Like this presentation? Why not share!

- Chapter 11d coordination agreement by AbDul ThaYyal 303 views
- The new decentralized sharing econo... by Hubert Gertis 1506 views
- The byzantine generals problem by Luong Nguyen 848 views
- Practical Byzantine Fault Tolerance by Suman Karumuri 1827 views
- Generais bizantinos - MPI by Cleverson Ledur 366 views
- Pivotal gem fire_wp_hardest-problem... by EMC 359 views

1,797

-1

-1

Published on

Presentation on Lamport's paper "The Byzantine Generals Problem"

Published in:
Technology

No Downloads

Total Views

1,797

On Slideshare

0

From Embeds

0

Number of Embeds

1

Shares

0

Downloads

42

Comments

0

Likes

1

No embeds

No notes for slide

- 1. Byzantine Generals Problem Wednesday, August 18, 2010
- 2. Motivation Wednesday, August 18, 2010
- 3. Each division is directed by its own general Wednesday, August 18, 2010
- 4. There are n generals Wednesday, August 18, 2010
- 5. All armies are camped outside enemy castle, observing enemy Wednesday, August 18, 2010
- 6. Communicate with each other by messengers Wednesday, August 18, 2010
- 7. Requirement A: All loyal generals decide upon the same plan of action Wednesday, August 18, 2010
- 8. Requirement B: A small number of traitors cannot cause the loyal generals to adopt a bad plan Wednesday, August 18, 2010
- 9. Agreemeent G2 V1 General 1 sends his ideas on what to do G1 V1 next G4 V1 G3 Wednesday, August 18, 2010
- 10. Agreemeent { V1, V2 } V2 G2 { V1 } General 2 sends his ideas on what to do G1 V2 next V2 G4 G3 { V1 } { V1 } Wednesday, August 18, 2010
- 11. Apply combination method to all values { V1, V2, V3, V4 } G2 { V1, V2, V3, V4 } A: All loyal generals decide upon the same G1 plan of action G4 G3 { V1, V2, V3, V4 } Wednesday, August 18, 2010
- 12. Beware of the wolves… { V1, V2 } V2 G2 General might be a { V1 } traitor, sabotaging G1 V2' the process. V2' G4 G3 { V1 } { V1 } B: A small number of traitors cannot cause the loyal generals to adopt a bad plan Wednesday, August 18, 2010
- 13. Requirements reworked • From A: Every loyal general must obtain the same information v(1), .... v(n) • From B: If the ith general is loyal, then the value that he sends must be used by every loyal general as the value of v(i) Wednesday, August 18, 2010
- 14. Rewritten • From A: Any two loyal generals use the same value of v (i) • From B: If the ith general is loyal, then the value that he sends must be used by every loyal general as the value of v(i) 2 ... an d since now both 1 and are conditions on the single al: value of a single gener Wednesday, August 18, 2010
- 15. Byzantine Generals Problem A commanding general must send an order to his n - 1 C lieutenant generals such that IC1: All loyal lieutenants obey the same order IC2: If the commanding L1 L2 L3 general is loyal, then every loyal general obeys the order he sends Wednesday, August 18, 2010
- 16. Byzantine Generals Problem A commanding general must send an order to his n - 1 C lieutenant generals such that IC1: All loyal lieutenants obey the same order IC2: If the commanding L1 L2 L3 general is loyal, then every loyal general obeys the order he sends y Interactive Consistenc Conditions Wednesday, August 18, 2010
- 17. Assuming oral messages… • Every message that is sent is delivered correctly • The receiver of a message knows who sent it • The absence of a message can be detected Wednesday, August 18, 2010
- 18. No solution for 3 generals, 1 traitor C C ? ? attack attack attack retreat L1 he said 'retreat' L2 L1 he said 'retreat' L2 e From L 1’s perspective, both th s the commanding general a other lieutenant could be the ion. traitor causing confus Wednesday, August 18, 2010
- 19. General Impossibility (Oral Messages) In general, no solutions with fewer than 3m+1 generals can cope with m traitors. Wednesday, August 18, 2010
- 20. Assuming Signatures • Every message that is sent is delivered correctly • The receiver of a message knows who sent it • The absence of a message can be detected • Signatures • A loyal general’s signature cannot be forged, and any alteration of the contents of his signed messages can be detected. • Anyone can verify the authenticity of a general’s signature Wednesday, August 18, 2010
- 21. Algorithm SM(m) • Each lieutenant maintains a set V of properly signed orders received so far. • The commander sends a signed order to lieutenants • A lieutenant receives an order from someone (either from commander or other lieutenants), • Veriﬁes authenticity and puts it in V. • If there are less than m distinct signatures on the order • Augments orders with signature • Relays messages to lieutenants who have not seen the order. • When lieutenant receives no new messages, and use choice(V) as the desired action. • If you want to protect against more traitors, increase m Wednesday, August 18, 2010
- 22. SM(m) and Traitors C V = attack, retreat => ! C ommander is a traitor attack : C retreat : C retreat : C : L2 L1 attack : C : L1 L2 Wednesday, August 18, 2010
- 23. But what if… not all generals can reach all other generals directly? Wednesday, August 18, 2010
- 24. p-Regular Graphs 1. A set of nodes { i1, …, ip } is said to be a regular set of neighbors of a node i if: 1. each ij is a neighbor of i, and 2. for any general k different from i, there exists paths γj,k from ij to k not passing through i such that any two different paths γj,k have no node in common other than k. 2. The graph G is said to be p-regular if every node has a regular set of neighbors consisting of p distinct nodes. Wednesday, August 18, 2010
- 25. p-Regular Graphs 1. A set of nodes { i1, …, ip } is said to be a regular set of neighbors of a node i if: 1. each ij is a neighbor of i, and *SNAP* 2. for any general k different from i, there exists paths γj,k from ij to k not passing through i such that any two different paths γj,k have no node in common other than k. 2. The graph G is said to be p-regular if every node has a regular set of neighbors consisting of p distinct nodes. Wednesday, August 18, 2010
- 26. Samples 3-regular not 3-regular Wednesday, August 18, 2010
- 27. Missing communication paths For any m and any p ≥ 3m, algorithm OM(m, p) solves the Byzantine Generals Problem if there are at most m traitors. Wednesday, August 18, 2010
- 28. Missing communication paths For any m and any p ≥ 3m, algorithm OM(m, p) solves the Byzantine Generals Problem if there are at most m traitors. ssing In other words: in case of messengers pa h oral messages only, if you send enoug an messages, there m ay be a way to come to of agreement on w hat to do, even in face s. (It traitors and missin g communication path hich all depends on ho w many traitors and w paths are missing.) Wednesday, August 18, 2010
- 29. Missing Communication Paths For any m, SM(m) solves the Byzantine Generals Problem if there are at most m traitors. Wednesday, August 18, 2010
- 30. Practical Use of BGP General Processor Loyal general Non-faulty processor • IC1: All nonfaulty processors must use the same input value (so they produce the same output) • IC2: If the input unit is nonfaulty, then all nonfaulty processes use the value it provides as input (so they produce the correct output) Wednesday, August 18, 2010
- 31. Assumption A1 Every message sent by non-faulty process is delivered correctly. • Failure of communication line cannot be distinguished from failure of nodes. • OK because we still are tolerating m failures. Wednesday, August 18, 2010
- 32. Assumption A2 A processor can determine origin of message • In a ﬁxed line network, this can be assumed. • In a switched network, A2 is not needed since the messages will be signed. Wednesday, August 18, 2010
- 33. Assumption A3 The absence of a message can be detected • Only by the use of some time-out convention • Fixed maximum time needed for the generation and transmission of a message. • The sender and receiver have clocks that are synchronized to within some maximum error Wednesday, August 18, 2010
- 34. Assumption A4 Unforgeable signatures. Anyone can verify authenticity of signature • Message signed by i = (M, Si(M)) • If i is not faulty, no one can generate Si(M). (Faulty processor used for generating signatures.) • Given M and X, anyone can verify if X=Si(M) Wednesday, August 18, 2010
- 35. Conclusions • BGP solutions are expensive (communication overheads and signatures) • Use of redundancy and voting to achieve reliability. What if >1/3 nodes (processors) are faulty? • 3m+1 replicas for m failures. Is that expensive? • Tradeoffs between reliability and performance • How would you determine m in a practical system? Wednesday, August 18, 2010

No public clipboards found for this slide

×
### Save the most important slides with Clipping

Clipping is a handy way to collect and organize the most important slides from a presentation. You can keep your great finds in clipboards organized around topics.

Be the first to comment