making byzantine fault tolerant systems tolerate
play

Making Byzantine Fault Tolerant Systems Tolerate Byzantine - PowerPoint PPT Presentation

Jan 27, 2024 •15 likes •655 views

Making Byzantine Fault Tolerant Systems Tolerate Byzantine Failures Allen Clement, Mirco Marchetti, Edmund Wong Lorenzo Alvisi, Mike Dahlin BFT Systems PBFT [OSDI 98] Attested Append Only Memory [SOSP 07] HQ [OSDI 06] Beyond 1/3 Faulty in

  1. Making Byzantine Fault Tolerant Systems Tolerate Byzantine Failures Allen Clement, Mirco Marchetti, Edmund Wong Lorenzo Alvisi, Mike Dahlin

  2. BFT Systems PBFT [OSDI 98] Attested Append Only Memory [SOSP 07] HQ [OSDI 06] Beyond 1/3 Faulty in BFT [SOSP 07] Zyzzyva [SOSP 07] BASE [OSDI 02] HT BFT [DSN 04] SafeStore [USENIX 07] QU [SOSP 05] Separating Agreement from BFT Under Attack [NSDI 08] Execution [SOSP 03] Commit Barrier Scheduling SUNDR [OSDI 04] [SOSP 07] ... Low Overhead BFT [SOSP 07]

  3. System Throughput Best Faulty Client Faulty Faulty Case Client Flood Primary Replica PBFT 62k 0 crash 1K 250 Q/U 24k 0 crash NA 19k HQ 15k NA 4.5k NA crash Zyzzyva 65k 0 crash crash 0 ops/sec

  4. System Throughput Best Faulty Client Faulty Faulty Case Client Flood Primary Replica PBFT 62k 0 crash 1K 250 Q/U 24k 0 crash NA 19k HQ 15k NA 4.5k NA crash Zyzzyva 65k 0 crash crash 0 ops/sec

  5. System Throughput Best Faulty Client Faulty Faulty Case Client Flood Primary Replica PBFT 62k 0 crash 1K 250 Q/U 24k 0 crash NA 19k HQ 15k NA 4.5k NA crash Zyzzyva 65k 0 crash crash 0 Aardvark 39k 39k 7 .8k 37k 11k ops/sec

  6. Outline Robust BFT: The case for a new goal Aardvark: Designing for RBFT Evaluation: RBFT in action

  7. Paved with good intentions No BFT protocol should rely on synchrony for safety FLP: No consensus protocol can be both safe and live in an asynchronous system! All one can guarantee is eventual progress “Handle normal and worst case separately as a rule, because the requirements for the two are quite different: the normal case must be fast; the worst case must make some progress” -- Butler Lampson, “Hints for Computer System Design”

  8. Recasting the problem Maximize performance when the network is synchronous all clients and servers behave correctly While remaining safe if at most servers fails f eventually live

  9. Recasting the problem Misguided Dangerous Futile

  10. Recasting the problem Misguided it encourages systems that fail to deliver BFT Dangerous Futile

  11. Recasting the problem Misguided it encourages systems that fail to deliver BFT Dangerous it encourages fragile optimizations Futile

  12. Recasting the problem Misguided it encourages systems that fail to deliver BFT Dangerous it encourages fragile optimizations Futile it yields diminishing return on common case

  13. A New Goal Asynchronous Synchronous Failures No Failures No Failures

  14. A New Goal Asynchronous Synchronous Synchronous ? Failures Failures No Failures No Failures

  15. A New Goal Asynchronous Synchronous Failures Failures No Failures

  16. Robust BFT Maximize performance when the network is synchronous at most servers fail f While remaining safe if at most servers fail f eventually live

  17. Outline Robust BFT: The case for a new goal Aardvark: Designing for RBFT Evaluation: RBFT in action

  18. Protocol Structure Step 1 Step 2 Step 3 “Good” messages Computation steps “Bad” messages

  19. Fragile Optimizations

  20. Revisiting conventional wisdom Signatures are expensive - use MACs View changes are to be avoided � Hardware multicast is a boon

  21. Revisiting conventional wisdom Signatures are expensive - use MACs Faulty clients can use MACs to generate ambiguity Aardvark requires clients to sign requests View changes are to be avoided Hardware multicast is a boon

  22. Revisiting conventional wisdom Signatures are expensive - use MACs Faulty clients can use MACs to generate ambiguity Aardvark requires clients to sign requests View changes are to be avoided Aardvark uses regular view changes to maintain high throughput despite faulty primaries Hardware multicast is a boon

  23. Revisiting conventional wisdom Signatures are expensive - use MACs Faulty clients can use MACs to generate ambiguity Aardvark requires clients to sign requests View changes are to be avoided Aardvark uses regular view changes to maintain high throughput despite faulty primaries Hardware multicast is a boon Aardvark uses separate work queues for clients and individual replicas

  24. Big MAC Attack c

  25. Big MAC Attack c

  26. Big MAC Attack c

  27. Big MAC Attack c c c

  28. Big MAC Attack c c c

  29. Big MAC Attack

  30. Big MAC Attack c

  31. Big MAC Attack c

  32. Big MAC Attack c

  33. Big MAC Attack c c c

  34. Big MAC Attack c c c

  35. Big MAC Attack c c c c c c c c c c Faulty Client Faulty Primary

  36. Hybrid MAC/Signatures [ ] c

  37. Hybrid MAC/Signatures [ ] c request submission

  38. Hybrid MAC/Signatures The MAC is good. How is the signature? [ ] c request submission

  39. Hybrid MAC/Signatures c request submission

  40. Hybrid MAC/Signatures Signature is good too! c request submission

  41. Hybrid MAC/Signatures c request submission

  42. Hybrid MAC/Signatures c c c request primary submission orders request

  43. Hybrid MAC/Signatures c c c request primary submission orders request

  44. Hybrid MAC/Signatures c c c request primary submission orders request

  45. Signed Request Filtering Client Verify Verify Blacklist Blacklisted? MAC Signature Client Process Request

  46. Big MAC Attack PBFT request primary replicas agree on replicas respond submission orders the next request to the client request

  47. Big MAC Attack Zyzzyva execute the request request primary primary replicas agree on replicas respond submission orders orders the next request to the client request request

  48. Big MAC Attack Q/U execute the request “primary” orders request replicas agree on request replicas respond the next request submission to the client view change

  49. Big MAC Attack HQ execute the request request view replicas respond “primary” orders request submission change to the client replicas agree on the next request

  50. Slow Primary

  51. Slow Primary

  52. Slow Primary

  53. Adaptive View Changes Throughput Time Observed Throughput Required Throughput

  54. Adaptive View Changes Throughput Time Observed Throughput Required Throughput

  55. Adaptive View Changes Throughput Time Observed Throughput Required Throughput

  56. Adaptive View Changes Throughput Time Observed Throughput Required Throughput

  57. Implementation details Sign client requests Adaptive view change Separate network channels Fair scheduling clients -v- replicas replicas -v- replicas Exploit multicore architectures

  58. Outline Robust BFT: The case for a new goal Aardvark: Designing for RBFT Evaluation: RBFT can work

  59. Throughput -v- Latency 7 6 5 Latency (ms) 4 HQ Q/U Aardvark 3 PBFT Zyzzyva 2 1 0 0 10 20 30 40 50 60 70 80 Throughput (Kops/sec)

  60. Aardvark, Incrementally Adaptive MAC Client Sign Client View Request Request Change 62k 30k - PBFT 58k 39k 39k Aardvark

  61. Performance with failures Byzantine failures are arbitrary Good faith effort

  62. Big MAC Attack Faulty Peak Client 62k 0 PBFT 24k 0 Q/U 7 .6k - HQ 65k 0 Zyzzyva 39k 39k Aardvark

  63. Slow Primary 1ms 10ms 100ms Peak delay delay delay PBFT 62k 5k 5k 1k Zyzzyva 65k 28k 5k crash Aardvark 39k 38k 37k 38k

  64. Summary RBFT: a new goal for BFT systems Aardvark: rejecting conventional wisdom Evaluation: it works!

Recommend

Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults Dian Yu 1/16 Comparison with

Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults Dian Yu 1/16 Comparison with

Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults Dian Yu 1/16 Comparison with PBFT (Traditional BFT protocols) Similarities: Build practical Byzantine fault tolerance systems Protocol: Clients Primary Replicas

493 views • 18 slides
Distributed Systems Making Byzantine Fault-Tolerant Systems Tolerate Byzantine Faults Hubert

Distributed Systems Making Byzantine Fault-Tolerant Systems Tolerate Byzantine Faults Hubert

Distributed Systems Making Byzantine Fault-Tolerant Systems Tolerate Byzantine Faults Hubert Jaworski Byzantine system Copies of critical components Concurent replicas Response agreement Omission failure proof Robustness

660 views • 20 slides
Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults Xiaotian Zou, Lei Chu Outline

Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults Xiaotian Zou, Lei Chu Outline

Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults Xiaotian Zou, Lei Chu Outline - Introduction - System Model - Problem Recasting - Basic Structure - Protocol description - Analysis - Evaluation Introduction 1

715 views • 43 slides
BFTCBFTP: BYZANTINE-FAULT -TOLERANT CONSTRUCTION OF BFT PROTOCOLS EDWARD TREMEL SIGSEGV 2019

BFTCBFTP: BYZANTINE-FAULT -TOLERANT CONSTRUCTION OF BFT PROTOCOLS EDWARD TREMEL SIGSEGV 2019

BFTCBFTP: BYZANTINE-FAULT -TOLERANT CONSTRUCTION OF BFT PROTOCOLS EDWARD TREMEL SIGSEGV 2019 BYZANTINE FAULT TOLERANCE Long-standing problem in systems Byzantine (adj): excessively complicated, and typically involving a great deal of

685 views • 19 slides
Increasing Performance in Byzantine Fault-Tolerant Systems with On-Demand Replica Consistency

Increasing Performance in Byzantine Fault-Tolerant Systems with On-Demand Replica Consistency

Increasing Performance in Byzantine Fault-Tolerant Systems with On-Demand Replica Consistency Tobias Distler and R udiger Kapitza System Software Group Friedrich-Alexander University Erlangen-Nuremberg EuroSys April 11, 2011 supported by

620 views • 43 slides
Byzantine Fault Tolerant Systems Stefan Heinz Advanced Topics in Distributed Computing Ph. D.

Byzantine Fault Tolerant Systems Stefan Heinz Advanced Topics in Distributed Computing Ph. D.

Byzantine Fault Tolerant Systems Stefan Heinz Advanced Topics in Distributed Computing Ph. D. Petr Kuznetsov WS 07/08 Stefan Heinz, WS 07/08 Farsite Federated, Available and Reliable Storage for an Incompletely Trusted Environment Adya et

710 views • 57 slides
Low-Latency Network-Scalable Byzantine Fault-Tolerant Replication 12th EuroSys Doctoral Workshop

Low-Latency Network-Scalable Byzantine Fault-Tolerant Replication 12th EuroSys Doctoral Workshop

Low-Latency Network-Scalable Byzantine Fault-Tolerant Replication 12th EuroSys Doctoral Workshop (EuroDW 2018) Ines Messadi, TU Braunschweig, Germany, 2018-04-23 New PhD student (Second month) in the distributed systems group Research area:

831 views • 13 slides
Performance of UDP-based Byzantine Fault Tolerant Consensus Final talk for the Bachelors

Performance of UDP-based Byzantine Fault Tolerant Consensus Final talk for the Bachelors

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Performance of UDP-based Byzantine Fault Tolerant Consensus Final talk for the Bachelors Thesis by Lucas Mair advised by Richard von Seck,

523 views • 36 slides
Generating a Family of Byzantine- Fault-Tolerant Protocol Implementations Using a Meta- Model

Generating a Family of Byzantine- Fault-Tolerant Protocol Implementations Using a Meta- Model

Generating a Family of Byzantine- Fault-Tolerant Protocol Implementations Using a Meta- Model Architecture Graham Kirby, Alan Dearle & Stuart Norcross School of Computer Science, University of St Andrews A Finite State Machine WADS 2007

599 views • 20 slides
Adaptive Fault Tolerant Systems: Adaptive Fault Tolerant Systems: Reflective Design and

Adaptive Fault Tolerant Systems: Adaptive Fault Tolerant Systems: Reflective Design and

1 Adaptive Fault Tolerant Systems: Adaptive Fault Tolerant Systems: Reflective Design and Validation Reflective Design and Validation Marc-Olivier Killijian Dependable Computing and Fault Tolerance Research Group Toulouse - France 2

865 views • 50 slides
MochiDB: A Byzantine Fault Tolerant Datastore Tigran Tsaturyan Saravanan Dhakshinamurthy 1. BFT

MochiDB: A Byzantine Fault Tolerant Datastore Tigran Tsaturyan Saravanan Dhakshinamurthy 1. BFT

MochiDB: A Byzantine Fault Tolerant Datastore Tigran Tsaturyan Saravanan Dhakshinamurthy 1. BFT KeyValue datastore (read(k), write(k,v), delete(k)) 2. Consistent 3. Supports transactions Description 4. In-built sharding 5. Optimized for

336 views • 12 slides
Fault-tolerant techniques Fault-tolerant techniques What causes component faults? What are the

Fault-tolerant techniques Fault-tolerant techniques What causes component faults? What are the

EDA421/DIT171 - Parallel and Distributed Real-Time Systems, Chalmers/GU, 2011/2012 Lecture #14 Updated May 2, 2012 Fault-tolerant techniques Fault-tolerant techniques What causes component faults? What are the effects if the

374 views • 9 slides
Federated Byzantine Quorum Systems lvaro Garca-Prez and Alexey Gotsman IMDEA Software

Federated Byzantine Quorum Systems lvaro Garca-Prez and Alexey Gotsman IMDEA Software

Federated Byzantine Quorum Systems lvaro Garca-Prez and Alexey Gotsman IMDEA Software Institute Blockchains Append-only, distributed ledger. Uses a Byzantine fault-tolerant (BFT) consensus algorithm to ensure that distributed nodes

1.12k views • 84 slides
4/22/2009 Designing highly available systems Incorporate elements of fault-tolerant design

4/22/2009 Designing highly available systems Incorporate elements of fault-tolerant design

4/22/2009 Designing highly available systems Incorporate elements of fault-tolerant design Replication, TMR Distributed Systems Fully fault tolerant system will offer non-stop availability Clusters You cant achieve this! Problem:

458 views • 11 slides
Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault

Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault

Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault tolerant programming are: Fault Detection - Knowing that a fault exists Fault Recovery - having atomic instructions that can be rolled back in

361 views • 18 slides
Distributed Systems 5. Fault Tolerant Systems Fault-Tolerance - 1 Lszl Bszrmnyi

Distributed Systems 5. Fault Tolerant Systems Fault-Tolerance - 1 Lszl Bszrmnyi

Distributed Systems 5. Fault Tolerant Systems Fault-Tolerance - 1 Lszl Bszrmnyi Distributed Systems Fault tolerance A system or a component fails due to a fault Fault tolerance means that the system continues to provide its

428 views • 40 slides
FAULT-TOLERANT CONTROL Is it possible? JAN MACIEJOWSKI Fault- tolerant control. DPS09,

FAULT-TOLERANT CONTROL Is it possible? JAN MACIEJOWSKI Fault- tolerant control. DPS09,

FAULT-TOLERANT CONTROL Is it possible? JAN MACIEJOWSKI Fault- tolerant control. DPS09, Gdask Canonical Control Engineering Problem Disturbance Controlled output Set-point Filter Controller Plant Sensor Noise This problem is

639 views • 29 slides
Fault Tolerant Communication in 3D Integrated Systems Vladimir Pasca , Lorena Anghel, Mounir

Fault Tolerant Communication in 3D Integrated Systems Vladimir Pasca , Lorena Anghel, Mounir

Fault Tolerant Communication in 3D Integrated Systems Vladimir Pasca , Lorena Anghel, Mounir Benabdenbi TIMA Laboratory Outline 3D Integration Opportunities Challenges and Solutions Fault Tolerant Communication in 3D Systems

516 views • 24 slides
Real-Time Applications Tolerant: can tolerate occasional loss of data. Intolerant: cannot tolerate

Real-Time Applications Tolerant: can tolerate occasional loss of data. Intolerant: cannot tolerate

Real-Time Applications Tolerant: can tolerate occasional loss of data. Intolerant: cannot tolerate such losses. Delay-adaptive: applications that can adjust their playback point (delay or advance over time). Rate-adaptive: can alter the bit rate

218 views • 21 slides
Yee Jiun Song i S Cornell University. CS5410 Fall 2008. Fault Tolerant Systems By now,

Yee Jiun Song i S Cornell University. CS5410 Fall 2008. Fault Tolerant Systems By now,

Yee Jiun Song i S Cornell University. CS5410 Fall 2008. Fault Tolerant Systems By now, probably obvious that systems reliability/availability is a key concern Downtime is expensive Replication is a general technique for providing fault

844 views • 34 slides
Byzantine Fault Tolerance CS 240: Computing Systems and Concurrency Lecture 11 Marco Canini

Byzantine Fault Tolerance CS 240: Computing Systems and Concurrency Lecture 11 Marco Canini

Byzantine Fault Tolerance CS 240: Computing Systems and Concurrency Lecture 11 Marco Canini Credits: Michael Freedman and Kyle Jamieson developed much of the original material. So far: Fail-stop failures Traditional state machine

989 views • 41 slides
Practical Byzantine Fault Tolerance (Miguel Castro, Barbara Liskov) presented by Bjoern Doebel

Practical Byzantine Fault Tolerance (Miguel Castro, Barbara Liskov) presented by Bjoern Doebel

Faculty of Computer Science Institute for System Architecture, Operating Systems Group Practical Byzantine Fault Tolerance (Miguel Castro, Barbara Liskov) presented by Bjoern Doebel Dresden, 2008-11-05 Motivation Byzantine Faults

681 views • 12 slides
Fault Tolerant Distributed Main Memory Systems CompSci 590.04

Fault Tolerant Distributed Main Memory Systems CompSci 590.04

Fault Tolerant Distributed Main Memory Systems CompSci 590.04 Instructor: Ashwin Machanavajjhala Lecture 16 : 590.04 Fall 15 1 Recap: Map Reduce ma p ! ! ,

641 views • 30 slides
Minimizing Latency in Fault-Tolerant Distributed Stream Processing Systems Andrey Brito 1 ,

Minimizing Latency in Fault-Tolerant Distributed Stream Processing Systems Andrey Brito 1 ,

Department of Computer Science Institute for Systems Architecture, Systems Engineering Group Minimizing Latency in Fault-Tolerant Distributed Stream Processing Systems Andrey Brito 1 , Christof Fetzer 1 , Pascal Felber 2 1 Technische Universitt

658 views • 55 slides

More recommend