The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.01 - Jan. (2013 vol.62)
pp: 16-30
Giuliana Santos Veronese , Stefanini IT Solutions, Mexico
Miguel Correia , INESC-ID and Univ. Lisboa Faculty of Sciences, Lisboa
Alysson Neves Bessani , University of Lisboa, Lisboa
Lau Cheuk Lung , Univ. Federal de Santa Catarina
Paulo Verissimo , University of Lisboa, Lisboa
ABSTRACT
We present two asynchronous Byzantine fault-tolerant state machine replication (BFT) algorithms, which improve previous algorithms in terms of several metrics. First, they require only 2f+1 replicas, instead of the usual 3f+1. Second, the trusted service in which this reduction of replicas is based is quite simple, making a verified implementation straightforward (and even feasible using commercial trusted hardware). Third, in nice executions the two algorithms run in the minimum number of communication steps for nonspeculative and speculative algorithms, respectively, four and three steps. Besides the obvious benefits in terms of cost, resilience and management complexity—fewer replicas to tolerate a certain number of faults—our algorithms are simpler than previous ones, being closer to crash fault-tolerant replication algorithms. The performance evaluation shows that, even with the trusted component access overhead, they can have better throughput than Castro and Liskov's PBFT, and better latency in networks with nonnegligible communication delays.
INDEX TERMS
Servers, Radiation detectors, Fault tolerance, Fault tolerant systems, Delay, Hardware, trusted components, Byzantine fault-tolerance, intrusion tolerance, state machine replication, distributed systems
CITATION
Giuliana Santos Veronese, Miguel Correia, Alysson Neves Bessani, Lau Cheuk Lung, Paulo Verissimo, "Efficient Byzantine Fault-Tolerance", IEEE Transactions on Computers, vol.62, no. 1, pp. 16-30, Jan. 2013, doi:10.1109/TC.2011.221
REFERENCES
[1] Advanced Micro Devices "Amd64 Virtualization: Secure Virtual Machine Architecture Reference Manual," technical report, May 2005.
[2] A. Adya, W.J. Bolosky, M. Castro, G. Cermak, R. Chaiken, J.R. Douceur, J. Howell, J.R. Lorch, M. Theimer, and R.P. Wattenhofer, "Farsite: Federated, Available, and Reliable Storage for an Incompletely Trusted Environment," Proc. Fifth Symp. Operating Systems Design and Implementation, pp. 1-14, 2002.
[3] A.S. Aiyer, L. Alvisi, A. Clement, M. Dahlin, J. Martin, and C. Porth, "BAR Fault Tolerance for Cooperative Services," Proc. 20th ACM Symp. Operating Systems Principles, Oct. 2005.
[4] Y. Amir, C. Danilov, D. Dolev, J. Kirsch, J. Lane, C. Nita-Rotaru, J. Olsen, and D. Zage, "Scaling Byzantine Fault-Tolerant Replication to Wide Area Networks," Proc. IEEE Int'l Conf. Dependable Systems and Networks, pp. 105-114, June 2006.
[5] P. Barham, B. Dragovic, K. Fraiser, S. Hand, T. Harris, A. Ho, R. Neugebaurer, I. Pratt, and A. Warfield, "Xen and the Art of Virtualization," Proc. 19th ACM Symp. Operating Systems Principles, pp. 164-177, Oct. 2003.
[6] E.G. Barrantes, D.H. Ackley, T.S. Palmer, D. Stefanovic, and D.D. Zovi, "Randomized Instruction Set Emulation to Disrupt Binary Code Injection Attacks," Proc. 10th ACM Conf. Computer and Comm. Security, pp. 281-289, 2003.
[7] S. Berger, R. Cáceres, K.A. Goldman, R. Perez, R. Sailer, and L. van Doorn, "vTPM: Virtualizing the Trusted Platform Module," Proc. 15th USENIX Security Symp., pp. 305-320, Aug. 2006.
[8] A.N. Bessani, E.P. Alchieri, M. Correia, and J.S. Fraga, "DepSpace: A Byzantine Fault-Tolerant Coordination Service," Proc. Third ACM SIGOPS/EuroSys European Systems Conf., Apr. 2008.
[9] G. Bracha, "An Asynchronous $\lfloor (n-1)/3\rfloor$ -Resilient Consensus Protocol," Proc. Third ACM Symp. Principles of Distributed Computing, pp. 154-162, Aug. 1984.
[10] M. Branscombe, "How Hardware-Based Security Protects PCs," Tom's Hardware, http://www.tomshardware.com/reviewshardware-based-security-protects-pcs,1771.html , Feb. 2008.
[11] C. Cachin and A. Samar, "Secure Distributed DNS," Proc. Int'l Conf. Dependable Systems and Networks, pp. 423-432, 2004.
[12] M. Castro and B. Liskov, "Practical Byzantine Fault Tolerance and Proactive Recovery," ACM Trans. Computer Systems, vol. 20, no. 4, pp. 398-461, Nov. 2002.
[13] B.-G. Chun, P. Maniatis, S. Shenker, and J. Kubiatowicz, "Attested Append-Only Memory: Making Adversaries Stick to Their Word," Proc. 21st ACM Symp. Operating Systems Principles, Oct. 2007.
[14] A. Clement, M. Kapritsos, S. Lee, Y. Wang, L. Alvisi, M. Dahlin, and T. Riche, "Upright Cluster Services," Proc. ACM SIGOPS 22nd Symp. Operating Systems Principles, pp. 277-290, 2009.
[15] M. Correia, N.F. Neves, and P. Verissimo, "How to Tolerate Half Less One Byzantine Nodes in Practical Distributed Systems," Proc. 23rd IEEE Symp. Reliable Distributed Systems, pp. 174-183, Oct. 2004.
[16] M. Correia, P. Verissimo, and N.F. Neves, "The Design of a COTS Real-Time Distributed Security Kernel," Proc. Fourth European Dependable Computing Conf., pp. 234-252, Oct. 2002.
[17] J. Cowling, D. Myers, B. Liskov, R. Rodrigues, and L. Shrira, "HQ-Replication: A Hybrid Quorum Protocol for Byzantine Fault Tolerance," Proc. Seventh Symp. Operating Systems Design and Implementations, pp. 177-190, Nov. 2006.
[18] C. Dwork, N. Lynch, and L. Stockmeyer, "Consensus in the Presence of Partial Synchrony," J. ACM, vol. 35, no. 2, pp. 288-323, Apr. 1988.
[19] J.S. Fraga and D. Powell, "A Fault- and Intrusion-Tolerant File System," Proc. Third Int'l Conf. Computer Security, pp. 203-218, Aug. 1985.
[20] M. Garcia, A. Bessani, I. Gashi, N. Neves, and R. Obelheiro, "OS Diversity for Intrusion Tolerance: Myth or Reality," Proc. Int'l Conf. Dependable Systems and Networks, June 2011.
[21] R. Garcia, R. Rodrigues, and N. Preguiça, "Efficient Middleware for Byzantine Fault-Tolerant Database Replication," Proc. Sixth ACM SIGOPS/EuroSys European Conf. Computer Systems, pp. 107-122, Apr. 2011.
[22] T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh, "Terra: A Virtual Machine-Based Platform for Trusted Computing," Proc. 19th ACM Symp. Operating Systems Principles, pp. 193-206, 2003.
[23] M. Gasser, Building a Secure Computer System. Van Nostrand Reinhold, 1988.
[24] Intel Corporation, "LaGrande Technology Preliminary Architecture Specification," Intel Publication D52212, May 2006.
[25] F. Junqueira, Y. Mao, and K. Marzullo, "Classic Paxos vs. Fast Paxos: Caveat Emptor," Proc. Third Workshop Hot Topics in System Dependability (HotDep '07), 2007.
[26] R. Kotla, L. Alvisi, M. Dahlin, A. Clement, and E. Wong, "Zyzzyva: Speculative Byzantine Fault Tolerance," Proc. 21st Symp. Operating Systems Principles, Oct. 2007.
[27] H. Krawczyk, M. Bellare, and R. Canetti, "HMAC: Keyed-hashing for Message Authentication," IETF Request for Comments: RFC 2104, Feb. 1997.
[28] L. Lamport, R. Shostak, and M. Pease, "The Byzantine Generals Problem," ACM Trans. Programming Languages and Systems, vol. 4, no. 3, pp. 382-401, July 1982.
[29] J. Li and D. Mazieres, "Beyond One-Third Faulty Replicas in Byzantine Fault Tolerant Systems," Proc. Fourth USENIX Symp. Networked Systems Design and Implementation, pp. 131-144, Apr. 2007.
[30] J.P. Martin and L. Alvisi, "Fast Byzantine Consensus," IEEE Trans. Dependable and Secure Computing, vol. 3, no. 3, pp. 202-215, July-Sept. 2006.
[31] J.P. Martin, L. Alvisi, and M. Dahlin, "Minimal Byzantine Storage," Proc. 16th Int'l Conf. Distributed Computing, pp. 311-325, Oct. 2002.
[32] J.M. McCune, B. Parno, A. Perrig, M.K. Reiter, and A. Seshadri, “How Low Can You Go? Recommendations for Hardware-Supported Minimal TCB Code Execution,” Proc. 13th Int'l Conf. Architectural Support for Programming Languages and Operating Systems, pp. 14-25, Mar. 2008.
[33] J.M. McCune, B.J. Parno, A.P.M.K. Reiter, and H. Isozaki, “Flicker: An Execution Infrastructure for TCB Minimization,” Proc. Third ACM SIGOPS/EuroSys European Systems Conf., Apr. 2008.
[34] R.R. Obelheiro, A.N. Bessani, L.C. Lung, and M. Correia, “How Practical Are Intrusion-Tolerant Distributed Systems?” DI-FCUL TR 06-15, Dept. of Informatics, Univ. of Lisbon, Sept. 2006.
[35] M. Pease, R. Shostak, and L. Lamport, “Reaching Agreement in the Presence of Faults,” J. ACM, vol. 27, no. 2, pp. 228-234, Apr. 1980.
[36] Trusted Computing Group, “TPM Main, Part 1, Design Principles,” Specification Version 1.2, Revision 103, July 2007.
[37] Trusted Computing Group, “TPM Main, Part 3 Commands,” Specification Version 1.2, Revision 103, July 2007.
[38] H.P. Reiser and R. Kapitza, “Hypervisor-Based Efficient Proactive Recovery,” Proc. 26th IEEE Symp. Reliable Distributed Systems, pp. 83-92, Oct. 2007.
[39] M.K. Reiter, “The Rampart Toolkit for Building High-Integrity Services,” Proc. Int'l Workshop Theory and Practice in Distributed Systems, vol. 938, pp. 99-110, 1995.
[40] M.K. Reiter, M.K. Franklin, J.B. Lacy, and R.N. Wright, “The $\Omega$ Key Management Service,” Proc. Third ACM Conf. Computer and Comm. Security, pp. 38-47, 1996.
[41] L.F.G. Sarmenta, M. van Dijk, C.W. O'Donnell, J. Rhodes, and S. Devadas, “Virtual Monotonic Counters and Count-Limited Objects Using a TPM without a Trusted OS,” Proc. First ACM Workshop Scalable Trusted Computing, pp. 27-42, Nov. 2006.
[42] F.B. Schneider, “Implementing Faul-Tolerant Services Using the State Machine Approach: A Tutorial,” ACM Computing Surveys, vol. 22, no. 4, pp. 299-319, Dec. 1990.
[43] L. Singaravelu, C. Pu, H. Härtig, and C. Helmuth, “Reducing TCB Complexity for Security-Sensitive Applications: Three Case Studies,” SIGOPS Operating Systems Rev., vol. 40, no. 4, pp. 161-174, 2006.
[44] A. Singh, P. Maniatis, P. Druschel, and T. Roscoe, “BFT Protocols under Fire,” Proc. Fourth Symp. Networked Systems Design and Implementation, Apr. 2008.
[45] M. van Dijk, J. Rhodes, L.F. G. Sarmenta, and S. Devadas, “Offline Untrusted Storage with Immediate Detection of Forking and Replay Attacks,” Proc. Second ACM Workshop Scalable Trusted Computing, pp. 41-48, Nov. 2007.
[46] P. Verissimo, “Travelling through Wormholes: A New Look at Distributed Systems Models,” SIGACT News, vol. 37, no. 1, pp. 66-81, 2006.
[47] M. Welsh, D. Culler, and E. Brewer, “Seda: An Architecture for Well-Conditioned, Scalable Internet Services,” Proc. 18th ACM Symp. Operating Systems Principles, pp. 230-243, 2001.
[48] J. Xu, Z. Kalbarczyk, and R.K. Iyer, “Transparent Runtime Randomization for Security,” Proc. 22nd IEEE Symp. Reliable Distributed Systems, pp. 260-269, Oct. 2003.
[49] J. Yin, J. Martin, A. Venkataramani, L. Alvisi, and M. Dahlin, “Separating Agreement from Execution for Byzantine Fault Tolerant Services,” Proc. 19th ACM Symp. Operating Systems Principles, pp. 253-267, Oct. 2003.
[50] L. Zhou, F. Schneider, and R. van Renesse, “COCA: A Secure Distributed On-Line Certification Authority,” ACM Trans. Computer Systems, vol. 20, no. 4, pp. 329-368, Nov. 2002.
27 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool