Communication-Efficient BFT Protocols Using Small Trusted Hardware to Tolerate Minority Corruption

Agreement protocols for partially synchronous or asynchronous networks tolerate fewer than one-third Byzantine faults. If parties are equipped with trusted hardware that prevents equivocation, then fault tolerance can be improved to fewer than one-half Byzantine faults, but typically at the cost of increased communication complexity. In this work, we present results that use small trusted hardware without worsening communication complexity assuming the adversary controls a fraction of the network that is less than one-half. Our results include a version of HotStuff that retains linear communication complexity in each view and a version of the VABA protocol with quadratic communication, both leveraging trusted hardware to tolerate a minority of corruptions. Our results use expander graphs to achieve efficient communication in a manner that may be of independent interest.

[1]  Dan Boneh,et al.  Architectural support for copy and tamper resistant software , 2000, SIGP.

[2]  Marcos K. Aguilera,et al.  Fast Asynchronous Consensus with Optimal Resilience , 2010, DISC.

[3]  Kartik Nayak,et al.  Sync HotStuff: Simple and Practical Synchronous State Machine Replication , 2020, 2020 IEEE Symposium on Security and Privacy (SP).

[4]  Erik Vee,et al.  Scalable leader election , 2006, SODA '06.

[5]  Rüdiger Kapitza,et al.  Blockchain and Trusted Computing: Problems, Pitfalls, and a Solution for Hyperledger Fabric , 2018, ArXiv.

[6]  Elaine Shi,et al.  Streamlet: Textbook Streamlined Blockchains , 2020, IACR Cryptol. ePrint Arch..

[7]  Ittai Abraham,et al.  Asymptotically Optimal Validated Asynchronous Byzantine Agreement , 2019, PODC.

[8]  Jared Saia,et al.  Breaking the O(n2) bit barrier: scalable byzantine agreement with an adaptive adversary , 2010, PODC.

[9]  Srinivas Devadas,et al.  Intel SGX Explained , 2016, IACR Cryptol. ePrint Arch..

[10]  Scott Shenker,et al.  Attested append-only memory: making adversaries stick to their word , 2007, SOSP.

[11]  Danny Dolev,et al.  Authenticated Algorithms for Byzantine Agreement , 1983, SIAM J. Comput..

[12]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[13]  Johannes Behl,et al.  CheapBFT: resource-efficient byzantine fault tolerance , 2012, EuroSys '12.

[14]  Marten van Dijk,et al.  AEGIS: architecture for tamper-evident and tamper-resistant processing , 2003, ICS '03.

[15]  Nancy A. Lynch,et al.  Consensus in the presence of partial synchrony , 1988, JACM.

[16]  Victor Shoup,et al.  Random Oracles in Constantinople: Practical Asynchronous Byzantine Agreement Using Cryptography , 2000, Journal of Cryptology.

[17]  Jonathan Katz,et al.  On expected constant-round protocols for Byzantine agreement , 2006, J. Comput. Syst. Sci..

[18]  Ling Ren,et al.  Optimal Communication Complexity of Byzantine Consensus under Honest Majority , 2020, ArXiv.

[19]  Nancy A. Lynch,et al.  Easy impossibility proofs for distributed consensus problems , 1985, PODC '85.

[20]  Miguel Correia,et al.  Efficient Byzantine Fault-Tolerance , 2013, IEEE Transactions on Computers.

[21]  Jacob R. Lorch,et al.  TrInc: Small Trusted Hardware for Large Distributed Systems , 2009, NSDI.

[22]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[23]  Ruby B. Lee,et al.  Scalable architectural support for trusted software , 2010, HPCA - 16 2010 The Sixteenth International Symposium on High-Performance Computer Architecture.

[24]  Hovav Shacham,et al.  Iago attacks: why the system call API is a bad untrusted RPC interface , 2013, ASPLOS '13.

[25]  Johannes Behl,et al.  Hybrids on Steroids: SGX-Based High Performance BFT , 2017, EuroSys.

[26]  Donald E. Porter,et al.  Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX , 2017, USENIX Annual Technical Conference.

[27]  Victor Shoup,et al.  Practical Threshold Signatures , 2000, EUROCRYPT.

[28]  Thomas F. Wenisch,et al.  Foreshadow-NG: Breaking the virtual memory abstraction with transient out-of-order execution , 2018 .

[29]  Kartik Nayak,et al.  CCF: A Framework for Building Confidential Verifiable Replicated Services , 2019 .

[30]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[31]  Ghassan O. Karame,et al.  Scalable Byzantine Consensus via Hardware-Assisted Secret Sharing , 2016, IEEE Transactions on Computers.

[32]  Kartik Nayak,et al.  Practical Synchronous Byzantine Consensus , 2017, IACR Cryptol. ePrint Arch..

[33]  Miguel Correia,et al.  EBAWA: Efficient Byzantine Agreement for Wide-Area Networks , 2010, 2010 IEEE 12th International Symposium on High Assurance Systems Engineering.

[34]  N. Linial,et al.  Expander Graphs and their Applications , 2006 .

[35]  Thomas F. Wenisch,et al.  Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution , 2018, USENIX Security Symposium.

[36]  Alexander Nilsson,et al.  A Survey of Published Attacks on Intel SGX , 2020, ArXiv.

[37]  Michael K. Reiter,et al.  Flicker: an execution infrastructure for tcb minimization , 2008, Eurosys '08.