internet level consensus is practical
play

Internet-level consensus is practical David Mazires IETF98 - PowerPoint PPT Presentation

Feb 07, 2024 •408 likes •897 views

Internet-level consensus is practical David Mazires IETF98 Thursday, March 30, 2017 Disjunctive vs. conjunctive security We ofen require that one CA or one CT log endorse something Todays talk: what if you want all CAs or all logs to

  1. Internet-level consensus is practical David Mazières IETF98 Thursday, March 30, 2017

  2. Disjunctive vs. conjunctive security We ofen require that one CA or one CT log endorse something Today’s talk: what if you want all CAs or all logs to agree? - Who are “all” CAs or logs? E.g., 180+ Mozilla CAs w. 65+ owners? - Different OS distributions ship different variants of root CA set - Some organizations use in-house CAs that aren’t globally trusted This is the Internet-level consensus (ILC) problem 2 / 27

  3. Outline Motivation Consensus background Federated Byzantine Agreement (FBA) The Stellar consensus protocol (SCP) 3 / 27

  4. Consensus: The key to replication op 1 op 2 op 3 op 4 op 5 op 6 op 7 . . . v 1 v 2 v 3 Consensus keeps replicated data structures in sync - All nodes agree on initial state + series of operations on state Internet-level consensus makes history resistant to tampering - If “whole Internet” agrees on op 7 , can’t pretend it didn’t happen - Provides secure ordering of operations - Preserves invariants through well-formed updates Particularly powerful for replicating verifiable data structures - Huge data collections permitting concise proofs of individual elements 4 / 27

  5. Application 1: Global timestamp service Suppose you want to obtain secure document timestamps Idea: Generalize CT logging to leverage logs for other purposes Which log to use? - Different people will trust different logs - Might not know in advance to whom you’ll need to prove timestamp What if your log proves untrustworthy? Using ILC for timestamps would avoid this problem 5 / 27

  6. Application 1: Global timestamp service Suppose you want to obtain secure document timestamps Idea: Generalize CT logging to leverage logs for other purposes Which log to use? - Different people will trust different logs - Might not know in advance to whom you’ll need to prove timestamp What if your log proves untrustworthy? Using ILC for timestamps would avoid this problem 5 / 27

  7. Application 2: Sofware transparency EXPLOIT Many package managers install digitally signed sofware But really want two guarantees beyond signatures for packages: 1. You are installing the same public sofware as everyone else (not some “special” version signed by a compromised author/vendor) 2. It’s not an old version with known vulnerabilities Again, ILC can solve these problems [SPAM] - Guarantee installed sofware has been publicly available for audit - Guarantee author has not published revocation for version 6 / 27

  8. Application 3: Internet payments Suppose you want to send a dollar over the Internet May require transaction across multiple financial institutions - ILC can make such transactions secure and atomic - Even across institutions with no prior relationship or trust Technique in production use today by Stellar payment network 7 / 27

  9. Internet payments (continued) Offeror Bid Ask bank 4 300 NGN@bank 4 0.93 EUR@bank 3 has account at has account at has account at 1.00 USD 0.93 EUR how? 0.93 EUR bank 1 bank 2 bank 3 bank 4 Say you want to send $1 from US bank 1 to Nigerian bank 4 bank 4 may have a nostro account at some European bank 3 - Offers 300 NGN in exchange for 0.93 EUR on deposit at bank 3 Some bank 2 may have nostro accounts at bank 1 and bank 3 - Offers 0.93 EUR at bank 3 in exchange for 1.00 USD at bank 1 ILC makes this whole transaction atomic and irreversible 8 / 27

  10. Internet payments (continued) Offeror Bid Ask bank 4 300 NGN@bank 4 0.93 EUR@bank 3 has account at has account at has account at 1.00 USD 0.93 EUR how? 0.93 EUR bank 1 bank 2 bank 3 bank 4 Say you want to send $1 from US bank 1 to Nigerian bank 4 bank 4 may have a nostro account at some European bank 3 - Offers 300 NGN in exchange for 0.93 EUR on deposit at bank 3 Some bank 2 may have nostro accounts at bank 1 and bank 3 - Offers 0.93 EUR at bank 3 in exchange for 1.00 USD at bank 1 ILC makes this whole transaction atomic and irreversible 8 / 27

  11. Internet payments (continued) Offeror Bid Ask bank 4 300 NGN@bank 4 0.93 EUR@bank 3 bank 2 0.93 EUR@bank 3 1.00 USD@bank 1 has account at has account at has account at 1.00 USD 0.93 EUR how? 0.93 EUR bank 1 bank 2 bank 3 bank 4 Say you want to send $1 from US bank 1 to Nigerian bank 4 bank 4 may have a nostro account at some European bank 3 - Offers 300 NGN in exchange for 0.93 EUR on deposit at bank 3 Some bank 2 may have nostro accounts at bank 1 and bank 3 - Offers 0.93 EUR at bank 3 in exchange for 1.00 USD at bank 1 ILC makes this whole transaction atomic and irreversible 8 / 27

  12. Internet payments (continued) Offeror Bid Ask bank 4 300 NGN@bank 4 0.93 EUR@bank 3 bank 2 0.93 EUR@bank 3 1.00 USD@bank 1 has account at has account at has account at 1.00 USD 0.93 EUR how? 0.93 EUR bank 1 bank 2 bank 3 bank 4 Say you want to send $1 from US bank 1 to Nigerian bank 4 bank 4 may have a nostro account at some European bank 3 - Offers 300 NGN in exchange for 0.93 EUR on deposit at bank 3 Some bank 2 may have nostro accounts at bank 1 and bank 3 - Offers 0.93 EUR at bank 3 in exchange for 1.00 USD at bank 1 ILC makes this whole transaction atomic and irreversible 8 / 27

  13. Without ILC, failure poses problems commit commit commit 1.00 USD 0.93 EUR 0.93 EUR L L I I A A bank 1 bank 2 bank 3 bank 4 F F What if some bank(s) disappear mid-transaction? - Don’t know whether or when missing banks will come back online... - Other banks’ funds tied up pending transaction resolution What if bank 2 lies and changes vote? Or colludes with bank 4 ? - Convince bank 1 of commit and bank 3 of abort = ⇒ steal money bank 2 shouldn’t be able to cause such issues - Other banks only know it as a customer, should limit trust ILC leverages global set of participants to solve problem - Even if bank 2 and bank 4 are evil, ILC can commit transaction and order it before malicious transactions cooked up by bad banks 9 / 27

  14. Without ILC, failure poses problems commit commit abort commit commit 1.00 USD 0.93 EUR 0.93 EUR L L I I V V bank 1 bank 2 bank 3 bank 4 E E What if some bank(s) disappear mid-transaction? - Don’t know whether or when missing banks will come back online... - Other banks’ funds tied up pending transaction resolution What if bank 2 lies and changes vote? Or colludes with bank 4 ? - Convince bank 1 of commit and bank 3 of abort = ⇒ steal money bank 2 shouldn’t be able to cause such issues - Other banks only know it as a customer, should limit trust ILC leverages global set of participants to solve problem - Even if bank 2 and bank 4 are evil, ILC can commit transaction and order it before malicious transactions cooked up by bad banks 9 / 27

  15. Outline Motivation Consensus background Federated Byzantine Agreement (FBA) The Stellar consensus protocol (SCP) 10 / 27

  16. The consensus problem messages v 3 v 1 v 2 in: 3 in: 9 in: 7 out: out: out: Goal: For multiple agents to agree on an output value Each agent starts with an input value - Typically a candidate for the n th op. in a replicated log Agents communicate following some consensus protocol - Use protocol to agree on one of the agent’s input values Once decided, agents output the chosen value - Output is write-once (an agent cannot change its value) 11 / 27

  17. The consensus problem messages v 3 v 1 v 2 in: 3 in: 9 in: 7 out: out: out: Goal: For multiple agents to agree on an output value Each agent starts with an input value - Typically a candidate for the n th op. in a replicated log Agents communicate following some consensus protocol - Use protocol to agree on one of the agent’s input values Once decided, agents output the chosen value - Output is write-once (an agent cannot change its value) 11 / 27

  18. The consensus problem messages v 3 v 1 v 2 in: 3 in: 9 in: 7 out: 9 out: 9 out: 9 Goal: For multiple agents to agree on an output value Each agent starts with an input value - Typically a candidate for the n th op. in a replicated log Agents communicate following some consensus protocol - Use protocol to agree on one of the agent’s input values Once decided, agents output the chosen value - Output is write-once (an agent cannot change its value) 11 / 27

  19. Properties of a consensus protocol A consensus protocol provides safety iff... - All outputs produced have the same value ( agreement ), and - The output value equals one of the agents’ inputs ( validity ) A consensus protocol provides liveness iff... - Eventually non-faulty agents output a value ( termination ) A consensus protocol provides fault tolerance iff... - It can recover from the failure of an agent at any point - Fail-stop protocols handle agent crashes - Byzantine-fault-tolerant protocols handle arbitrary agent behavior Theorem (FLP impossibility result) No deterministic consensus protocol can guarantee all three of safety, liveness, and fault tolerance in an asynchronous system. Safe+fault-tolerant protocols may terminate in practice 12 / 27

  20. Byzantine agreement Quorum A Quorum B v N − T v T − 1 v N − 1 v 0 . . . . . . . . . 2 T − N N − T Byzantine agreement is one practical solution to consensus - Requires participation of a quorum of T out of N nodes - Faulty nodes may maliciously send contradictory messages Safety requires: # failures ≤ f S = 2 T − N − 1 - Hence, any two quorums share a non-faulty node, can’t lose history Liveness requires at least 1 quorum: # failures ≤ f L = N − T Typically N = 3 f + 1 and T = 2 f + 1 to tolerate f S = f L = f failures The problem: politically, can’t enumerate the N nodes of Internet 13 / 27

Recommend

Consensus and Dissent or: Meta - Consensus Consensus about what we have consensus

Consensus and Dissent or: Meta - Consensus Consensus about what we have consensus

Consensus and Dissent or: Meta - Consensus Consensus about what we have consensus on Building on Bitcoin Lisboa, Portugal -- 4 July 2018 Paul Sztorc Twitter: @truthcoin paul@tierion.com 16C8 1597 E76E 86E6 C01E F037 AA4B 3330

619 views • 37 slides
Consensus or Controversy? Investigator Perspectives on Practical Issues and Research Questions in

Consensus or Controversy? Investigator Perspectives on Practical Issues and Research Questions in

Consensus or Controversy? Investigator Perspectives on Practical Issues and Research Questions in Multiple Myeloma Friday, December 6, 2013 6:30 PM - 9:00 PM New Orleans, Louisiana Moderator Neil Love, MD Faculty Amrita Krishnan, MD

601 views • 44 slides
Consensus or Controversy? Investigator Perspectives on Practical Issues and Research Questions in

Consensus or Controversy? Investigator Perspectives on Practical Issues and Research Questions in

Consensus or Controversy? Investigator Perspectives on Practical Issues and Research Questions in Non-Hodgkin Lymphoma Friday, December 6, 2013 1:00 PM - 3:30 PM New Orleans, Louisiana Moderator Neil Love, MD Faculty Brad S Kahl, MD

453 views • 34 slides
Consensus Building Consensus is Consensus is finding an acceptable proposal that all members

Consensus Building Consensus is Consensus is finding an acceptable proposal that all members

Consensus Building Consensus is Consensus is finding an acceptable proposal that all members can support. Consensus is not A unanimous vote A majority vote Everyone 100% satisfied Consensus requires Time Active

351 views • 7 slides
Distributed Algorithms (PhD course) Consensus SARDAR MUHAMMAD SULAMAN Consensus The

Distributed Algorithms (PhD course) Consensus SARDAR MUHAMMAD SULAMAN Consensus The

Distributed Algorithms (PhD course) Consensus SARDAR MUHAMMAD SULAMAN Consensus The processes use consensus to agree on a common value out of values they initially propose Reaching consensus is one of the most fundamental problems in

591 views • 38 slides
1 What makes consensus hard? Fischer, Lynch and Patterson Fundamentally, the issue revolves

1 What makes consensus hard? Fischer, Lynch and Patterson Fundamentally, the issue revolves

Consensus a classic problem Consensus, impossibility Consensus abstraction underlies many results and Paxos distributed systems and protocols N processes They start execution with inputs { 0,1} Ken Birman Asynchronous,

255 views • 8 slides
When Aeron Met Raft Martin Thompson - @mjpt777 What does Consensus mean? consensus

When Aeron Met Raft Martin Thompson - @mjpt777 What does Consensus mean? consensus

Cluster Consensus When Aeron Met Raft Martin Thompson - @mjpt777 What does Consensus mean? consensus noun \ k n- sen(t)-s s \ : general agreement : unanimity Source: http://www.merriam-webster.com/ consensus noun \ k

1.14k views • 68 slides
A Study on Traceroute Potentiality in Revealing the Internet AS-level Topology V. Luconi A.

A Study on Traceroute Potentiality in Revealing the Internet AS-level Topology V. Luconi A.

A Study on Traceroute Potentiality in Revealing the Internet AS-level Topology V. Luconi A. Faggiani, E. Gregori, A. Improta, L. Lenzini , L. Sani IFIP Networking 2014 Conference - Trondheim - June 3rd, 2014 Outline The Internet AS-level

784 views • 46 slides
CONSENSUS Fall 2012 Ken Birman Consensus a classic problem Consensus abstraction underlies

CONSENSUS Fall 2012 Ken Birman Consensus a classic problem Consensus abstraction underlies

IMPOSSIBILITY OF CONSENSUS Fall 2012 Ken Birman Consensus a classic problem Consensus abstraction underlies many distributed systems and protocols N processes They start execution with inputs {0,1} Asynchronous,

511 views • 35 slides
Internet Overview Linking the world one computer at a time Unit Objectives: What is the

Internet Overview Linking the world one computer at a time Unit Objectives: What is the

Internet Overview Linking the world one computer at a time Unit Objectives: What is the Internet Features of the Internet Connecting from your home and public places Web browsers Practical uses of the Internet Internet

415 views • 14 slides
Lecture 21: Consensus - 1 1 Consensus is agreement. A question is seen as settled. Sometimes a

Lecture 21: Consensus - 1 1 Consensus is agreement. A question is seen as settled. Sometimes a

HPSC 1001/1901/2101/2901 WHAT IS THIS THING CALLED SCIENCE? Semester 2, 2020 Lecture 21: Consensus - 1 1 Consensus is agreement. A question is seen as settled. Sometimes a topic is no longer discussed, as the evidence is agreed to be

456 views • 33 slides
Higher Level Synchronization 9A. Practical Problems locking and waiting Operating Systems

Higher Level Synchronization 9A. Practical Problems locking and waiting Operating Systems

4/24/2016 Higher Level Synchronization 9A. Practical Problems locking and waiting Operating Systems Principles 9B. Semaphores and Condition Variables 9C. File Level Locking Higher Level Synchronization 9D. Bottlenecks, Contention and

206 views • 7 slides
Robust Pseudonymous Identity for the Internet (A Practical Username & Password Replacement) S

Robust Pseudonymous Identity for the Internet (A Practical Username & Password Replacement) S

Robust Pseudonymous Identity for the Internet (A Practical Username & Password Replacement) S Q R L S ecure Q uick R eliable L ogin A simple, straightforward, open, intellectual property unencumbered, easily explained, provably secure,

898 views • 41 slides
Consensus in Distributed Systems Jeff Chase Duke University Consensus P 1 P 1 v 1 d 1

Consensus in Distributed Systems Jeff Chase Duke University Consensus P 1 P 1 v 1 d 1

Consensus in Distributed Systems Jeff Chase Duke University Consensus P 1 P 1 v 1 d 1 Unreliable Consensus multicast algorithm P 2 P 3 P 2 P 3 v 2 d 2 v 3 d 3 Step 1 Step 2 Propose. Decide. Generalizes to N nodes/processes.

334 views • 10 slides
Compromise, Consensus, and System-ness: Developing a Community Crisis Standards of

Compromise, Consensus, and System-ness: Developing a Community Crisis Standards of

Compromise, Consensus, and System-ness: Developing a Community Crisis Standards of Care Policy in Light of Competing Ethical and Practical Commitments Patrick McCruden, DBe, MTS, HEC-C Chief Mission Integration Officer-SSM Health

262 views • 4 slides
Internet Protocol (IP) Internet Protocol (IP) TCP versus UDP TCP versus UDP Low Low-

Internet Protocol (IP) Internet Protocol (IP) TCP versus UDP TCP versus UDP Low Low-

Special Course on Networked Virtual January 30, 2004 Environments Internet Protocol (IP) Internet Protocol (IP) TCP versus UDP TCP versus UDP Low Low- -level protocols used by hosts and routers level protocols used by hosts and routers

275 views • 5 slides
Distributed Algorithms (PhD course) Consensus SARDAR MUHAMMAD SULAMAN Consensus (Recapitulation)

Distributed Algorithms (PhD course) Consensus SARDAR MUHAMMAD SULAMAN Consensus (Recapitulation)

Distributed Algorithms (PhD course) Consensus SARDAR MUHAMMAD SULAMAN Consensus (Recapitulation) A consensus abstraction is specified in terms of two events: 1. Propose ( propose | v ) Each process has an initial value v that it proposes

636 views • 45 slides
The Internet Structure routers 1 The Internet Structure The AS graph The Internet Structure The

The Internet Structure routers 1 The Internet Structure The AS graph The Internet Structure The

DIMES DIMES Distributed Internet MEasurement and Simulation Yuval Shavitt shavitt@eng.tau.ac.il http://www.netdimes.org The Internet Structure routers 1 The Internet Structure The AS graph The Internet Structure The AS graph The PoP level

382 views • 21 slides
Effect of Classifiers in Consensus Feature Ranking for Biomedical Datasets Dimension Reduction

Effect of Classifiers in Consensus Feature Ranking for Biomedical Datasets Dimension Reduction

Shobeir Fakhraei, Hamid Soltanian-Zadeh, Farshad Fotouhi, Kost Elisevich Effect of Classifiers in Consensus Feature Ranking for Biomedical Datasets Dimension Reduction Prediction accuracy of practical machine learning algorithms degrades

510 views • 22 slides
Consensus: Paxos Haobin Ni Oct 22, 2018 What is consensus? A group of people go to the same

Consensus: Paxos Haobin Ni Oct 22, 2018 What is consensus? A group of people go to the same

Consensus: Paxos Haobin Ni Oct 22, 2018 What is consensus? A group of people go to the same place for the same meal. A set of nodes have the same value for the same variable. X=7 X=7 X=7 Why is it important? In state machine replication

1.1k views • 46 slides
FLP Impossibility & Weakest Failure Detector Consensus Protocols in Theory Philip Daian -

FLP Impossibility & Weakest Failure Detector Consensus Protocols in Theory Philip Daian -

FLP Impossibility & Weakest Failure Detector Consensus Protocols in Theory Philip Daian - 10/25 slides influenced by Birman FA12 slides Consensus! Courtesy of https://rethinkdb.com Consensus Example Clients Storage Leader Consensus

1.53k views • 78 slides
Consensus Variants Usman Mazhar Mirza 6/17/2013 1 Consensus Variants In the variants we

Consensus Variants Usman Mazhar Mirza 6/17/2013 1 Consensus Variants In the variants we

Consensus Variants Usman Mazhar Mirza 6/17/2013 1 Consensus Variants In the variants we consider here, just like in consensus, the processes need to make consistent decisions, such as agreeing on one common value. Most of the

590 views • 35 slides
Proof of Luck: an Efficient Blockchain Consensus Protocol Mitar Milutinovic, Warren He, Howard

Proof of Luck: an Efficient Blockchain Consensus Protocol Mitar Milutinovic, Warren He, Howard

Proof of Luck: an Efficient Blockchain Consensus Protocol Mitar Milutinovic, Warren He, Howard Wu, Maxinder Kanwal Outline Background: blockchains, consensus, and SGX Existing consensus mechanisms Our paper: 3 basic consensus primitives Proof

527 views • 50 slides
Consensus vanilladb.org Consensus Uses: bebBroadcast PerfectFailureDetection

Consensus vanilladb.org Consensus Uses: bebBroadcast PerfectFailureDetection

Consensus vanilladb.org Consensus Uses: bebBroadcast PerfectFailureDetection Properties Termination Every correct process eventually decides some value. Validity If a process decides v , then v was proposed by some

464 views • 21 slides

More recommend