byzantine fault tolerance
play

Byzantine Fault Tolerance Consensus Strikes Back (continued) - PowerPoint PPT Presentation

Byzantine Fault Tolerance Consensus Strikes Back (continued) Announcements Lab 2 Due in approximately 5 hours. If you haven't started yet then ... I don't really know how to help. Note, even with late days you must submit by 23:59 on


  1. Byzantine Fault Tolerance Consensus Strikes Back (continued)

  2. Announcements

  3. Lab 2 • Due in approximately 5 hours. • If you haven't started yet then ... I don't really know how to help. • Note, even with late days you must submit by 23:59 on Saturday. • Unless you have received an extension (over e-mail) from me.

  4. Remaining Classes • Changed one reading for next week. • Substantially reduced the number of pages. • Week after is Thanksgiving -- no class. 🦄 🦄 • No class on November 28th.

  5. Remaining Classes • No readings for class on December 5. • Use the time for final projects. • Spend December 12 on final project presentations. • Essentially going to do posters, though maybe without the printing. • Final project write-ups are due on Dec 12. Cannot accept them late. • Between 5-12 pages single column.

  6. Previously...

  7. Byzantine Fault Tolerance • Failed nodes can exhibit arbitrary behavior. • Send different messages to different nodes, not send messages, etc. • Want to get consensus despite failures. Specifically ensuring: • Agreement : All correct nodes agree on a value. • Validity : Messages sent by a correct node are accepted.

  8. 0 0 1 2 3 4 0 1 2 2 3 4 0 0->1: c0, 4 0 0->1: c1, 4 0 0->1: c0, 4 0 0->1: c1, 4 0 0->1: c0, 4 0 0->1: c0, 4 0 0->1: c0, 4 0 0->1: c0, 4 1 1 1 1 1 1 1 1 0->1: c0, 4 0->1: c0, 4 0->1: c0, 4 0->1: c0, 4 0->1: c0, 4 0->1: c0, 4 2 2 2 2 2 2 2 2 0->1: c1, 4 0->1: c1, 4 0->1: c1, 4 ??? ??? ??? 3 3 3 3 3 3 3 3 0->1: c0, 4 0->1: c0, 4 0->1: c0, 4 0->1: c0, 4 0->1: c0, 4 0->1: c0, 4 4 4 4 4 4 4 4 4 0->1: c1, 4 0->1: c1, 4 0->1: c1, 4 0->1: c0, 4 0->1: c0, 4 0->1: c0, 4

  9. Digests/Hashes Arbitrary length input h Fixed length output • Deterministic: h(x) should always be the same value. • Not invertable -- given h(x) cannot find x. • Output of h(x) is equivalent to a random function. • Infeasible to find collisions.

  10. Digital Signature Input f Signature g(m, s) = ✔ if and only if f(m) = s. Input g ✔ or 𝙔 Signature • Need an entire family of these functions, not just one. • Parametrize with one or more "keys". • f( private , message) = signature • g( public , message, signature) = ✔ iff f( private , message) = signature

  11. 0 0 1 2 3 4 0 1 2 2 3 4 0 0->1: c0, 4 0 0->1: c1, 4 0 0->1: c0, 4 0 0->1: c1, 4 0 0->1: c0, 4 0 0->1: c0, 4 0 0->1: c0, 4 0 0->1: c0, 4 1 1 1 1 1 1 1 1 0->1: c0, 4 0->1: c0, 4 0->1: c0, 4 0->1: c0, 4 0->1: c0, 4 0->1: c0, 4 2 2 2 2 2 2 2 2 0->1: c1, 4 0->1: c1, 4 0->1: c1, 4 ??? ??? ??? 3 3 3 3 3 3 3 3 0->1: c0, 4 0->1: c0, 4 0->1: c0, 4 0->1: c0, 4 0->1: c0, 4 0->1: c0, 4 4 4 4 4 4 4 4 4 0->1: c1, 4 0->1: c1, 4 0->1: c1, 4 0->1: c0, 4 0->1: c0, 4 0->1: c0, 4 Pr0 Pr0 0 0 0 AppendEntries(..., AppendEntries(..., [], leaderCommit = 4), [], leaderCommit = 4), Sig(pr1, success), Sig(pr1, success), Sig(pr2, success), Sig(pr2, success), Sig(pr3, success) Sig(pr3, success) 1 2 3 4 1 2 3 4 Pr1 Pr2 Pr3 Pr4 Pr1 Pr2 Pr3 Pr4

  12. Practical Byzantine Fault Tolerance

  13. Requirements • Safety : Provide linearizability. • Despite byzantine clients or participants. Safety preserved always. • Liveness : Ensure progress. • Requires fewer than floor(n-1/3) failures, and partial synchrony. • Specifically require that message delay is bounded.

  14. Client Request c req, sig c (req) 0 1 2 3

  15. Initial Client Request • Why does the client need to sign its request?

  16. Pre-Prepare c req, sig c (req) pre-prepare(v, n, d) 0 sig 0 (pre-prepare(v, n, d)) <req , sig c (req)> 1 2 3 v = view n = slot d = D(<req, sig c (req)>)

  17. Pre-Prepare • Why does the leader leave the client message out from its signature? • Why do we need to include sig c (req) in this case?

  18. Prepare c req, sig c (req) 0 prepare(v, n, d, 1) 1 sig 1 (prepare(v, n, d, 1)) 2 3 v = view n = slot d = D(<req, sig c (req)>)

  19. Prepare • Predicate: prepared(m, v, n, i) • Node i received a pre-prepare for message m in view v with slot n. • Node i received 2f prepares from different backups. • If prepared(m, v, n, i) and prepared(m', v, n, j) then • D(m) = D(m') • Why?

  20. Prepare Wait for prepared to become true c req, sig c (req) 0 1 2 3 f = maximum number of faulty nodes

  21. Prepare • Why wait for 2f prepare messages? • Why does every node broadcast the prepare message? • Why not just send to leader, client, etc.

  22. Commit c req, sig c (req) 0 commit(v, n, d, i) 1 sig 1 (commit(v, n, d, i)) 2 3 f = maximum number of faulty nodes

  23. Commit • Predicate: committed(m, v, n) • prepared(m, v, n, i) is true for f+1 non-faulty nodes. • If committed is true then message m has been committed in slot n.

  24. Commit • Predicate: committed-local(m, v, n, i) • prepared(m, v, n, i) is true. • Node i accepts 2f + 1 commit messages. • Claim: committed-local(m, v, n, i) => committed(m, v, n) • For any non-faulty node i . Why?

  25. Commit Wait for committed c req, sig c (req) 0 1 2 3

  26. Response c req, sig c (req) 0 resp(r, v, 1) sig 1 (resp) 1 2 3

  27. Response • Client waits for f+1 identical responses before accepting the response. • Why wait for f+1?

  28. Haven't really used those signatures yet?

  29. Violating Liveness c req, sig c (req) 0 1 2 3

  30. Violating Liveness c req, sig c (req) resp(r, v, 0) sig 1 (resp) 0 1 2 3

  31. Fixing Liveness Problems c req, sig c (req) 0 1 2 3

  32. Fixing Liveness Problems c req, sig c (req) req, sig c (req) 0 1 2 3

  33. Fixing Liveness Problems c req, sig c (req) req, sig c (req) 0 1 2 3

  34. Fixing Liveness Problems c req, sig c (req) req, sig c (req) 0 View 1 Change 2 3

  35. What is Important for View Change • Committed log entries remain committed. • Eventually arrive at a non-faulty leader.

  36. Arriving at a Non-Faulty Leader 0 0 1 2 3 4 View 1

  37. Arriving at a Non-Faulty Leader 0 0 1 2 3 4 View 1 2

  38. Arriving at a Non-Faulty Leader 0 0 1 2 3 4 View 1 2 3 For view V, leader is V mod (# of peers) At most f view changes before arriving at a correct leader.

  39. View Change c 0 view-change(v+1, prepared, 1) 1 sig 1 (view-change(v+1, prepared, i)) 2 3

  40. View Change c prepared = [(pre-prepare(n, v, d), sig(pre-prepare(n, v, d), prepare(v, n, d, i 0 ), 0 sig i0 (prepare(v, n, d, i 0 )), prepare(v, n, d, i 1 ), view-change(v+1, prepared, 1) sig i1 (prepare(v, n, d, i 1 )), 1 sig 1 (view-change(v+1, prepared, 1)) prepare(v, n, d, i 2 ), sig i2 (prepare(v, n, d, i 2 )), ...), 2 (pre-prepare(n', v', d'), ...), ...] 3

  41. What is Included in Prepared prepared = [(pre-prepare(n, v, d), At slot n, prepared message with digest d, in view v. sig(pre-prepare(n, v, d), Here is evidence that I received the pre-prepare message. prepare(v, n, d, i 0 ), Received a prepare from i 0 sig i0 (prepare(v, n, d, i 0 )), prepare(v, n, d, i 1 ), sig i1 (prepare(v, n, d, i 1 )), Proof that I did the right thing in preparing this slot. prepare(v, n, d, i 2 ), sig i2 (prepare(v, n, d, i 2 )), ...), (pre-prepare(n', v', d'), ...), ...]

  42. View Change c 0 1 2 3 Send view-change requests on timeout. Why?

  43. View Change c 0 1 2 3 Leader of new view waits for 2f valid view changes. Why 2f?

  44. View Change • Once leader for view v+1 has received 2f valid view-changes it is leader. • Needs to produce a single consolidated log. • Must include all committed log entries.

  45. View Change Peer 0 Peer 1 Peer 2 Peer 3 Peer 4 (1, 0, d) (2, 0, d') (2, 0, d') (1, 0, d'') (1, 0, d''') Is this possible? Tuple form: (v, n, d)

  46. View Change Peer 0 Peer 1 Peer 2 Peer 3 Peer 4 (1, 0, d) (2, 0, d') (2, 0, d') (1, 0, d) (1, 0, d) Is it possible that d != d'? Tuple form: (v, n, d)

  47. View Change Peer 0 Peer 1 Peer 2 Peer 3 Peer 4 (1, 0, d) (2, 0, d') (2, 0, d') (1, 0, d) (1, 0, d) (1, 1, e) (1, 2, f) (1, 5, g) Tuple form: (v, n, d)

  48. View Change Peer 3 Peer 0 Peer 1 Peer 2 Peer 4 Merged Log (2, 0, d') (1, 0, d) (1, 0, d) (1, 0, d) (2, 0, d') (3, 0, d') (3, 1, e) (1, 1, e) (1, 2, f) (3, 2, f) (3, 3, noop) (3, 4, noop) (1, 5, g) (3, 5, g) Tuple form: (v, n, d)

  49. View Change Peer 3 Peer 0 Peer 1 Peer 2 Peer 4 Merged Log (2, 0, d') (1, 0, d) (1, 0, d) (1, 0, d) (2, 0, d') (3, 0, d') (3, 1, e) (1, 1, e) (1, 2, f) (3, 2, f) Claim: This ensures committed entries remain committed. Why? (3, 3, noop) (3, 4, noop) (1, 5, g) (3, 5, g) Tuple form: (v, n, d)

  50. View Change c 0 new-view(v+1, [prepared 1 , prepared 2 , prepared 3 ], merged, 1) 1 sig 1 (new-view(v+1, [prepared 1 , prepared 2 , prepared 3 ], merged, 1)) 2 3

  51. Zyzzyva

Recommend


More recommend