1

Principles of Reliable Distributed Systems

Recitation 7

Byz. Consensus without Authentication ◊S-based Consensus

Spring 2008

Alex Shraer

22

Part I Berman & Garay Algorithm for

Unauthenticated Byzantine Consensus([AW] section 5.2.5)

33

Reminder

• Synchronous, Byzantine Fault-Tolerant, t-resilient consensus algorithms – – Strong unanimity with authentication iff t < n/2

• Lecture 6

– Weak unanimity with authentication: iff t < n• Recitation 6

– Without authentication: iff t < n/3• EIG algorithm in Lecture 6, we didn’t go over it

• AW section 5.2.4

44

Model: Unauthenticated Byzantine• Round-based synchronous • Static set P = {p1, …, pn} of processes• t-out-of-n Byzantine (arbitrary) failures• No signatures (no authentication)

– But: a receiver of the message can determine who sent it• secure point-to-point channels

• Messages between correct processes are not lost

• This model was defined in Lamport, Pease, Shostak: The Byzantine Generals Problem, 1980

5

Berman & Garay(this tutorial)

• 2(t+1) rounds– Twice the optimal

– Not early-deciding

• n/4-resilient– Not optimal

• O(1) message size– Optimal

EIG Algorithm(lecture 6, but we didn’t

go over this in class)

• t+1 rounds – Optimal– Not early-deciding

• t<n/3– Optimal

• Exponential messages– Size (nt+2)

6

Berman & Garay: Algorithm Structure

• Every process has a preference– Initialized to its input– After t+1 phases becomes a decision

• t+1 phases, 2 rounds each– Process pk is the king of phase k

7

The Algorithm’s phases• Odd round (round 2k – 1, 1 k t+1)

– Processes exchange preference values

– Compute the majority value (┴ if none)

– Denote by mult the #votes for majority

• Even round (round 2k, 1 k t+1)– King (process pk) broadcasts its majority value

– Receive king’s majority (┴ if none)

– Update preference:

if (mult > n/2 + t) thenpreference majority

elsepreference king’s majority

• After t+1 phases, decide on preference

Pha

se

Note: king is ignored if majority has > n/2+t

votes

8

Correctness• Termination: immediate• Lemma 1: If all correct processes prefer v at the

beginning of phase k, then they prefer v at the end of phase k.

• Proof: Suppose that all correct processes prefer v at the beginning of phase k

• Each process receives at least n – t copies of v (including its own) in the first round of phase k

• Note: n > 4t n/2 > 2t n > n/2+ 2t

n – t > n/2+ t

• Thus, all correct processes will prefer v at the end of phase k

9

Validity• Validity (Strong Unanimity)

– If the input of all the correct processes is v then no correct process decides a value other than v

• Proof (by induction, using Lemma 1):• If all correct processes start with the same input v• They continue to prefer v throughout the phases

– by Lemma 1; and

– since the preference at the end of one phase is the preference at the beginning of the next

• Finally, they decide on v at the end of phase k + 1

10

Agreement• Observation: There are at most t faulty processes, and t+1

phases. Therefore, there is at least one phase whose king is correct

• Lemma 2: Let k be a phase whose king pk is correct. Then all the correct processes finish this phase with the same preference

• Proof: consider phase k• Case 1: All correct processes use king’s majority for their

preference. Since the king is correct it sends everyone the same value, and we’re done

• Case 2: Some correct process pi uses its own majority value, maj for its preference

• Thus, in the first round, pi receives more than n/2 + t votes for vMore than n/2 correct processes sent v

• Every correct process receives more than n/2 votes for v and sets its majority to be v in the first round. Including the king!

• Thus, in the second round, all correct processes set the preference to v, whether they adopt the king’s majority or their own

11

Agreement – Cont.• Lemma 2: Let k be a phase whose king pk is correct.

Then all the correct processes finish this phase with the same preference

• Thus, at the end of phase k all processes have the same preference– If k=t + 1, they all decide the same

– Otherwise, they all have the same preference at the start of phase k+1 and we continue using Lemma 1

12

Optimal Synchronous Byzantine Agreement in all Regards?

• Garay & Moses algorithm (STOC 1993)– n/3-resilient– t+1 rounds– Polynomial messages

1313

Part II ◊S-based Consensus

[Mostefaoui, Raynal 99]

14

Reminder: ◊P and ◊S Failure Detectors• ◊P - Eventually Perfect:

– Strong Completeness: From some point on, every faulty process is suspected by every correct process

– Eventual Strong Accuracy: From some point on, no correct process is suspected

• ◊S - Eventually Strong:– Strong Completeness– Eventual Weak Accuracy: There exists some correct

process that is not suspected by any correct process from some point on

• Processes do not know who this process is

15

Our Model• n processes 1,…,n• Reliable links between correct processes• Asynchronous

– Messages can be delayed arbitrarily• Non-assumption

– Processes take steps at asynchronous times• No clocks

• ◊S failure detector• t<n/2 crash failures

– Optimal for ◊S (Chandra, Toueg JACM 96) – A process that crashes at any point in a run is faulty in

that run

16

◊S-based Consensus: MR Algorithm[Mostefaoui, Raynal 99]

• Asynchronous rounds:– Each process locally progresses through rounds

r = 1, 2, 3, …– Different processes can progress at different

times

• Rotating coordinator – Process i mod n is the coordinator of round i

• Each round consists of two phases

17

val input; est || for r =1, 2, … do

coord (r-1 mod n)+1 if I am coord, then send (r,val) to all wait for ( (r, v) from coord OR suspect coord (by ◊S)) if receive v from coord then est v else est send (r, est) to all wait for (r,e) from n-t processes if any non- value e received then val e if all received e’s have same non- value v then

send (“decide”, v) to all return(v)

|| Upon receive (“decide”, v), forward to all; return(v)

1

2

<>S-based Consensus [Mostefaoui, Raynal 99]

Note: the only values sent

are the coord’s val and

Note: return is like decide and halt

18

MR Principles: Phase 1

• The purpose of the 1st phase:– Ensure that for every pi, esti {valcoord, }

• Progress: why does the 1st phase terminate?– By Strong Completeness property of <>S, if the

coordinator crashes, then every correct process will eventually either receive a message from the coordinator, or suspect the crashed coordinator

• Note: Because of asynchrony, and since the failure detector is unreliable, some of the processes may have est = null while others have est = valcoord

19

MR Principles: Phase 2• A process pi finishes the 2nd phase when it has received

(r, est) from a majority of processes• Why is the majority important?

– Every two majority sets intersect– If one process got n-t values of v:

if all received e’s have same non- value v then send (“decide”, v) to all return(v)

– then some other process got at least one value of v:if any non- value e received then val e

– Thus, If process pi decides v during r, and if process pj progresses to r+1, then pj does it with est = v

• The purpose of the 2nd phase: – Ensure that the Agreement property is never violated

• Progress: why does the 2nd phase terminate?– Since there are at least n-t correct processes

20

Second Phase (cont’d)

• Notation:– v = valcoord

– reci – the set of received est values at the end of phase II.– reci = {} or {v} or {v, }

• Consider three cases:1. reci = {v} (recj = {v}) or (recj = {, v}) decide v

2. reci = {} (recj = {}) or (recj = {, v}) skip to the next round

3. reci = {v,} (recj = {v}) or (recj = {}) or (recj = {, v})

update est to v (why?)

21

val input; est || for r =1, 2, … do

coord (r-1 mod n)+1 if I am coord, then send (r,val) to all wait for ( (r, v) from coord OR suspect coord (by ◊S)) if receive v from coord then est v else est send (r, est) to all wait for (r,e) from n-t processes if any non- value e received then val e if all received e’s have same non- value v then

send (“decide”, v) to all return(v)

|| Upon receive (“decide”, v), forward to all; return(v)

• Do all processes decide at the same time?

1

2

Why do we need “send (“decide”, v) to all”?

22

n=4, t=1

v v

v

v

v

v

v

v

v

return(v)

Round 1 Round 2

Suspect p1

They are stuck waiting for

n – t = 3 messages

23

Disseminating the decision

• Q: ok, so we need the “send (“decide”, v) to all”. But why “forward to all”?– || Upon receive (“decide”, v), forward to all; return(v)

• A: to prevent a process from blocking forever. A process that decides uses reliable broadcast to disseminate its decision value.

24

n=4, t=1

v v

v

v

v

v

v

v

v

v

Round 1 Round 2

Suspect p1

vreturn(v)

The “decide” message reaches only one process since the sender crashes. We need the receiver to forward

to all, i.e., reliable broadcast

Stuck again…