Efficient Asynchronous Byzantine Agreement without Private Setups

Though recent breakthroughs have greatly improved the efficiency of asynchronous Byzantine agreement protocols, they mainly focused on the setting with private setups, e.g., assuming a trusted dealer to establish non-interactive threshold cryptosystems. Challenges remain to reduce the large communication complexities in the absence of private setups, for example: (i) for asynchronous binary agreement (ABA) with optimal resilience, prior private-setup free protocols (Cachin et al., CCS’ 2002; Kokoris-Kogias et al., CCS’ 2020) have to incur O(λn) bits and O(n) messages; (ii) for asynchronous multi-valued agreement with external validity (VBA), Abraham et al. [2] very recently gave the first elegant construction with O(n) messages, relying on only public key infrastructure (PKI), but the design still costs O(λn logn) bits. Here n is the number of participating parties and λ is the cryptographic security parameter. We for the first time close the remaining efficiency gap between the communication complexity and the message complexity of private-setup free asynchronous Byzantine agreements, i.e., reducing their communication cost to only O(λn) bits on average. At the core of our design, we give a systematic treatment of reasonably fair common randomness, and proceed as follows: – We construct a reasonably fair common coin (Canetti and Rabin, STOC’ 1993) in the asynchronous setting with PKI instead of private setup, using only O(λn) bit and constant asynchronous rounds. The common coin protocol ensures that with at least 1/3 probability, all honest parties can output a common bit that is as if uniformly sampled, rendering a more efficient private-setup free ABA with expected O(λn) bit communication and constant running time. – More interestingly, we lift our reasonably fair common coin protocol to attain perfect agreement without incurring any extra factor in the asymptotic complexities, resulting in an efficient reasonably fair leader election primitive pluggable in all existing VBA protocols (including Cachin et al., CRYPTO’ 2001; Abraham et al., PODC’ 2019; Lu et al., PODC’ 2020), thus reducing the communication of private-setup free VBA to expected O(λn) bits while preserving expected constant running time. This leader election primitive and its construction might be of independent interest. – Along the way, we also improve an important building block, asynchronous verifiable secret sharing (Canetti and Rabin, STOC’ 1993) by presenting a private-setup free implementation costing only O(λn) bits in the PKI setting. By contrast, prior art having the same communication complexity (Backes et al., CT-RSA’ 2013) has to rely on a private setup.

[1]  Ran Canetti,et al.  Fast asynchronous Byzantine agreement with optimal resilience , 1993, STOC.

[2]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[3]  Gabriel Bracha,et al.  Asynchronous Byzantine Agreement Protocols , 1987, Inf. Comput..

[4]  Gilad Stern,et al.  Aggregatable Distributed Key Generation , 2021, IACR Cryptol. ePrint Arch..

[5]  Aniket Kate,et al.  Brief Note: Asynchronous Verifiable Secret Sharing with Optimal Resilience and Linear Amortized Overhead , 2019, ArXiv.

[6]  Stefano Tessaro,et al.  Asynchronous verifiable information dispersal , 2005, 24th IEEE Symposium on Reliable Distributed Systems (SRDS'05).

[7]  Aniket Kate,et al.  Asynchronous Computational VSS with Reduced Communication Complexity , 2013, CT-RSA.

[8]  Dahlia Malkhi,et al.  Asynchronous Distributed Key Generation for Computationally-Secure Randomness, Consensus, and Threshold Signatures. , 2020, CCS.

[9]  Anna Lysyanskaya,et al.  Asynchronous verifiable secret sharing and proactive cryptosystems , 2002, CCS '02.

[10]  Idit Keidar,et al.  Not a COINcidence: Sub-Quadratic Asynchronous Byzantine Agreement WHP , 2020, DISC.

[11]  Michael O. Rabin,et al.  Randomized byzantine generals , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[12]  Ittai Abraham,et al.  Asymptotically Optimal Validated Asynchronous Byzantine Agreement , 2019, PODC.

[13]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1983, PODS '83.

[14]  Elaine Shi,et al.  The Honey Badger of BFT Protocols , 2016, CCS.

[15]  Ignacio Cascudo,et al.  SCRAPE: Scalable Randomness Attested by Public Entities , 2017, IACR Cryptol. ePrint Arch..

[16]  Marcos K. Aguilera,et al.  Fast Asynchronous Consensus with Optimal Resilience , 2010, DISC.

[17]  Michael K. Reiter,et al.  Secure agreement protocols: reliable and atomic group multicast in rampart , 1994, CCS '94.

[18]  Mayank Varia,et al.  High-Threshold AVSS with Optimal Communication Complexity , 2021, IACR Cryptol. ePrint Arch..

[19]  Aggelos Kiayias,et al.  Ouroboros Praos: An Adaptively-Secure, Semi-synchronous Proof-of-Stake Blockchain , 2018, EUROCRYPT.

[20]  Hugo Krawczyk,et al.  Secret Sharing Made Short , 1994, CRYPTO.

[21]  Achour Mostéfaoui,et al.  Signature-Free Asynchronous Binary Byzantine Consensus with t < n/3, O(n2) Messages, and O(1) Expected Time , 2015, J. ACM.

[22]  Hagit Attiya,et al.  Distributed computing - fundamentals, simulations, and advanced topics (2. ed.) , 2004, Wiley series on parallel and distributed computing.

[23]  Victor Shoup,et al.  Random Oracles in Constantinople: Practical Asynchronous Byzantine Agreement Using Cryptography , 2000, Journal of Cryptology.

[24]  Guiling Wang,et al.  Dumbo-MVBA: Optimal Multi-Valued Validated Asynchronous Byzantine Agreement, Revisited , 2020, IACR Cryptol. ePrint Arch..

[25]  Tyler Crain Two More Algorithms for Randomized Signature-Free Asynchronous Binary Byzantine Consensus with t , 2020, ArXiv.

[26]  Chen-Da Liu Zhang,et al.  Asynchronous Byzantine Agreement with Subquadratic Communication , 2020, IACR Cryptol. ePrint Arch..

[27]  Aniket Kate,et al.  Computational Verifiable Secret Sharing Revisited , 2011, ASIACRYPT.

[28]  Victor Shoup,et al.  Secure and Efficient Asynchronous Broadcast Protocols , 2001, CRYPTO.

[29]  Ittai Abraham,et al.  Reaching Consensus for Asynchronous Distributed Key Generation , 2021, PODC.

[30]  Ashish Choudhury,et al.  Almost-Surely Terminating Asynchronous Byzantine Agreement Revisited , 2018, IACR Cryptol. ePrint Arch..

[31]  Victor Shoup,et al.  Optimistic Asynchronous Atomic Broadcast , 2005, ICALP.

[32]  Idit Keidar,et al.  All You Need is DAG , 2021, PODC.

[33]  Jing Xu,et al.  Dumbo: Faster Asynchronous BFT Protocols , 2020, IACR Cryptol. ePrint Arch..

[34]  HariGovind V. Ramasamy,et al.  Parsimonious Asynchronous Byzantine-Fault-Tolerant Atomic Broadcast , 2005, OPODIS.