over Certain Finite Fields , 2017 .

[13]  Achour Mostéfaoui,et al.  Signature-Free Broadcast-Based Intrusion Tolerance: Never Decide a Byzantine Value , 2010, OPODIS.

[14]  Yehuda Lindell,et al.  On the composition of authenticated byzantine agreement , 2002, STOC '02.

[15]  Piotr Berman,et al.  Bit optimal distributed consensus , 1992 .

[16]  Stefan Wolf,et al.  Unconditional Security in Cryptography , 1998, Lectures on Data Security.

[17]  Victor Shoup,et al.  Secure and Efficient Asynchronous Broadcast Protocols , 2001, CRYPTO.

[18]  Brian A. Coan,et al.  Extending Binary Byzantine Agreement to Multivalued Byzantine Agreement , 1984, Inf. Process. Lett..

[19]  C. Pandu Rangan,et al.  Communication Optimal Multi-valued Asynchronous Broadcast Protocol , 2010, LATINCRYPT.

[20]  Mukesh Singhal,et al.  Advanced Concepts In Operating Systems , 1994 .

[21]  Danny Dolev,et al.  Shifting gears: changing algorithms on the fly to expedite Byzantine agreement , 1987, PODC '87.

[22]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[23]  Martin Hirt,et al.  Perfectly-Secure MPC with Linear Communication Complexity , 2008, TCC.

[24]  Bryan Ford,et al.  Enhancing Bitcoin Security and Performance with Strong Consistency via Collective Signing , 2016, USENIX Security Symposium.

[25]  Silvio Micali,et al.  Algorand: Scaling Byzantine Agreements for Cryptocurrencies , 2017, IACR Cryptol. ePrint Arch..

[26]  Nitin H. Vaidya,et al.  Deterministic Consensus Algorithm with Linear Per-Bit Complexity , 2010, ArXiv.

[27]  Danny Dolev,et al.  The Byzantine Generals Strike Again , 1981, J. Algorithms.

[28]  Nitin H. Vaidya,et al.  Error-free multi-valued consensus with byzantine failures , 2011, PODC '11.

[29]  Seif Haridi,et al.  Distributed Algorithms , 1992, Lecture Notes in Computer Science.

[30]  Divyakant Agrawal,et al.  DPaxos: Managing Data Closer to Users for Low-Latency and Mobile Applications , 2018, SIGMOD Conference.

[31]  Achour Mostéfaoui,et al.  Synchronous byzantine agreement with nearly a cubic number of communication bits: synchronous byzantine agreement with nearly a cubic number of communication bits , 2013, PODC '13.

[32]  Jason Flinn,et al.  Tolerating Latency in Replicated State Machines Through Client Speculation , 2009, NSDI.

[33]  Gabriel Bracha,et al.  Asynchronous Byzantine Agreement Protocols , 1987, Inf. Comput..

[34]  Sam Toueg,et al.  Resilient consensus protocols , 1983, PODC '83.

[35]  Nathan Linial,et al.  Fault-tolerant computation in the full information model , 1991, [1991] Proceedings 32nd Annual Symposium of Foundations of Computer Science.

[36]  J. H. Lala,et al.  Architectural principles for safety-critical real-time applications , 1994, Proc. IEEE.

[37]  Ittai Abraham,et al.  Bootstrapping Consensus Without Trusted Setup: Fully Asynchronous Distributed Key Generation , 2019, IACR Cryptol. ePrint Arch..

[38]  Arpita Patra,et al.  Optimal extension protocols for byzantine broadcast and agreement , 2020, Distributed Computing.

[39]  Rafail Ostrovsky,et al.  Information-Theoretic Broadcast with Dishonest Majority for Long Messages , 2018, IACR Cryptol. ePrint Arch..

[40]  Piotr Berman,et al.  Fast consensus in networks of bounded degree , 2005, Distributed Computing.

[41]  Yoram Moses,et al.  Fully polynomial Byzantine agreement in t + 1 rounds , 1993, STOC.

[42]  Nancy A. Lynch,et al.  A Lower Bound for the Time to Assure Interactive Consistency , 1982, Inf. Process. Lett..

[43]  C. Pandu Rangan,et al.  Communication Optimal Multi-valued Asynchronous Byzantine Agreement with Optimal Resilience , 2011, ICITS.

[44]  Achour Mostéfaoui,et al.  Signature-Free Asynchronous Byzantine Systems: From Multivalued to Binary Consensus with t < n/3, O(n2) Messages, and Constant Time , 2015, SIROCCO.

[45]  Jared Saia,et al.  Breaking the O(n2) bit barrier: scalable byzantine agreement with an adaptive adversary , 2010, PODC.

[46]  Sam Toueg,et al.  A Modular Approach to Fault-Tolerant Broadcasts and Related Problems , 1994 .

[47]  Yehuda Lindell,et al.  Information-theoretically secure protocols and security under composition , 2006, STOC '06.

[48]  Jared Saia,et al.  From Almost Everywhere to Everywhere: Byzantine Agreement with Õ(n3/2) Bits , 2009, DISC.

[49]  Anat Paskin-Cherniavsky,et al.  On the Power of Correlated Randomness in Secure Computation , 2013, TCC.

[50]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[51]  Ashish Choudhury,et al.  Asynchronous Multiparty Computation with Linear Communication Complexity , 2013, DISC.

[52]  Arpita Patra,et al.  Broadcast Extensions with Optimal Communication and Round Complexity , 2016, PODC.

[53]  Sam Toueg,et al.  Randomized Byzantine Agreements , 1984, PODC '84.

[54]  Kazue Sako,et al.  Efficient Receipt-Free Voting Based on Homomorphic Encryption , 2000, EUROCRYPT.

[55]  Lewis Tseng,et al.  Byzantine Broadcast Under a Selective Broadcast Model for Single-hop Wireless Networks , 2015, ArXiv.

[56]  Lindsay N. Childs An Introduction to Reed–Solomon Codes , 2019 .

[57]  Jorge Castiñeira Moreira,et al.  Reed–Solomon Codes , 2006 .

[58]  Arpita Patra,et al.  Error-free Multi-valued Broadcast and Byzantine Agreement with Optimal Communication Complexity , 2011, OPODIS.

[59]  Marcin Andrychowicz,et al.  Circuit Compilers with O(1/\log (n)) Leakage Rate , 2016, EUROCRYPT.

[60]  Martin Hirt,et al.  Multi-valued Byzantine Broadcast: The t < n Case , 2014, ASIACRYPT.

[61]  Brian A. Coan,et al.  Modular Construction of a Byzantine Agreement Protocol with Optimal Message Bit Complexity , 1992, Inf. Comput..

[62]  Matthias Fitzi,et al.  Unconditional Byzantine Agreement and Multi-party Computation Secure against Dishonest Minorities from Scratch , 2002, EUROCRYPT.