Parsimonious Asynchronous Byzantine-Fault-Tolerant Atomic Broadcast

Atomic broadcast is a communication primitive that allows a group of n parties to deliver a common sequence of payload messages despite the failure of some parties. We address the problem of asynchronous atomic broadcast when up to t < n/3 parties may exhibit Byzantine behavior. We provide the first protocol with an amortized expected message complexity of $\mathcal{O}(n)$ per delivered payload. The most efficient previous solutions are the BFT protocol by Castro and Liskov and the KS protocol by Kursawe and Shoup, both of which have message complexity $\mathcal{O}(n^2)$. Like the BFT and KS protocols, our protocol is optimistic and uses inexpensive mechanisms during periods when no faults occur; when network instability or faults are detected, it switches to a more expensive recovery mode. The key idea of our solution is to replace reliable broadcast in the KS protocol by consistent broadcast, which reduces the message complexity from $\mathcal{O}(n^2)$ to $\mathcal{O}(n)$ in the optimistic mode. But since consistent broadcast provides weaker guarantees than reliable broadcast, our recovery mode incorporates novel techniques to ensure that safety and liveness are always satisfied.

[1]  Michael O. Rabin,et al.  Randomized byzantine generals , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[2]  Michael K. Reiter,et al.  The Rampart Toolkit for Building High-Integrity Services , 1994, Dagstuhl Seminar on Distributed Systems.

[3]  LiskovBarbara,et al.  Practical byzantine fault tolerance and proactive recovery , 2002 .

[4]  Miguel Castro,et al.  Practical byzantine fault tolerance and proactive recovery , 2002, TOCS.

[5]  B SchneiderFred Implementing fault-tolerant services using the state machine approach: a tutorial , 1990 .

[6]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1983, PODS '83.

[7]  Ran Canetti,et al.  Fast asynchronous Byzantine agreement with optimal resilience , 1993, STOC.

[8]  William H. Sanders,et al.  Quantifying the cost of providing intrusion tolerance in group communication systems , 2002, Proceedings International Conference on Dependable Systems and Networks.

[9]  Dahlia Malkhi,et al.  Secure reliable multicast protocols in a WAN , 2000, Distributed Computing.

[10]  Piotr Berman,et al.  Randomized distributed agreement revisited , 1993, FTCS-23 The Twenty-Third International Symposium on Fault-Tolerant Computing.

[11]  Louise E. Moser,et al.  The SecureRing protocols for securing group communication , 1998, Proceedings of the Thirty-First Hawaii International Conference on System Sciences.

[12]  Victor Shoup,et al.  Random Oracles in Constantinople: Practical Asynchronous Byzantine Agreement Using Cryptography , 2000, Journal of Cryptology.

[13]  조위덕 Cryptography , 1987, The Official (ISC)2 SSCP CBK Reference.

[14]  Piotr Berman,et al.  Quick Atomic Broadcast (Extended Abstract) , 1993, WDAG.

[15]  Yvo Desmedt,et al.  Society and Group Oriented Cryptography: A New Concept , 1987, CRYPTO.

[16]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[17]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[18]  Leslie Lamport,et al.  The part-time parliament , 1998, TOCS.

[19]  Victor Shoup,et al.  Secure and Efficient Asynchronous Broadcast Protocols , 2001, CRYPTO.

[20]  Christian Cachin,et al.  Distributing trust on the Internet , 2001, 2001 International Conference on Dependable Systems and Networks.

[21]  Michael K. Reiter,et al.  Secure agreement protocols: reliable and atomic group multicast in rampart , 1994, CCS '94.

[22]  William H. Sanders,et al.  Quantifying the cost of providing intrusion tolerance in group communication systems , 2003, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[23]  Victor Shoup,et al.  Optimistic Asynchronous Atomic Broadcast , 2005, ICALP.

[24]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[25]  Sam Toueg,et al.  Fault-tolerant broadcasts and related problems , 1993 .

[26]  Gabriel Bracha,et al.  An asynchronous [(n - 1)/3]-resilient consensus protocol , 1984, PODC '84.

[27]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[28]  Fred B. Schneider,et al.  Distributed Trust: Supporting Fault-tolerance and Attack-tolerance , 2004 .

[29]  Victor Shoup,et al.  Practical Threshold Signatures , 2000, EUROCRYPT.

[30]  Victor Shoup,et al.  Secure and efficient asynchronous broadcast protocols : (Extended abstract) , 2001, CRYPTO 2001.