hybrid fault tolerant consensus in asynchronous and
play

Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless - PowerPoint PPT Presentation

Aug 27, 2023 •257 likes •594 views

Platzhalter fr Bild, Bild auf Titelfolie hinter das Logo einsetzen Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems 22nd International Conference on Principles of Distributed Systems Wenbo Xu, Signe Rsch, Bijun

  1. Platzhalter für Bild, Bild auf Titelfolie hinter das Logo einsetzen Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems 22nd International Conference on Principles of Distributed Systems Wenbo Xu, Signe Rüsch, Bijun Li, Rüdiger Kapitza TU Braunschweig 18.12.2018, Hong Kong

  2. Background: (Binary) Byzantine-Fault Tolerant Consensus • Fundamental problem in distributed systems • Totally n node in the group, each proposes a value , 0 or 1 • In the end all nodes should decide the same value → consensus 1 1 1 0 1 Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 2

  3. Background: (Binary) Byzantine-Fault Tolerant Consensus • Fundamental problem in distributed systems • Totally n node in the group, each proposes a value , 0 or 1 • In the end all nodes should decide the same value → consensus • At most f faulty nodes – Crash – Byzantine fault: actively work against the algorithm 1 1 0 0 Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 3

  4. Background: Asynchronous System • Nodes communicate via messages • Asynchronous network 1 0 – No message omissions – But messages can take arbitrarily long time →Too slow? Or he didn’t send? Cannot wait forever! That guy crashed? • Strong adversary: the worst case  The adversary can inspect the status of every message and node  … then reorder arrivals of messages, and adjust faulty nodes’ behavior  Cannot break cryptography and a trusted subsystem Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 4

  5. Background: Hybrid Fault Model • Trusted subsystem, tamperproof • A strict monotonic counter to prevent “two-faced cheating” • Faulty nodes cannot send contradictory messages in one broadcast 1 [42] 0 [42] 1 [43] Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 5

  6. Related Work and Motivation • Randomization to bypass FLP impossibility of asynchrony – Crash fault tolerance with n ≥ 2f+1 : Ben-Or’s algorithm [1] – Byzantine fault tolerance requires n ≥ 3f+1 • Limit the Byzantine behavior with a trusted subsystem – Only requires n ≥ 2f+1 – Built upon complex algorithm stacks, e.g. reliable broadcast primitive – Not resilient against strong adversary → not terminate in worst cases 2f+1 consensus , but less complex and suitable in wireless embedded systems Correctness proof under all cases, even strong adversary [1] Michael Ben‐Or. Another advantage of free choice (extended abstract): Completely asynchronous agreement protocols. In Proceedings of the second annual ACM symposium on Principles of distributed computing , 1983. Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 6

  7. Outline  Trusted-Ben-Or Algorithm  A Common Issue in the Proof of Termination  Experiment Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 7

  8. Original Ben-Or’s Algorithm Round based, 2 phases per round PR: Propose Phase Round Node 1 Node 2 Node 3 Propose a value 0 or 1 PR 0 1 0 1 VO PR 2 VO Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 8

  9. Ben-Or’s Algorithm Round based, 2 phases per round PR: Propose Phase Round Node 1 Node 2 Node 3 VO: Vote Phase PR 0 1 0 Wait for (n-f) proposals 1 � � 0 VO If >n/2 propose the same v → Vote for v PR 2 Else VO → Vote for � (default) Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 9

  10. Ben-Or’s Algorithm Round based, 2 phases per round PR: Propose Phase Round Node 1 Node 2 Node 3 VO: Vote Phase PR 0 1 0 1 PR: Propose Phase � � 0 VO Wait for (n-f) votes 0, R PR 0, D 0, D If all vote for � 2 VO → Propose ( $, R ), $ is a random value R = Randomly get the value If someone votes for v D = Deterministically get the value → Propose ( v, D ) Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 10

  11. Ben-Or’s Algorithm Round based, 2 phases per round PR: Propose Phase Round Node 1 Node 2 Node 3 VO: Vote Phase PR 0 1 0 1 PR: Propose Phase � � 0 VO VO: Vote Phase 0, R PR 0, D 0, D 2 … 0 VO 0 0 If >n/2 vote for the same v decide decide decide → Decide v 0 0 0 Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 11

  12. Ben-Or’s Algorithm Round based, 2 phases per round PR: Propose Phase Round Node 1 Node 2 Node 3 VO: Vote Phase PR 0 1 0 1 PR: Propose Phase � � 0 VO VO: Vote Phase 0, R PR 0, D 0, D 2 … 0 VO 0 0 decide decide decide Only tolerate crash fault, no Byzantine fault! 0 0 0 Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 12

  13. Trusted-Ben-Or: Tackle Byzantine faults • Message uniqueness per phase → Trusted monotonic counter for message authentication • Unbiased random number → Trusted random number generator (combined with the counter) • Semantic correctness → Message certificate Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 13

  14. Message Uniqueness | Unbiased Random | Semantic Correctness • In round k, each node only sends 2 messages • Trusted monotonic counter authentication: – <PR, k, *, *> with counter value [k|0] – <VO, k, *> with counter value [k|1] • Trusted random number generator • Protected by hardware, can only crash but not Byzantine message id AUTH(message|id|c new ) c new secret key int (c new > c)c ← c new bool rand ($) + AUTH(message|id|c new |$) Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 14

  15. Message Uniqueness | Unbiased Random | Semantic Correctness • Piggyback received, authenticated messages to proof the correctness • No recursive certificates – Limited message size ( ≤ n+2 messages in one certificate) – Faulty node can include invalid into a certificate >n/2 PR of last round >n/2 VO 1 1 … 1 � � … � � � … � 1 Propose 0, R Propose 1, D Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 15

  16. Adaption to Embedded Wireless Systems • Local broadcast instead of peer-to-peer communication • Tackle (limited) omission faults: – Stubborn re-transmission of last message – Round jumping when received a valid message of future round → No specific network protocols / primitives required for reliable communication • HMAC in trusted subsystem instead of digital signature This Photo by Unknown Author is licensed under CC BY‐SA‐NC Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 16

  17. Outline  Trusted-Ben-Or Algorithm  A Common Issue in the Proof of Termination  Experiment Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 17

  18. Proof of Termination • No valid proposals of (0, D) and (1, D) at the same time � ( � +1)/2 � * 1 � ( � +1)/2 � * 0 PR VO 0, D 1, D • In a lucky round: – All trusted coins of each node toss the same random value v – … which is the same as the valid deterministic value → Terminate in this round This Photo by Unknown Author is licensed under CC BY‐SA Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 18

  19. Proof of Termination A corner case of flaw • Firstly let a node R-get v Round Node 1 Node 2 Node 3 PR 0,D 1,D � � VO PR 0,R VO PR Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 19

  20. Proof of Termination A corner case of possible flaw • Firstly let a node R-get v Round Node 1 Node 2 Node 3 PR 0,D 1,D 1,D • Then let another node D-get (1-v) � � VO 1 → Turn the lucky value into unlucky PR 0,R 1,D VO PR Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 20

  21. Proof of Termination A corner case of possible flaw • Firstly let a node R-get v Round Node 1 Node 2 Node 3 PR 0,D 1,D 1,D • Then let another node D-get (1-v) � � VO 1 → Turn the lucky value into unlucky PR 0,R 1,D � � VO PR 1,R Is 0 still the lucky “Luckiness” should not depend on future events! value here? Marcos K Aguilera and Sam Toueg. The correctness proof of ben‐or’s randomized consensus algorithm. Distributed Computing , 25(5), 2012. Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 21

  22. Proof of Termination • In our work, termination is ensured by: – Counter authentication – Trusted random number generator – Semantic certificate – “Luckiness” • Luckiness depends only on the current system state and past events! • For more details please refer to our paper This Photo by Unknown Author is licensed under CC BY‐SA Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 22

  23. Outline  Trusted-Ben-Or Algorithm  A Common Issue in the Proof of Termination  Experiment Wenbo Xu| Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems | Page 23

Recommend

Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing Julien Stainer

Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing Julien Stainer

Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing Julien Stainer under the supervision of Michel Raynal March 18 th , 2015 Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 1 / 51

1.63k views • 147 slides
CS6100: Topics in Design and Analysis of Algorithms Fault Tolerant Consensus CS6100 (Even 2012):

CS6100: Topics in Design and Analysis of Algorithms Fault Tolerant Consensus CS6100 (Even 2012):

CS6100: Topics in Design and Analysis of Algorithms Fault Tolerant Consensus CS6100 (Even 2012): Fault Tolerant Consensus Models Failure Types 1. Clean Crash Failure completely fail 2. (Unclean) Crash Failure fail after some messages

653 views • 16 slides
Presentation of the paper Proof-of-Execution: Reaching Consensus through Fault-Tolerant

Presentation of the paper Proof-of-Execution: Reaching Consensus through Fault-Tolerant

Presentation of the paper Proof-of-Execution: Reaching Consensus through Fault-Tolerant Speculation Presenter: Haojun (Howard) Zhu Background Due to time-tested safe design of PBFT and due to the limiting designs of other BFT protocols,

536 views • 26 slides
Performance of UDP-based Byzantine Fault Tolerant Consensus Final talk for the Bachelors

Performance of UDP-based Byzantine Fault Tolerant Consensus Final talk for the Bachelors

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Performance of UDP-based Byzantine Fault Tolerant Consensus Final talk for the Bachelors Thesis by Lucas Mair advised by Richard von Seck,

523 views • 36 slides
Asynchronous and Fault-Tolerant Recursive Datalog Evalua9on in Shared-Nothing Engines Jingjing

Asynchronous and Fault-Tolerant Recursive Datalog Evalua9on in Shared-Nothing Engines Jingjing

Asynchronous and Fault-Tolerant Recursive Datalog Evalua9on in Shared-Nothing Engines Jingjing Wang, Magdalena Balazinska, Daniel Halperin University of Washington Modern Analy&gt;cs Requires Itera&gt;on Graph applica&gt;ons Graph

321 views • 19 slides
Circumventing Impossibility Partial Synchrony Circumventing Impossibility Consensus is an

Circumventing Impossibility Partial Synchrony Circumventing Impossibility Consensus is an

Circumventing Impossibility Partial Synchrony Circumventing Impossibility Consensus is an important building block for fault-tolerant computing Universal: any deterministic fault-tolerant service can be implemented on top of it

349 views • 12 slides
Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault

Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault

Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault tolerant programming are: Fault Detection - Knowing that a fault exists Fault Recovery - having atomic instructions that can be rolled back in

361 views • 18 slides
Fault-tolerant techniques Fault-tolerant techniques What causes component faults? What are the

Fault-tolerant techniques Fault-tolerant techniques What causes component faults? What are the

EDA421/DIT171 - Parallel and Distributed Real-Time Systems, Chalmers/GU, 2011/2012 Lecture #14 Updated May 2, 2012 Fault-tolerant techniques Fault-tolerant techniques What causes component faults? What are the effects if the

374 views • 9 slides
FAULT-TOLERANT CONTROL Is it possible? JAN MACIEJOWSKI Fault- tolerant control. DPS09,

FAULT-TOLERANT CONTROL Is it possible? JAN MACIEJOWSKI Fault- tolerant control. DPS09,

FAULT-TOLERANT CONTROL Is it possible? JAN MACIEJOWSKI Fault- tolerant control. DPS09, Gdask Canonical Control Engineering Problem Disturbance Controlled output Set-point Filter Controller Plant Sensor Noise This problem is

639 views • 29 slides
Adaptive Fault Tolerant Systems: Adaptive Fault Tolerant Systems: Reflective Design and

Adaptive Fault Tolerant Systems: Adaptive Fault Tolerant Systems: Reflective Design and

1 Adaptive Fault Tolerant Systems: Adaptive Fault Tolerant Systems: Reflective Design and Validation Reflective Design and Validation Marc-Olivier Killijian Dependable Computing and Fault Tolerance Research Group Toulouse - France 2

865 views • 50 slides
Overview Introduction and basic concept ECE 753: FAULT-TOLERANT Fault model and fault

Overview Introduction and basic concept ECE 753: FAULT-TOLERANT Fault model and fault

4/1/2014 Overview Introduction and basic concept ECE 753: FAULT-TOLERANT Fault model and fault coverage COMPUTING Checkpointing and backward error recovery (rollback) Kewal K.Saluja General principles General principles

259 views • 3 slides
Fault-Tolerant Data Collection in Fault-Tolerant Data Collection in Heterogeneous Intelligent

Fault-Tolerant Data Collection in Fault-Tolerant Data Collection in Heterogeneous Intelligent

Fault-Tolerant Data Collection in Fault-Tolerant Data Collection in Heterogeneous Intelligent Monitoring Networks Networks Heterogeneous Intelligent Monitoring Jing Deng Department of Computer Science University of North Carolina at

335 views • 18 slides
A Fault-Tolerant Alternative to Lockstep Triple Modular Redundancy Andrew L. Baldwin, BS 09,

A Fault-Tolerant Alternative to Lockstep Triple Modular Redundancy Andrew L. Baldwin, BS 09,

A Fault-Tolerant Alternative to Lockstep Triple Modular Redundancy Andrew L. Baldwin, BS 09, MS 12 W. Robert Daasch, Professor Integrated Circuits Design and Test Laboratory Problem Statement In a fault tolerant system containing

478 views • 35 slides
A Self-Stabilizing Hybrid Fault-Tolerant Synchronization Protocol Mahyar R. Malekpour

A Self-Stabilizing Hybrid Fault-Tolerant Synchronization Protocol Mahyar R. Malekpour

Langley Research Center A Self-Stabilizing Hybrid Fault-Tolerant Synchronization Protocol Mahyar R. Malekpour NASA-Langley Research Center mahyar.r.malekpour@nasa.gov +1 757-864-1513 http://shemesh.larc.nasa.gov/people/mahyar.htm Langley

241 views • 20 slides
Overview ECE 753: FAULT-TOLERANT Fault Modeling COMPUTING References Introduction

Overview ECE 753: FAULT-TOLERANT Fault Modeling COMPUTING References Introduction

1/21/2014 Overview ECE 753: FAULT-TOLERANT Fault Modeling COMPUTING References Introduction Kewal K.Saluja Kewal K Saluja Fault models at different levels (HW) Department of Electrical and Computer Engineering Error

304 views • 5 slides
1 What makes consensus hard? Fischer, Lynch and Patterson Fundamentally, the issue revolves

1 What makes consensus hard? Fischer, Lynch and Patterson Fundamentally, the issue revolves

Consensus a classic problem Consensus, impossibility Consensus abstraction underlies many results and Paxos distributed systems and protocols N processes They start execution with inputs { 0,1} Ken Birman Asynchronous,

255 views • 8 slides
4/22/2009 Designing highly available systems Incorporate elements of fault-tolerant design

4/22/2009 Designing highly available systems Incorporate elements of fault-tolerant design

4/22/2009 Designing highly available systems Incorporate elements of fault-tolerant design Replication, TMR Distributed Systems Fully fault tolerant system will offer non-stop availability Clusters You cant achieve this! Problem:

458 views • 11 slides
Verification and Validation of a Verification and Validation of a Fault- -Tolerant Architectural

Verification and Validation of a Verification and Validation of a Fault- -Tolerant Architectural

Verification and Validation of a Verification and Validation of a Fault- -Tolerant Architectural Abstraction Tolerant Architectural Abstraction Fault Patrick H. S. Brito - Unicamp, Brazil Rogrio de Lemos - University of Kent, UK Eliane

381 views • 21 slides
REVIEW OF FAULT TOLERANT TECHNIQUES FOR DIFFERENT TYPES OF GRAPHS BY- HATEM NASSRAT TARAK

REVIEW OF FAULT TOLERANT TECHNIQUES FOR DIFFERENT TYPES OF GRAPHS BY- HATEM NASSRAT TARAK

REVIEW OF FAULT TOLERANT TECHNIQUES FOR DIFFERENT TYPES OF GRAPHS BY- HATEM NASSRAT TARAK SHINGNE Outline General view of Fault Tolerance Ft-Design approaches Trees Meshes &amp; Hypercubes conclusion Introduction Fault

584 views • 44 slides
Idealised Fault Tolerant Idealised Fault Tolerant Architectural Element Architectural Element

Idealised Fault Tolerant Idealised Fault Tolerant Architectural Element Architectural Element

Idealised Fault Tolerant Idealised Fault Tolerant Architectural Element Architectural Element Rog rio rio de Lemos de Lemos Rog University of Kent, UK University of Kent, UK Motivation architectural fault tolerance; iFTE

350 views • 16 slides
Fault-Tolerant Distributed Optimization Lili Su, Arun Padakandla, Qiong Hu, Seyyed A. Fatemi,

Fault-Tolerant Distributed Optimization Lili Su, Arun Padakandla, Qiong Hu, Seyyed A. Fatemi,

Fault-Tolerant Distributed Optimization Lili Su, Arun Padakandla, Qiong Hu, Seyyed A. Fatemi, Rehana Mahfuz, Vidyasagar Sadhu CSOI-Data Science Workshop May 27th, 2016 Lili Su et al. (SOI-DSWKSP) Fault-tolerant distributed optimization May

854 views • 6 slides
Hybrid Consensus: Efficient Consensus in the Permissionless Model Rafael Pass and Elaine Shi

Hybrid Consensus: Efficient Consensus in the Permissionless Model Rafael Pass and Elaine Shi

Hybrid Consensus: Efficient Consensus in the Permissionless Model Rafael Pass and Elaine Shi IC3 1 Blockchains Satoshi Nakamoto, 2009 Public database Shared &amp; maintained between network participants Blockchain agreement protocol

296 views • 15 slides
Distributed Systems 5. Fault Tolerant Systems Fault-Tolerance - 1 Lszl Bszrmnyi

Distributed Systems 5. Fault Tolerant Systems Fault-Tolerance - 1 Lszl Bszrmnyi

Distributed Systems 5. Fault Tolerant Systems Fault-Tolerance - 1 Lszl Bszrmnyi Distributed Systems Fault tolerance A system or a component fails due to a fault Fault tolerance means that the system continues to provide its

428 views • 40 slides
Fault Tolerant Communication in 3D Integrated Systems Vladimir Pasca , Lorena Anghel, Mounir

Fault Tolerant Communication in 3D Integrated Systems Vladimir Pasca , Lorena Anghel, Mounir

Fault Tolerant Communication in 3D Integrated Systems Vladimir Pasca , Lorena Anghel, Mounir Benabdenbi TIMA Laboratory Outline 3D Integration Opportunities Challenges and Solutions Fault Tolerant Communication in 3D Systems

516 views • 24 slides

More recommend