towards recoverable hybrid byzantine consensus
play

Towards Recoverable Hybrid Byzantine Consensus Hans P. Reiser 1 , R - PowerPoint PPT Presentation

Jan 01, 2024 •261 likes •603 views

Towards Recoverable Hybrid Byzantine Consensus Hans P. Reiser 1 , R udiger Kapitza 2 1 University of Lisboa, Portugal 2 University of Erlangen-N urnberg, Germany September 22, 2009 Overview Background 1 Why? When? Where? Towards

  1. Towards Recoverable Hybrid Byzantine Consensus Hans P. Reiser 1 , R¨ udiger Kapitza 2 1 University of Lisboa, Portugal 2 University of Erlangen-N¨ urnberg, Germany September 22, 2009

  2. Overview Background 1 Why? When? Where? Towards Recoverable Hybrid Byzantine Consensus 2 Wanted: Recovery Recovery in existing BFT algorithms Recoverable BFT: A State Model Provocative Questions and Conclusions 3 Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 2

  3. Why? Security threats NVD, Bugtraq, etc: Countless vulnerabilities Viruses, botnets, cyber warefare: Countless attacks Pervasive IT systems Everything (incl. critical infrastructures) connected to Internet High security requirements no longer limited to traditional critical infrastructures Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 3

  4. Why? Security threats NVD, Bugtraq, etc: Countless vulnerabilities Viruses, botnets, cyber warefare: Countless attacks Pervasive IT systems Everything (incl. critical infrastructures) connected to Internet High security requirements no longer limited to traditional critical infrastructures Current best practices cannot avoid all faults/intrusions New approaches are needed. Intrusion tolerance might be one key building block for more secure, more dependable systems. Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 3

  5. When? I do not know. Hoping for interesting discussions :-) Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 4

  6. When? I do not know. Hoping for interesting discussions :-) Marketing / political issue How to convince people to pay for intrusion tolerance? Quantifying the benefit? Intrusions harder to predict than traditional faults . . . Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 4

  7. When? I do not know. Hoping for interesting discussions :-) Marketing / political issue How to convince people to pay for intrusion tolerance? Quantifying the benefit? Intrusions harder to predict than traditional faults . . . Do we still need further improvements? new research directions? Cheaper BFT? (R¨ udiger’s f + 1 talk) Missing functionality? (e.g., node recovery ) . . . Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 4

  8. Where? Where to use BFT algorithms in practice? Use it to build intrusion-tolerant systems . . . wherever we will find vulnerabilities & attacks (i.e., almost everywhere) . . . wherever we can afford the cost Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 5

  9. Where? Where to use BFT algorithms in practice? Use it to build intrusion-tolerant systems . . . wherever we will find vulnerabilities & attacks (i.e., almost everywhere) . . . wherever we can afford the cost (don’t forget diversity Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 5

  10. Where? Where to use BFT algorithms in practice? Use it to build intrusion-tolerant systems . . . wherever we will find vulnerabilities & attacks (i.e., almost everywhere) . . . wherever we can afford the cost (don’t forget diversity . . . and determinism) Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 5

  11. Overview Background 1 Why? When? Where? Towards Recoverable Hybrid Byzantine Consensus 2 Wanted: Recovery Recovery in existing BFT algorithms Recoverable BFT: A State Model Provocative Questions and Conclusions 3 Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 6

  12. Wanted: Recovery Using BFT for building intrusion-tolerant systems Function correctly in spite of malicious intrusions Capability of reorganizing itself autonomously Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 7

  13. Wanted: Recovery Using BFT for building intrusion-tolerant systems Function correctly in spite of malicious intrusions Capability of reorganizing itself autonomously Limitation of simple BFT algorithms Sooner or later, attackers might compromise more nodes than the system can tolerate Intrusions usually are hard to detect Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 7

  14. Wanted: Recovery Using BFT for building intrusion-tolerant systems Function correctly in spite of malicious intrusions Capability of reorganizing itself autonomously Limitation of simple BFT algorithms Sooner or later, attackers might compromise more nodes than the system can tolerate Intrusions usually are hard to detect Wanted: Proactive Recovery Replicas should proactively be refreshed periodically, in addition to reactively repairing detected faults. Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 7

  15. Overview Background 1 Why? When? Where? Towards Recoverable Hybrid Byzantine Consensus 2 Wanted: Recovery Recovery in existing BFT algorithms Recoverable BFT: A State Model Provocative Questions and Conclusions 3 Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 8

  16. Recovery in existing BFT algorithms PBFT (Castro et al.): Explicit proactive recovery support Prerequisites for proactive recovery Tamper-free device that periodically triggers recoveries Trusted component that stores private key and creates signatures Means for avoiding message replay after recovery Recovering non-faulty replica must not loose state and Recovering faulty replica must not spread wrong information Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 9

  17. Recovery in existing BFT algorithms Algorithm TCB Recovery support PBFT yes yes Q/U no no HQ no no BFT2F no no Zyzzyva no no A2M yes maybe MinBFT yes no Table: Recovery support in BFT algorithms Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 10

  18. Implications of prerequisites Tamper-free device that triggers recoveries Trusted component that stores private key and creates signatures Means for avoiding message replay after recovery Recovering non-faulty replica must not loose state Recovering faulty replica must not spread wrong information Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 11

  19. Implications of prerequisites Tamper-free device that triggers recoveries Easy: External tamper-free box Trusted component that stores private key and creates signatures Means for avoiding message replay after recovery Recovering non-faulty replica must not loose state Recovering faulty replica must not spread wrong information Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 11

  20. Implications of prerequisites Tamper-free device that triggers recoveries Easy: External tamper-free box Trusted component that stores private key and creates signatures Easy: trusted box + minor implementation changes Means for avoiding message replay after recovery Recovering non-faulty replica must not loose state Recovering faulty replica must not spread wrong information Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 11

  21. Implications of prerequisites Tamper-free device that triggers recoveries Easy: External tamper-free box Trusted component that stores private key and creates signatures Easy: trusted box + minor implementation changes Means for avoiding message replay after recovery Session keys, changes to message format, message filtering? Recovering non-faulty replica must not loose state Recovering faulty replica must not spread wrong information Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 11

  22. Implications of prerequisites Tamper-free device that triggers recoveries Easy: External tamper-free box Trusted component that stores private key and creates signatures Easy: trusted box + minor implementation changes Means for avoiding message replay after recovery Session keys, changes to message format, message filtering? Recovering non-faulty replica must not loose state Highly intrusive: All relevant state on persistent storage Recovering faulty replica must not spread wrong information Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 11

  23. Implications of prerequisites Tamper-free device that triggers recoveries Easy: External tamper-free box Trusted component that stores private key and creates signatures Easy: trusted box + minor implementation changes Means for avoiding message replay after recovery Session keys, changes to message format, message filtering? Recovering non-faulty replica must not loose state Highly intrusive: All relevant state on persistent storage Recovering faulty replica must not spread wrong information Most difficult part: protocol extensions (state validation) Hans P. Reiser (University of Lisboa) Towards Recoverable Hybrid Byzantine Consensus September 22, 2009 11

Recommend

Towards Low-Latency Byzantine Agreement Protocols Using RDMA DSN Workshop on Byzantine Consensus

Towards Low-Latency Byzantine Agreement Protocols Using RDMA DSN Workshop on Byzantine Consensus

Towards Low-Latency Byzantine Agreement Protocols Using RDMA DSN Workshop on Byzantine Consensus and Resilient Blockchains Signe Rsch, Ines Messadi, Rdiger Kapitza, 2018-06-25 ruesch@ibr.cs.tu-bs.de Technische Universitt Braunschweig,

781 views • 47 slides
Byzantine Fault Tolerance Consensus Strikes Back Announcements Lab 2 Hopefully everyone has

Byzantine Fault Tolerance Consensus Strikes Back Announcements Lab 2 Hopefully everyone has

Byzantine Fault Tolerance Consensus Strikes Back Announcements Lab 2 Hopefully everyone has started by now, maybe even finished large portions. If not ... you should worry . Please don't change the protobufs. My testing strategy

1.26k views • 76 slides
Advanced Network Security 6. Agreement and consensus II: Byzantine failures Jaap-Henk Hoepman

Advanced Network Security 6. Agreement and consensus II: Byzantine failures Jaap-Henk Hoepman

Advanced Network Security 6. Agreement and consensus II: Byzantine failures Jaap-Henk Hoepman Digital Security (DS) Radboud University Nijmegen, the Netherlands @xotoxot // * jhh@cs.ru.nl // 8 www.cs.ru.nl/~jhh Byzantine failures are real

477 views • 30 slides
Hybrid Consensus: Efficient Consensus in the Permissionless Model Rafael Pass and Elaine Shi

Hybrid Consensus: Efficient Consensus in the Permissionless Model Rafael Pass and Elaine Shi

Hybrid Consensus: Efficient Consensus in the Permissionless Model Rafael Pass and Elaine Shi IC3 1 Blockchains Satoshi Nakamoto, 2009 Public database Shared & maintained between network participants Blockchain agreement protocol

296 views • 15 slides
Byzantine Fault Tolerance Consensus Strikes Back (continued) Announcements Lab 2 Due in

Byzantine Fault Tolerance Consensus Strikes Back (continued) Announcements Lab 2 Due in

Byzantine Fault Tolerance Consensus Strikes Back (continued) Announcements Lab 2 Due in approximately 5 hours. If you haven't started yet then ... I don't really know how to help. Note, even with late days you must submit by 23:59 on

1.34k views • 56 slides
Performance of UDP-based Byzantine Fault Tolerant Consensus Final talk for the Bachelors

Performance of UDP-based Byzantine Fault Tolerant Consensus Final talk for the Bachelors

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Performance of UDP-based Byzantine Fault Tolerant Consensus Final talk for the Bachelors Thesis by Lucas Mair advised by Richard von Seck,

523 views • 36 slides
Reasoning about Byzantine Protocols Ilya Sergey ilyasergey.net Why Distributed Consensus is

Reasoning about Byzantine Protocols Ilya Sergey ilyasergey.net Why Distributed Consensus is

Reasoning about Byzantine Protocols Ilya Sergey ilyasergey.net Why Distributed Consensus is difficult? Arbitrary message delays (asynchronous network) Independent parties (nodes) can go offline (and also back online) Network

1.29k views • 72 slides
Byzantine Vector Consensus in Complete Graphs Nitin Vaidya University of

Byzantine Vector Consensus in Complete Graphs Nitin Vaidya University of

Byzantine Vector Consensus in Complete Graphs Nitin Vaidya University of Illinois at Urbana-Champaign Vijay Garg University of Texas at Austin Assumptions g Complete graph of n processes g f

964 views • 60 slides
RepuCoin: Reputation-based Byzantine Consensus Jeremie Decouchant, Joint work with Jiangshan Yu,

RepuCoin: Reputation-based Byzantine Consensus Jeremie Decouchant, Joint work with Jiangshan Yu,

University of Luxembourg Multilingual. Personalised. Connected. RepuCoin: Reputation-based Byzantine Consensus Jeremie Decouchant, Joint work with Jiangshan Yu, David Kozhaya, Paulo Esteves-Verssimo CritiX, SnT jeremie.decouchant@uni.lu

333 views • 12 slides
ROBUST & SPECULATIVE BYZANTINE RANDOMIZED CONSENSUS WITH CONSTANT TIME COMPLEXITY IN

ROBUST & SPECULATIVE BYZANTINE RANDOMIZED CONSENSUS WITH CONSTANT TIME COMPLEXITY IN

ROBUST & SPECULATIVE BYZANTINE RANDOMIZED CONSENSUS WITH CONSTANT TIME COMPLEXITY IN NORMAL CONDITIONS Nuno Neves Bruno Vavala University of Lisbon, Portugal University of Lisbon, Portugal Carnegie Mellon

407 views • 36 slides
The Byzantine Generals Problem Zixin Chi Julian Angeles Motivation A reliable system must be

The Byzantine Generals Problem Zixin Chi Julian Angeles Motivation A reliable system must be

The Byzantine Generals Problem Zixin Chi Julian Angeles Motivation A reliable system must be fault-tolerant. having some degree of redundancy. Consensus protocol. How can we reach consensus? What is the problem? First proposed by

599 views • 33 slides
Byzantine Fault Tolerance Consensus Strikes Back (continued) Announcements Lab 2 Due in

Byzantine Fault Tolerance Consensus Strikes Back (continued) Announcements Lab 2 Due in

Byzantine Fault Tolerance Consensus Strikes Back (continued) Announcements Lab 2 Due in approximately 5 hours. Lab 2 Due in approximately 5 hours. If you haven't started yet then ... I don't really know how to help. Lab 2 Due in

1.69k views • 119 slides
Consensus and Dissent or: Meta - Consensus Consensus about what we have consensus

Consensus and Dissent or: Meta - Consensus Consensus about what we have consensus

Consensus and Dissent or: Meta - Consensus Consensus about what we have consensus on Building on Bitcoin Lisboa, Portugal -- 4 July 2018 Paul Sztorc Twitter: @truthcoin paul@tierion.com 16C8 1597 E76E 86E6 C01E F037 AA4B 3330

619 views • 37 slides
Federated Byzantine Quorum Systems lvaro Garca-Prez and Alexey Gotsman IMDEA Software

Federated Byzantine Quorum Systems lvaro Garca-Prez and Alexey Gotsman IMDEA Software

Federated Byzantine Quorum Systems lvaro Garca-Prez and Alexey Gotsman IMDEA Software Institute Blockchains Append-only, distributed ledger. Uses a Byzantine fault-tolerant (BFT) consensus algorithm to ensure that distributed nodes

1.12k views • 84 slides
Byzantine Fault Tolerance and Partial Synchrony Stefan Stattelmann Seminar Advanced Topics in

Byzantine Fault Tolerance and Partial Synchrony Stefan Stattelmann Seminar Advanced Topics in

Introduction Consensus and Partial Synchrony Practical Byzantine Fault Tolerance Byzantine Fault Tolerance and Partial Synchrony Stefan Stattelmann Seminar Advanced Topics in Distributed Computing WS 2007/2008, MPI-SWS (Saarland University),

1.12k views • 37 slides
Byzantine Fault Tolerance Consensus Strikes Back Announcements Lab 2 Lab 2 Hopefully

Byzantine Fault Tolerance Consensus Strikes Back Announcements Lab 2 Lab 2 Hopefully

Byzantine Fault Tolerance Consensus Strikes Back Announcements Lab 2 Lab 2 Hopefully everyone has started by now, maybe even finished large portions. Lab 2 Hopefully everyone has started by now, maybe even finished large portions.

1.87k views • 141 slides
Seminar Distributed Systems Byzantine Fault Tolerance-Based Consensus Protocols for Blockchains

Seminar Distributed Systems Byzantine Fault Tolerance-Based Consensus Protocols for Blockchains

Seminar Distributed Systems Byzantine Fault Tolerance-Based Consensus Protocols for Blockchains Signe R usch April 4, 2018 Organisational Topic Descriptions Table of Contents Organisational Topic Descriptions Signe R usch | Seminar

471 views • 15 slides
Distributed Systems Making Byzantine Fault-Tolerant Systems Tolerate Byzantine Faults Hubert

Distributed Systems Making Byzantine Fault-Tolerant Systems Tolerate Byzantine Faults Hubert

Distributed Systems Making Byzantine Fault-Tolerant Systems Tolerate Byzantine Faults Hubert Jaworski Byzantine system Copies of critical components Concurent replicas Response agreement Omission failure proof Robustness

660 views • 20 slides
Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults Dian Yu 1/16 Comparison with

Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults Dian Yu 1/16 Comparison with

Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults Dian Yu 1/16 Comparison with PBFT (Traditional BFT protocols) Similarities: Build practical Byzantine fault tolerance systems Protocol: Clients Primary Replicas

493 views • 18 slides
Tutorial : Byzantine agreement Valerie King University of Victoria Victoria, Canada 25

Tutorial : Byzantine agreement Valerie King University of Victoria Victoria, Canada 25

Tutorial : Byzantine agreement Valerie King University of Victoria Victoria, Canada 25 Byzantine Agreement Byzantine Generals Problem in the full information model We imagine that several divisions of the Byzantine army are camped outside

1.08k views • 53 slides
Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems 22nd International

Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems 22nd International

Platzhalter fr Bild, Bild auf Titelfolie hinter das Logo einsetzen Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems 22nd International Conference on Principles of Distributed Systems Wenbo Xu, Signe Rsch, Bijun

594 views • 33 slides
Consensus Building Consensus is Consensus is finding an acceptable proposal that all members

Consensus Building Consensus is Consensus is finding an acceptable proposal that all members

Consensus Building Consensus is Consensus is finding an acceptable proposal that all members can support. Consensus is not A unanimous vote A majority vote Everyone 100% satisfied Consensus requires Time Active

351 views • 7 slides
Algorand: Scaling Byzantine Agreements for Cryptocurrencies Hyunjin Kim KAIST Introduction

Algorand: Scaling Byzantine Agreements for Cryptocurrencies Hyunjin Kim KAIST Introduction

Algorand: Scaling Byzantine Agreements for Cryptocurrencies Hyunjin Kim KAIST Introduction Previous Presentations: How secure PoW is? -Attack on Bitcoin Mining pool -Attack on Bitcoin Communication -Attack on Bitcoin Consensus

601 views • 46 slides
Byzantine Techniques Michael George November 29, 2005 Michael George Byzantine Techniques

Byzantine Techniques Michael George November 29, 2005 Michael George Byzantine Techniques

Overview The Byzantine Generals Problem Practical Byzantine Fault Tolerance Conclusion Byzantine Techniques Michael George November 29, 2005 Michael George Byzantine Techniques Overview The Byzantine Generals Problem Practical

940 views • 64 slides

More recommend