• date post

22-Dec-2015
• Category

## Documents

• view

218

0

Embed Size (px)

### Transcript of 1 Principles of Reliable Distributed Systems Recitation 7 Byz. Consensus without Authentication...

• Slide 1
• 1 Principles of Reliable Distributed Systems Recitation 7 Byz. Consensus without Authentication S-based Consensus Spring 2008 Alex Shraer
• Slide 2
• 22 Part I Berman & Garay Algorithm for Unauthenticated Byzantine Consensus ([AW] section 5.2.5)
• Slide 3
• 33 Reminder Synchronous, Byzantine Fault-Tolerant, t-resilient consensus algorithms Strong unanimity with authentication iff t < n/2 Lecture 6 Weak unanimity with authentication: iff t < n Recitation 6 Without authentication: iff t < n/3 EIG algorithm in Lecture 6, we didnt go over it AW section 5.2.4
• Slide 4
• 44 Model: Unauthenticated Byzantine Round-based synchronous Static set P = {p 1, , p n } of processes t-out-of-n Byzantine (arbitrary) failures No signatures (no authentication) But: a receiver of the message can determine who sent it secure point-to-point channels Messages between correct processes are not lost This model was defined in Lamport, Pease, Shostak: The Byzantine Generals Problem, 1980 The Byzantine Generals Problem
• Slide 5
• 5 Berman & Garay (this tutorial) 2(t+1) rounds Twice the optimal Not early-deciding n/4-resilient Not optimal O(1) message size Optimal EIG Algorithm (lecture 6, but we didnt go over this in class) t+1 rounds Optimal Not early-deciding t
• Slide 6
• 6 Berman & Garay: Algorithm Structure Every process has a preference Initialized to its input After t+1 phases becomes a decision t+1 phases, 2 rounds each Process p k is the king of phase k
• Slide 7
• 7 The Algorithms phases Odd round (round 2k 1, 1 k t+1) Processes exchange preference values Compute the majority value ( if none) Denote by mult the #votes for majority Even round (round 2k, 1 k t+1) King (process p k ) broadcasts its majority value Receive kings majority ( if none) Update preference: if (mult > n/2 + t) then preference majority else preference kings majority After t+1 phases, decide on preference Phase Note: king is ignored if majority has > n/2+t votes
• Slide 8
• 8 Correctness Termination: immediate Lemma 1: If all correct processes prefer v at the beginning of phase k, then they prefer v at the end of phase k. Proof: Suppose that all correct processes prefer v at the beginning of phase k Each process receives at least n t copies of v (including its own) in the first round of phase k Note: n > 4t n/2 > 2t n > n/2+ 2t n t > n/2+ t Thus, all correct processes will prefer v at the end of phase k
• Slide 9
• 9 Validity Validity (Strong Unanimity) If the input of all the correct processes is v then no correct process decides a value other than v Proof (by induction, using Lemma 1): If all correct processes start with the same input v They continue to prefer v throughout the phases by Lemma 1; and since the preference at the end of one phase is the preference at the beginning of the next Finally, they decide on v at the end of phase k + 1
• Slide 10
• 10 Agreement Observation: There are at most t faulty processes, and t+1 phases. Therefore, there is at least one phase whose king is correct Lemma 2: Let k be a phase whose king p k is correct. Then all the correct processes finish this phase with the same preference Proof: consider phase k Case 1: All correct processes use kings majority for their preference. Since the king is correct it sends everyone the same value, and were done Case 2: Some correct process p i uses its own majority value, maj for its preference Thus, in the first round, p i receives more than n/2 + t votes for v More than n/2 correct processes sent v Every correct process receives more than n/2 votes for v and sets its majority to be v in the first round. Including the king! Thus, in the second round, all correct processes set the preference to v, whether they adopt the kings majority or their own
• Slide 11
• 11 Agreement Cont. Lemma 2: Let k be a phase whose king p k is correct. Then all the correct processes finish this phase with the same preference Thus, at the end of phase k all processes have the same preference If k=t + 1, they all decide the same Otherwise, they all have the same preference at the start of phase k+1 and we continue using Lemma 1
• Slide 12
• 12 Optimal Synchronous Byzantine Agreement in all Regards? Garay & Moses algorithm (STOC 1993) n/3-resilient t+1 rounds Polynomial messages
• Slide 13
• 13 Part II S-based Consensus [Mostefaoui, Raynal 99]
• Slide 14
• 14 Reminder: P and S Failure Detectors P - Eventually Perfect: Strong Completeness: From some point on, every faulty process is suspected by every correct process Eventual Strong Accuracy: From some point on, no correct process is suspected S - Eventually Strong: Strong Completeness Eventual Weak Accuracy: There exists some correct process that is not suspected by any correct process from some point on Processes do not know who this process is
• Slide 15
• 15 Our Model n processes 1,,n Reliable links between correct processes Asynchronous Messages can be delayed arbitrarily Non-assumption Processes take steps at asynchronous times No clocks S failure detector t
• Slide 16
• 16 S-based Consensus: MR Algorithm [ Mostefaoui, Raynal 99 ] Asynchronous rounds: Each process locally progresses through rounds r = 1, 2, 3, Different processes can progress at different times Rotating coordinator Process i mod n is the coordinator of round i Each round consists of two phases
• Slide 17
• 17 val input; est || for r =1, 2, do coord (r-1 mod n)+1 if I am coord, then send (r,val) to all wait for ( (r, v) from coord OR suspect coord (by S)) if receive v from coord then est v else est send (r, est) to all wait for (r,e) from n-t processes if any non- value e received then val e if all received es have same non- value v then send (decide, v) to all return(v) || Upon receive (decide, v), forward to all; return(v) 1 2 S-based Consensus [ Mostefaoui, Raynal 99 ] [ Mostefaoui, Raynal 99 ] Note: the only values sent are the coords val and Note: return is like decide and halt
• Slide 18
• 18 MR Principles: Phase 1 The purpose of the 1 st phase: Ensure that for every p i, est i {val coord, } Progress: why does the 1 st phase terminate? By Strong Completeness property of S, if the coordinator crashes, then every correct process will eventually either receive a message from the coordinator, or suspect the crashed coordinator Note: Because of asynchrony, and since the failure detector is unreliable, some of the processes may have est = null while others have est = val coord
• Slide 19
• 19 MR Principles: Phase 2 A process p i finishes the 2 nd phase when it has received (r, est) from a majority of processes Why is the majority important? Every two majority sets intersect If one process got n-t values of v: if all received es have same non- value v then send (decide, v) to all return(v) then some other process got at least one value of v: if any non- value e received then val e Thus, If process p i decides v during r, and if process p j progresses to r+1, then p j does it with est = v The purpose of the 2 nd phase: Ensure that the Agreement property is never violated Progress: why does the 2 nd phase terminate? Since there are at least n-t correct processes
• Slide 20
• 20 Second Phase (contd) Notation: v = val coord rec i the set of received est values at the end of phase II. rec i = { } or {v} or {v, } Consider three cases: 1.rec i = {v} (rec j = {v}) or (rec j = { , v}) decide v 2.rec i = { } (rec j = { }) or (rec j = { , v}) skip to the next round 3.rec i = {v, } (rec j = {v}) or (rec j = { }) or (rec j = { , v}) update est to v (why?)
• Slide 21
• 21 val input; est || for r =1, 2, do coord (r-1 mod n)+1 if I am coord, then send (r,val) to all wait for ( (r, v) from coord OR suspect coord (by S)) if receive v from coord then est v else est send (r, est) to all wait for (r,e) from n-t processes if any non- value e received then val e if all received es have same non- value v then send (decide, v) to all return(v) || Upon receive (decide, v), forward to all; return(v) Do all processes decide at the same time? 1 2 Why do we need send (decide, v) to all?
• Slide 22
• 22 n=4, t=1 v v v v v v v v v return(v) Round 1 Round 2 Suspect p1 They are stuck waiting for n t = 3 messages
• Slide 23
• 23 Disseminating the decision Q: ok, so we need the send (decide, v) to all . But why forward to all? || Upon receive (decide, v), forward to all; return(v) A: to prevent a process from blocking forever. A process that decides uses reliable broadcast to disseminate its decision value.
• Slide 24
• 24 n=4, t=1 v v v v v v v v v v Round 1 Round 2 Suspect p1 v return(v) The decide message reaches only one process since the sender crashes. We need the receiver to forward to all, i.e., reliable broadcast Stuck again