SlideShare a Scribd company logo

Honeybadger of BFT Protocols

Y
YongraeJo

Honeybadger of BFT Protocols

Technology
1 of 60
Download to read offline
The Honey Badger of BFT Protocols Andrew Miller, Yu Xia, Kyle Croman, Elaine Shi, Dawn Song University of Illinois, Urbana-Champaign, Cornell University, Tsinghua University, University of California, Berkeley Presented by Yongrae Jo, System software lab. at POSTECH
2 https://medium.com/startup-grind/you-are-a-ceo-you-are-a-honey-badger-b37d532f39ad
3 http://knowyourmeme.com/memes/honey-badger
4 https://www.wired.com/2013/12/bitcoin-honey/
5 HoneyBadgerBFT is a Cherry-Picker
6 Motivation ● Weakly (or partially) synchronous protocol such as PBFT rely on network timing assumption … – Not suited for real-world network ● Designing practical (large-scale, high efficiency and high-robust) Byzantine fault tolerant consensus algorithm in asynchronous network – Doesn’t rely on network condition
7 Background ● Timing assumptions in distributed systems ● FLP Impossibility Result ● Equivalence between consensus and other problems ● Broadcast primitives ● Randomized Byzantine Agreement ● {Binary / Multi-valued / Vector / k-Set} Consensus ● Erasure Coding ● Threshold Encryption
8 Background ● Timing assumptions in distributed systems ● FLP Impossibility Result ● Equivalence between consensus and other problems ● Broadcast primitives ● Randomized Byzantine Agreement ● {Binary / Multi-valued / Vector / k-Set} Consensus ● Erasure Coding ● Threshold Encryption
9 Timing assumptions ● Synchronous network – All messages are delivered within Δ ● Eventual synchronous network – After unknwon GST(Global Stabilization Time), all messages are delivered within Δ ● Partially synchronous network – Eventual synchronous, but Δ is unknown to the protocol ● Weakly synchronous network – Varying Δ along with the network conditions and protocol Δ : timeout parameter
10 No timing assumption on underlying network Asynchronous Network
11 But sadly, we have FLP Impossibility Result
12 Deterministic consensus algorithm in asynchronous network is impossible FLP Impossibility Result
13 How to circumvent FLP result? ● Sacrifice determinism – Randomized Byzantine consensus algorithm ● Adding timing assumption – Partially sync., etc. ● Adding oracle (failure detector) ● Adding trusted component ● Change the problem domain (e.g. not a single value, but range of value or set of values) ● Ref. Byzantine consensus in asynchronous message- passing systems: a survey (2011)
14 How to circumvent FLP result? ● Sacrifice determinism – Randomized Byzantine consensus algorithm ● Change the problem domain (e.g. not a single value, but range of value or set of values) Ref. Byzantine consensus in asynchronous message- passing systems: a survey (2011) HoneyBadgerBFT Asynchronous Agreement on Common Set
15 Equivalent problems to Consensus in distributed computing area Consensus Atomic Broadcast State Machine Replication Group Membership Non-blocking Atomic commit Hadzilacos and Toueg, 1994 Chandra and Toueg, 1996 Cachin et al., 2001 Schneider, 1990 Guerraoui and Schiper, 2001 Guerraoui and Schiper, 2001 ~ ~ reducible related
16 Contribution
17 System Model ● Node – N nodes exist in network: P0 , … , Pn-1 – Each node receive transactions as input – The goal of node is to reach consensus on a transaction order ● Client – Submit a transaction, and consider it committed when the client received signatures from majority of nodes ● Transaction – Identified as a unique string
18 System Model ● Static Byzantine faults – n = 3f + 1 ● Network – Purely asynchronous network – Reliable authenticated point-to-point channel – Adversary can control delivery schedule, but can’t stop message from being delivered ● Trusted setup – Initial key distribution
19 Atomic Broadcast ● Consensus = Atomic Broadcast ● HoenyBadgerBFT is Atomic Broadcast ● Designing Atomic Broadcast solves consensus problem Above properties should hold with high probability Properties of Atomic Broadcast Safety Live- ness
20 Some Acronyms ● ABC: Atomic Broadcast ● ACS: Agreement on Common Subset or Asynchronous Common Subset ● RBC: Reliable Broadcast ● MVBA: Multi-Valued Byzantine Agreement ● ABA (or simply BA): Asynchronous Binary Agreement ● TPKE : Threshold (Public Key) Encryption
21 ACS MVBA RBC ABA reduction RBC ABA ABC reduction CommonCoin HonyeBadgerBFT implement use Module relationships MVBA module is actually not used in HoneyBadgerBFT use To implement ABC(Atomic Broadcast) is to implement consensus
22 ACS MVBA RBC ABA reduction reduction RBC ABA C. Cachin et al. Secure and efficient asynchronous broadcast protocols, 2001 Bracha’s Broadcast G. Bracha, Asynchronous byzantine agreement protocols. Information and Computation, 1987 C. Cachin et al., Asynchronous verifiable information dispersal, 2005 Bracha’s Broadcast with Erasure coding A. Mostefaoui et al., Signature-free asynchronous byzantine consensus with t< n/3 and O(n^2) messages, 2014 |v| : Size of input λ : Security parameter M. Ben-Or et al., Asynchronous secure computations with optimal resilience (1994)
23 ACS MVBA RBC ABA reduction reduction RBC ABA C. Cachin et al. Secure and efficient asynchronous broadcast protocols, 2001 Bracha’s Broadcast G. Bracha, Asynchronous byzantine agreement protocols. Information and Computation, 1987 C. Cachin et al., Asynchronous verifiable information dispersal, 2005 Bracha’s Broadcast with Erasure coding A. Mostefaoui et al., Signature-free asynchronous byzantine consensus with t< n/3 and O(n^2) messages, 2014 |v| : Size of input λ : Security parameter M. Ben-Or et al., Asynchronous secure computations with optimal resilience (1994) Good batching
24 ACS MVBA RBC ABA reduction reduction RBC ABA C. Cachin et al. Secure and efficient asynchronous broadcast protocols, 2001 Bracha’s Broadcast G. Bracha, Asynchronous byzantine agreement protocols. Information and Computation, 1987 C. Cachin et al., Asynchronous verifiable information dispersal, 2005 Bracha’s Broadcast with Erasure coding A. Mostefaoui et al., Signature-free asynchronous byzantine consensus with t< n/3 and O(n^2) messages, 2014 |v| : Size of input λ : Security parameter M. Ben-Or et al., Asynchronous secure computations with optimal resilience (1994) Good batching HoneyBadgerBFT’s cherry picking
25 Modular Approach ● HoneyBadgerBFT ‘s modular composition – Module 1. HoneyBadgerBFT – Module 2. ACS (Asynchronous Common Subset) – Module 3. RBC (Reliable Broadcast) – Module 4. BA (Asynchronous Binary Agreement) – Module 5. CommonCoin
26 HoneyBadgerBFT use use use use ACS RBC BA CommonCoin Module Relationships in HoneyBadgerBFT TPKE use
27 Module: HoneyBadgerBFT ● Implements Atomic Broadcast (a.k.a Consensus) ● Why Threshold Encryption? – Adversary can selectively delay proposal from specific node – By using Threshold Encryption, adversary doesn’t know whose proposals are coming from (Censorship resiliency) – Cachin et al., Practical asynchronous byzantine agreement using cryptography(2000)
28 123n Message Buffer(FIFO Queue) Selection Policy 2 1 3 Subset Vector Message = Transaction (N, f+1) Threshold Encryption using Public key PK ACS Receive Random selection x y z input (bit vector) 01001….010 Threshold Decryption with its own share output (bit vector) Multicast decrypted share Wait until f+1 decrypted shares are received Recover original secret using Public Key Generate block Remove batched transactions from Buffer Consensus on bit vector Batch size
29 (N, f+1) Threshold Encryption
30 Module: ACS ● Agreement on common subset asynchronously ● Protocol – 1) Each node broadcast proposed value using RBC – 2) After 1), ABA decides a vector of proposed value from RBC Quorum size & legitimate contents Properties of Asynchronous Common Subset Above properties should hold with high probability Liveness Safety
31
32 Module RBC ● (Byzantine) Reliable broadcast for proposal ● Resolving leader bottleneck by using erasure coding – Without erasure coding, O( N B ) – With erasure coding, O( B ) Outsourced from Bracha’s broadcast with erasure coding (Reed-Solomon Impl.) from – C. Cachin and S. Tessaro. Asynchronous verifiable information dispersal (2005) – G. Bracha, Asynchronous byzantine agreement protocols(1987) Properties of Reliable Broadcast
33 (N-2f, N)-Erasure coding scheme Data Block A B C D Split data block into N pieces of small data blocks including parity block E F G H I J K L A B C D E F G H I J K L Some corrupted or lost Recover original Data block only from N-2f small blocks or intentionally omitted to save space N = 12, N-2f = 8 O(B)
34 A B h9 C D h10 E F h11 G H h12 h13 h14 h Erasure coded blocks h1 h2 h3 h4 h5 h6 h7 h8 In (N-2f, N)-erasure coding scheme, only N- 2f pieces of blocks are needed to recover the original. Situation where N-f ECHO msgs are not received yet, But, received f+1 READY msg
35 Module BA ● (Asynchronous) Binary & Randomized & Byzantine Agreement on a single bit ● Used for ensuring decided value from RBC instance Outsourced from ● Moustefaoui et al., Signature-free asynchronous byzantine consensus with t< n/3 and O(n ^2), 2014 ● Rabin M., Randomized Byzantine generals, 1983 Properties of Asynchronous Byzantine Agreement Above properties should hold with high probability
36 BA BA 1 BA 2 BA 3 BA N 0 / 1 0 / 1 0 : I don’t agree with you 1 : I agree with you Just think of BA as a blackbox for 0/1 agreement RBC 1 RBC 2 RBC 3 RBC N Do you agree the result of RBC instance? Yes(1) / No(0) 1 / 0 1 / 0 Vote result Vote result Vote result Vote result
37 Module CommonCoin ● Distributed object that delivers the same sequence of random bits b1 ,b2 ,... ,br ,... to each process ● Return random bit with threshold encryption Outsourced from Rabin M., Randomized Byzantine generals (1983)
38 Implementation ● Python, gevent library for concurrent task ● Threshold cryptography, Charm / PBC library ● Docker container
39 Evaluation Env. ● EC2 t2.medium instances throughout 8 regions spanning 5 continents – 32, 40, 48, 56, 64, and 104 instances ● Varying batch size: 256, 512, 1024, 2048, 4096, 8192, 16384, 32768, 65536, or 131072 ● N = 4f + 1 ● No faults or network interruptions
40 Comm. cost vs Batch size Comm. cost:
41 Throughput vs Batch size
42 Latency vs Throughput
43 HoneyBadgerBFT vs PBFT PBFT has leader bottleneck
44 Conclusion ● HoneyBadgerBFT is the first practical asynchronous Byzantine consensus protocol ● HoneyBadgerBFT can be a suitable component in cryptocurrency-inspired deployments of fault tolerant transaction processing systems ● HoneyBadgerBFT is building block for dependable system based on asynchronous protocol
45
46 Thanks
47 Any Questions?
48
49 (RBC and BA) in ACS
50 How PBFT fails
51 Signature-Free Asynchronous Byzantine Consensus with t < n/3 and O(n^2 ) Messages (2014)
52 Signature-Free Asynchronous Byzantine Consensus with t < n/3 and O(n^2 ) Messages (2014)
53 Broadcast Primitives ● Best-effort Broadcast ● Reliable Broadcast ● Uniform Reliable Broadcast ● Stubborn Broadcast ● FIFO Broadcast ● Casual Broadcast ● Total-Order Broadcast (Atomic Broadcast) – Bracha’s Broadcast ● ...
54 Bracha’s broadcast https://lpd.epfl.ch/site/_media/education/sdc_byzconsensus.pdf
55 Data Block Data Block Data Block O(N B)
56 O(B) A B C D E F G H I J K L
57 O(B) A B C D E F G H I J K L
58 Data Block Data Block Data Block O(B) Recover original data block
59 A B C D E F G H I J K L Data Block Recover from small pieces of blocks A B C D Data Block Recover Data Block E F G H Recover Data Block I J K L Recover
60 Why do we need RBC and additional BA? Normally, PBFT’s reliable broadcast guarantee consistency → Asynchrony: In PBFT, there is explicit time bound. But, in asynchronous network, RBC may fail. So for finality, additional BA is needed to ensure that all correct processes decide same value.

Recommended

SATA Introduction
SATA IntroductionSATA Introduction
SATA IntroductionGene Chang
 
I2C BUS PROTOCOL
I2C BUS PROTOCOLI2C BUS PROTOCOL
I2C BUS PROTOCOLKashyap Mandaliya
 
Metastability,MTBF,synchronizer & synchronizer failure
Metastability,MTBF,synchronizer & synchronizer failureMetastability,MTBF,synchronizer & synchronizer failure
Metastability,MTBF,synchronizer & synchronizer failureprashant singh
 
Verification Strategy for PCI-Express
Verification Strategy for PCI-ExpressVerification Strategy for PCI-Express
Verification Strategy for PCI-ExpressDVClub
 
Paxos
PaxosPaxos
PaxosAmir Payberah
 
SPI Protocol
SPI ProtocolSPI Protocol
SPI ProtocolAnurag Tomar
 
USART
USARTUSART
USARTIslam Samir
 
Memory management OS
Memory management OSMemory management OS
Memory management OSUmeshchandraYadav5
 

Recommended

SATA Introduction
SATA IntroductionSATA Introduction
SATA IntroductionGene Chang
 
I2C BUS PROTOCOL
I2C BUS PROTOCOLI2C BUS PROTOCOL
I2C BUS PROTOCOLKashyap Mandaliya
 
Metastability,MTBF,synchronizer & synchronizer failure
Metastability,MTBF,synchronizer & synchronizer failureMetastability,MTBF,synchronizer & synchronizer failure
Metastability,MTBF,synchronizer & synchronizer failureprashant singh
 
Verification Strategy for PCI-Express
Verification Strategy for PCI-ExpressVerification Strategy for PCI-Express
Verification Strategy for PCI-ExpressDVClub
 
Paxos
PaxosPaxos
PaxosAmir Payberah
 
SPI Protocol
SPI ProtocolSPI Protocol
SPI ProtocolAnurag Tomar
 
USART
USARTUSART
USARTIslam Samir
 
Memory management OS
Memory management OSMemory management OS
Memory management OSUmeshchandraYadav5
 
Ambha axi
Ambha axiAmbha axi
Ambha axiHARINATH REDDY
 
Session 8,9 PCI Express
Session 8,9 PCI ExpressSession 8,9 PCI Express
Session 8,9 PCI ExpressSubhash Iyer
 
axi protocol
axi protocolaxi protocol
axi protocolAzad Mishra
 
APB protocol v1.0
APB protocol v1.0APB protocol v1.0
APB protocol v1.0Azad Mishra
 
Demystifying the JESD204B High-speed Data Converter-to-FPGA interface
Demystifying the JESD204B High-speed Data Converter-to-FPGA interfaceDemystifying the JESD204B High-speed Data Converter-to-FPGA interface
Demystifying the JESD204B High-speed Data Converter-to-FPGA interfaceAnalog Devices, Inc.
 
AXI Protocol.pptx
AXI Protocol.pptxAXI Protocol.pptx
AXI Protocol.pptxYazan Yousef
 
Pc ie tl_layer (3)
Pc ie tl_layer (3)Pc ie tl_layer (3)
Pc ie tl_layer (3)Rakeshkumar Sachdev
 
Tutorial on IEEE 802.11 - MAC Protocols and Frames
Tutorial on IEEE 802.11 - MAC Protocols and FramesTutorial on IEEE 802.11 - MAC Protocols and Frames
Tutorial on IEEE 802.11 - MAC Protocols and FramesDheryta Jaisinghani
 
Module 2 ARM CORTEX M3 Instruction Set and Programming
Module 2 ARM CORTEX M3 Instruction Set and ProgrammingModule 2 ARM CORTEX M3 Instruction Set and Programming
Module 2 ARM CORTEX M3 Instruction Set and ProgrammingAmogha Bandrikalli
 
PCIe DL_layer_3.0.1 (1)
PCIe DL_layer_3.0.1 (1)PCIe DL_layer_3.0.1 (1)
PCIe DL_layer_3.0.1 (1)Rakeshkumar Sachdev
 
Practical Byzantine Fault Tolernace
Practical Byzantine Fault TolernacePractical Byzantine Fault Tolernace
Practical Byzantine Fault TolernaceYongraeJo
 
I2C
I2CI2C
I2CSarojpatnaik5
 
AMBA Ahb 2.0
AMBA Ahb 2.0AMBA Ahb 2.0
AMBA Ahb 2.0Akhil Srivastava
 
Pcie basic
Pcie basicPcie basic
Pcie basicSaifuddin Kaijar
 
6.distributed shared memory
6.distributed shared memory6.distributed shared memory
6.distributed shared memoryGd Goenka University
 
AMBA 2.0 REPORT
AMBA 2.0 REPORTAMBA 2.0 REPORT
AMBA 2.0 REPORTNirav Desai
 
AMBA 2.0 PPT
AMBA 2.0 PPTAMBA 2.0 PPT
AMBA 2.0 PPTNirav Desai
 
Arm7 Interfacing examples
Arm7 Interfacing examples Arm7 Interfacing examples
Arm7 Interfacing examples Dr.YNM
 
I2 c bus
I2 c busI2 c bus
I2 c busAkhil Srivastava
 
Amba axi 29 3_2015
Amba axi 29 3_2015Amba axi 29 3_2015
Amba axi 29 3_2015kiemnhatminh
 
FastBFT
FastBFTFastBFT
FastBFTYongraeJo
 
Chapter 6 - Digital Data Communication Techniques 9e
Chapter 6 - Digital Data Communication Techniques 9eChapter 6 - Digital Data Communication Techniques 9e
Chapter 6 - Digital Data Communication Techniques 9eadpeer
 

More Related Content

What's hot

Session 8,9 PCI Express
Session 8,9 PCI ExpressSession 8,9 PCI Express
Session 8,9 PCI ExpressSubhash Iyer
 
APB protocol v1.0
APB protocol v1.0APB protocol v1.0
APB protocol v1.0Azad Mishra
 
Demystifying the JESD204B High-speed Data Converter-to-FPGA interface
Demystifying the JESD204B High-speed Data Converter-to-FPGA interfaceDemystifying the JESD204B High-speed Data Converter-to-FPGA interface
Demystifying the JESD204B High-speed Data Converter-to-FPGA interfaceAnalog Devices, Inc.
 
Tutorial on IEEE 802.11 - MAC Protocols and Frames
Tutorial on IEEE 802.11 - MAC Protocols and FramesTutorial on IEEE 802.11 - MAC Protocols and Frames
Tutorial on IEEE 802.11 - MAC Protocols and FramesDheryta Jaisinghani
 
Module 2 ARM CORTEX M3 Instruction Set and Programming
Module 2 ARM CORTEX M3 Instruction Set and ProgrammingModule 2 ARM CORTEX M3 Instruction Set and Programming
Module 2 ARM CORTEX M3 Instruction Set and ProgrammingAmogha Bandrikalli
 
Practical Byzantine Fault Tolernace
Practical Byzantine Fault TolernacePractical Byzantine Fault Tolernace
Practical Byzantine Fault TolernaceYongraeJo
 
Arm7 Interfacing examples
Arm7 Interfacing examples Arm7 Interfacing examples
Arm7 Interfacing examples Dr.YNM
 
Amba axi 29 3_2015
Amba axi 29 3_2015Amba axi 29 3_2015
Amba axi 29 3_2015kiemnhatminh
 

What's hot (20)

Ambha axi
Ambha axiAmbha axi
Ambha axi
 
Session 8,9 PCI Express
Session 8,9 PCI ExpressSession 8,9 PCI Express
Session 8,9 PCI Express
 
axi protocol
axi protocolaxi protocol
axi protocol
 
APB protocol v1.0
APB protocol v1.0APB protocol v1.0
APB protocol v1.0
 
Demystifying the JESD204B High-speed Data Converter-to-FPGA interface
Demystifying the JESD204B High-speed Data Converter-to-FPGA interfaceDemystifying the JESD204B High-speed Data Converter-to-FPGA interface
Demystifying the JESD204B High-speed Data Converter-to-FPGA interface
 
AXI Protocol.pptx
AXI Protocol.pptxAXI Protocol.pptx
AXI Protocol.pptx
 
Pc ie tl_layer (3)
Pc ie tl_layer (3)Pc ie tl_layer (3)
Pc ie tl_layer (3)
 
Tutorial on IEEE 802.11 - MAC Protocols and Frames
Tutorial on IEEE 802.11 - MAC Protocols and FramesTutorial on IEEE 802.11 - MAC Protocols and Frames
Tutorial on IEEE 802.11 - MAC Protocols and Frames
 
Module 2 ARM CORTEX M3 Instruction Set and Programming
Module 2 ARM CORTEX M3 Instruction Set and ProgrammingModule 2 ARM CORTEX M3 Instruction Set and Programming
Module 2 ARM CORTEX M3 Instruction Set and Programming
 
PCIe DL_layer_3.0.1 (1)
PCIe DL_layer_3.0.1 (1)PCIe DL_layer_3.0.1 (1)
PCIe DL_layer_3.0.1 (1)
 
Practical Byzantine Fault Tolernace
Practical Byzantine Fault TolernacePractical Byzantine Fault Tolernace
Practical Byzantine Fault Tolernace
 
I2C
I2CI2C
I2C
 
AMBA Ahb 2.0
AMBA Ahb 2.0AMBA Ahb 2.0
AMBA Ahb 2.0
 
Pcie basic
Pcie basicPcie basic
Pcie basic
 
6.distributed shared memory
6.distributed shared memory6.distributed shared memory
6.distributed shared memory
 
AMBA 2.0 REPORT
AMBA 2.0 REPORTAMBA 2.0 REPORT
AMBA 2.0 REPORT
 
AMBA 2.0 PPT
AMBA 2.0 PPTAMBA 2.0 PPT
AMBA 2.0 PPT
 
Arm7 Interfacing examples
Arm7 Interfacing examples Arm7 Interfacing examples
Arm7 Interfacing examples
 
I2 c bus
I2 c busI2 c bus
I2 c bus
 
Amba axi 29 3_2015
Amba axi 29 3_2015Amba axi 29 3_2015
Amba axi 29 3_2015
 

Similar to Honeybadger of BFT Protocols

Chapter 6 - Digital Data Communication Techniques 9e
Chapter 6 - Digital Data Communication Techniques 9eChapter 6 - Digital Data Communication Techniques 9e
Chapter 6 - Digital Data Communication Techniques 9eadpeer
 
D I G I T A L C O M M U N I C A T I O N S J N T U M O D E L P A P E R{Www
D I G I T A L C O M M U N I C A T I O N S J N T U M O D E L P A P E R{WwwD I G I T A L C O M M U N I C A T I O N S J N T U M O D E L P A P E R{Www
D I G I T A L C O M M U N I C A T I O N S J N T U M O D E L P A P E R{Wwwguest3f9c6b
 
Digital Communications Jntu Model Paper{Www.Studentyogi.Com}
Digital Communications Jntu Model Paper{Www.Studentyogi.Com}Digital Communications Jntu Model Paper{Www.Studentyogi.Com}
Digital Communications Jntu Model Paper{Www.Studentyogi.Com}guest3f9c6b
 
Hardware implementation of (63, 51) bch encoder and decoder for wban using lf...
Hardware implementation of (63, 51) bch encoder and decoder for wban using lf...Hardware implementation of (63, 51) bch encoder and decoder for wban using lf...
Hardware implementation of (63, 51) bch encoder and decoder for wban using lf...ijitjournal
 
Bluetooth Low Energy - A Case Study
Bluetooth Low Energy - A Case StudyBluetooth Low Energy - A Case Study
Bluetooth Low Energy - A Case StudyFReeze FRancis
 
An Overview of the ATSC 3.0 Physical Layer Specification
An Overview of the ATSC 3.0 Physical Layer SpecificationAn Overview of the ATSC 3.0 Physical Layer Specification
An Overview of the ATSC 3.0 Physical Layer SpecificationAlwin Poulose
 
On how to efficiently implement Deep Learning algorithms on PYNQ platform
On how to efficiently implement Deep Learning algorithms on PYNQ platformOn how to efficiently implement Deep Learning algorithms on PYNQ platform
On how to efficiently implement Deep Learning algorithms on PYNQ platformNECST Lab @ Politecnico di Milano
 
Decentralized Predictive MAC Protocol for Ad Hoc Cognitive Radio Networks
Decentralized Predictive MAC Protocol for Ad Hoc Cognitive Radio NetworksDecentralized Predictive MAC Protocol for Ad Hoc Cognitive Radio Networks
Decentralized Predictive MAC Protocol for Ad Hoc Cognitive Radio NetworksIffat Anjum
 
COmputer Networks Andrew tanenbaum CHAPTER 3
COmputer Networks Andrew tanenbaum CHAPTER 3COmputer Networks Andrew tanenbaum CHAPTER 3
COmputer Networks Andrew tanenbaum CHAPTER 3MrMRajaCSESTAFF
 
Secure and Efficient Data Transmission for Cluster-Based Wireless Sensor Net...
Secure and Efficient Data Transmission for Cluster-Based Wireless Sensor Net...Secure and Efficient Data Transmission for Cluster-Based Wireless Sensor Net...
Secure and Efficient Data Transmission for Cluster-Based Wireless Sensor Net...Walchand college of Engineering,Sangli
 
Ch3datalinklayerand layeraa linkdata.ppt
Ch3datalinklayerand layeraa linkdata.pptCh3datalinklayerand layeraa linkdata.ppt
Ch3datalinklayerand layeraa linkdata.pptBlackHat41
 
Ch3.ppt
Ch3.pptCh3.ppt
Ch3.pptThirft
 
ppt presentasi kelompok data link layer
ppt presentasi kelompok data link layerppt presentasi kelompok data link layer
ppt presentasi kelompok data link layerrosedinda4
 
Krishna thesis presentation
Krishna thesis presentationKrishna thesis presentation
Krishna thesis presentationahyaimie
 

Similar to Honeybadger of BFT Protocols (20)

FastBFT
FastBFTFastBFT
FastBFT
 
Chapter 6 - Digital Data Communication Techniques 9e
Chapter 6 - Digital Data Communication Techniques 9eChapter 6 - Digital Data Communication Techniques 9e
Chapter 6 - Digital Data Communication Techniques 9e
 
Data link control protocol(2)
Data link control protocol(2)Data link control protocol(2)
Data link control protocol(2)
 
D I G I T A L C O M M U N I C A T I O N S J N T U M O D E L P A P E R{Www
D I G I T A L C O M M U N I C A T I O N S J N T U M O D E L P A P E R{WwwD I G I T A L C O M M U N I C A T I O N S J N T U M O D E L P A P E R{Www
D I G I T A L C O M M U N I C A T I O N S J N T U M O D E L P A P E R{Www
 
Digital Communications Jntu Model Paper{Www.Studentyogi.Com}
Digital Communications Jntu Model Paper{Www.Studentyogi.Com}Digital Communications Jntu Model Paper{Www.Studentyogi.Com}
Digital Communications Jntu Model Paper{Www.Studentyogi.Com}
 
Hardware implementation of (63, 51) bch encoder and decoder for wban using lf...
Hardware implementation of (63, 51) bch encoder and decoder for wban using lf...Hardware implementation of (63, 51) bch encoder and decoder for wban using lf...
Hardware implementation of (63, 51) bch encoder and decoder for wban using lf...
 
Bluetooth Low Energy - A Case Study
Bluetooth Low Energy - A Case StudyBluetooth Low Energy - A Case Study
Bluetooth Low Energy - A Case Study
 
An Overview of the ATSC 3.0 Physical Layer Specification
An Overview of the ATSC 3.0 Physical Layer SpecificationAn Overview of the ATSC 3.0 Physical Layer Specification
An Overview of the ATSC 3.0 Physical Layer Specification
 
On how to efficiently implement Deep Learning algorithms on PYNQ platform
On how to efficiently implement Deep Learning algorithms on PYNQ platformOn how to efficiently implement Deep Learning algorithms on PYNQ platform
On how to efficiently implement Deep Learning algorithms on PYNQ platform
 
digital datacomm
digital datacommdigital datacomm
digital datacomm
 
Decentralized Predictive MAC Protocol for Ad Hoc Cognitive Radio Networks
Decentralized Predictive MAC Protocol for Ad Hoc Cognitive Radio NetworksDecentralized Predictive MAC Protocol for Ad Hoc Cognitive Radio Networks
Decentralized Predictive MAC Protocol for Ad Hoc Cognitive Radio Networks
 
COmputer Networks Andrew tanenbaum CHAPTER 3
COmputer Networks Andrew tanenbaum CHAPTER 3COmputer Networks Andrew tanenbaum CHAPTER 3
COmputer Networks Andrew tanenbaum CHAPTER 3
 
Secure and Efficient Data Transmission for Cluster-Based Wireless Sensor Net...
Secure and Efficient Data Transmission for Cluster-Based Wireless Sensor Net...Secure and Efficient Data Transmission for Cluster-Based Wireless Sensor Net...
Secure and Efficient Data Transmission for Cluster-Based Wireless Sensor Net...
 
SCP
SCPSCP
SCP
 
DLL PPT.ppt
DLL PPT.pptDLL PPT.ppt
DLL PPT.ppt
 
Ch3datalinklayerand layeraa linkdata.ppt
Ch3datalinklayerand layeraa linkdata.pptCh3datalinklayerand layeraa linkdata.ppt
Ch3datalinklayerand layeraa linkdata.ppt
 
datalink.ppt
datalink.pptdatalink.ppt
datalink.ppt
 
Ch3.ppt
Ch3.pptCh3.ppt
Ch3.ppt
 
ppt presentasi kelompok data link layer
ppt presentasi kelompok data link layerppt presentasi kelompok data link layer
ppt presentasi kelompok data link layer
 
Krishna thesis presentation
Krishna thesis presentationKrishna thesis presentation
Krishna thesis presentation
 

More from YongraeJo

Zeus Locality aware distributed transaction upload.pptx
Zeus Locality aware distributed transaction upload.pptxZeus Locality aware distributed transaction upload.pptx
Zeus Locality aware distributed transaction upload.pptxYongraeJo
 
blockchain-and-trusted-computing
blockchain-and-trusted-computingblockchain-and-trusted-computing
blockchain-and-trusted-computingYongraeJo
 
Blockchain meets database
Blockchain meets databaseBlockchain meets database
Blockchain meets databaseYongraeJo
 
Byzantine ordered consensus
Byzantine ordered consensusByzantine ordered consensus
Byzantine ordered consensusYongraeJo
 
BlockLot: Blockchain-based verifiable lottery
BlockLot: Blockchain-based verifiable lotteryBlockLot: Blockchain-based verifiable lottery
BlockLot: Blockchain-based verifiable lotteryYongraeJo
 
Simple robot pets with three emotions (uC/OS III)
Simple robot pets with three emotions (uC/OS III)Simple robot pets with three emotions (uC/OS III)
Simple robot pets with three emotions (uC/OS III)YongraeJo
 
Making BFT Protocols Really Adaptive
Making BFT Protocols Really AdaptiveMaking BFT Protocols Really Adaptive
Making BFT Protocols Really AdaptiveYongraeJo
 
A Byzantine Fault-Tolerant Ordering Service for the Hyperledger/Fabric Blockc...
A Byzantine Fault-Tolerant Ordering Service for the Hyperledger/Fabric Blockc...A Byzantine Fault-Tolerant Ordering Service for the Hyperledger/Fabric Blockc...
A Byzantine Fault-Tolerant Ordering Service for the Hyperledger/Fabric Blockc...YongraeJo
 

More from YongraeJo (20)

Zeus Locality aware distributed transaction upload.pptx
Zeus Locality aware distributed transaction upload.pptxZeus Locality aware distributed transaction upload.pptx
Zeus Locality aware distributed transaction upload.pptx
 
basil.pptx
basil.pptxbasil.pptx
basil.pptx
 
HotStuff
HotStuff HotStuff
HotStuff
 
Fbft
FbftFbft
Fbft
 
blockchain-and-trusted-computing
blockchain-and-trusted-computingblockchain-and-trusted-computing
blockchain-and-trusted-computing
 
Blockchain meets database
Blockchain meets databaseBlockchain meets database
Blockchain meets database
 
Beat
BeatBeat
Beat
 
Byzantine ordered consensus
Byzantine ordered consensusByzantine ordered consensus
Byzantine ordered consensus
 
Stellar
StellarStellar
Stellar
 
Ledgerdb
LedgerdbLedgerdb
Ledgerdb
 
Blockene
BlockeneBlockene
Blockene
 
BlockLot: Blockchain-based verifiable lottery
BlockLot: Blockchain-based verifiable lotteryBlockLot: Blockchain-based verifiable lottery
BlockLot: Blockchain-based verifiable lottery
 
Simple robot pets with three emotions (uC/OS III)
Simple robot pets with three emotions (uC/OS III)Simple robot pets with three emotions (uC/OS III)
Simple robot pets with three emotions (uC/OS III)
 
FlexSC
FlexSCFlexSC
FlexSC
 
Cheapbft
Cheapbft Cheapbft
Cheapbft
 
Making BFT Protocols Really Adaptive
Making BFT Protocols Really AdaptiveMaking BFT Protocols Really Adaptive
Making BFT Protocols Really Adaptive
 
Pileus
PileusPileus
Pileus
 
Vft
VftVft
Vft
 
Xft
XftXft
Xft
 
A Byzantine Fault-Tolerant Ordering Service for the Hyperledger/Fabric Blockc...
A Byzantine Fault-Tolerant Ordering Service for the Hyperledger/Fabric Blockc...A Byzantine Fault-Tolerant Ordering Service for the Hyperledger/Fabric Blockc...
A Byzantine Fault-Tolerant Ordering Service for the Hyperledger/Fabric Blockc...
 

Recently uploaded

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 

Recently uploaded (20)

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

Honeybadger of BFT Protocols

  • 1. The Honey Badger of BFT Protocols Andrew Miller, Yu Xia, Kyle Croman, Elaine Shi, Dawn Song University of Illinois, Urbana-Champaign, Cornell University, Tsinghua University, University of California, Berkeley Presented by Yongrae Jo, System software lab. at POSTECH
  • 5. 5 HoneyBadgerBFT is a Cherry-Picker
  • 6. 6 Motivation ● Weakly (or partially) synchronous protocol such as PBFT rely on network timing assumption … – Not suited for real-world network ● Designing practical (large-scale, high efficiency and high-robust) Byzantine fault tolerant consensus algorithm in asynchronous network – Doesn’t rely on network condition
  • 7. 7 Background ● Timing assumptions in distributed systems ● FLP Impossibility Result ● Equivalence between consensus and other problems ● Broadcast primitives ● Randomized Byzantine Agreement ● {Binary / Multi-valued / Vector / k-Set} Consensus ● Erasure Coding ● Threshold Encryption
  • 8. 8 Background ● Timing assumptions in distributed systems ● FLP Impossibility Result ● Equivalence between consensus and other problems ● Broadcast primitives ● Randomized Byzantine Agreement ● {Binary / Multi-valued / Vector / k-Set} Consensus ● Erasure Coding ● Threshold Encryption
  • 9. 9 Timing assumptions ● Synchronous network – All messages are delivered within Δ ● Eventual synchronous network – After unknwon GST(Global Stabilization Time), all messages are delivered within Δ ● Partially synchronous network – Eventual synchronous, but Δ is unknown to the protocol ● Weakly synchronous network – Varying Δ along with the network conditions and protocol Δ : timeout parameter
  • 10. 10 No timing assumption on underlying network Asynchronous Network
  • 11. 11 But sadly, we have FLP Impossibility Result
  • 12. 12 Deterministic consensus algorithm in asynchronous network is impossible FLP Impossibility Result
  • 13. 13 How to circumvent FLP result? ● Sacrifice determinism – Randomized Byzantine consensus algorithm ● Adding timing assumption – Partially sync., etc. ● Adding oracle (failure detector) ● Adding trusted component ● Change the problem domain (e.g. not a single value, but range of value or set of values) ● Ref. Byzantine consensus in asynchronous message- passing systems: a survey (2011)
  • 14. 14 How to circumvent FLP result? ● Sacrifice determinism – Randomized Byzantine consensus algorithm ● Change the problem domain (e.g. not a single value, but range of value or set of values) Ref. Byzantine consensus in asynchronous message- passing systems: a survey (2011) HoneyBadgerBFT Asynchronous Agreement on Common Set
  • 15. 15 Equivalent problems to Consensus in distributed computing area Consensus Atomic Broadcast State Machine Replication Group Membership Non-blocking Atomic commit Hadzilacos and Toueg, 1994 Chandra and Toueg, 1996 Cachin et al., 2001 Schneider, 1990 Guerraoui and Schiper, 2001 Guerraoui and Schiper, 2001 ~ ~ reducible related
  • 17. 17 System Model ● Node – N nodes exist in network: P0 , … , Pn-1 – Each node receive transactions as input – The goal of node is to reach consensus on a transaction order ● Client – Submit a transaction, and consider it committed when the client received signatures from majority of nodes ● Transaction – Identified as a unique string
  • 18. 18 System Model ● Static Byzantine faults – n = 3f + 1 ● Network – Purely asynchronous network – Reliable authenticated point-to-point channel – Adversary can control delivery schedule, but can’t stop message from being delivered ● Trusted setup – Initial key distribution
  • 19. 19 Atomic Broadcast ● Consensus = Atomic Broadcast ● HoenyBadgerBFT is Atomic Broadcast ● Designing Atomic Broadcast solves consensus problem Above properties should hold with high probability Properties of Atomic Broadcast Safety Live- ness
  • 20. 20 Some Acronyms ● ABC: Atomic Broadcast ● ACS: Agreement on Common Subset or Asynchronous Common Subset ● RBC: Reliable Broadcast ● MVBA: Multi-Valued Byzantine Agreement ● ABA (or simply BA): Asynchronous Binary Agreement ● TPKE : Threshold (Public Key) Encryption
  • 21. 21 ACS MVBA RBC ABA reduction RBC ABA ABC reduction CommonCoin HonyeBadgerBFT implement use Module relationships MVBA module is actually not used in HoneyBadgerBFT use To implement ABC(Atomic Broadcast) is to implement consensus
  • 22. 22 ACS MVBA RBC ABA reduction reduction RBC ABA C. Cachin et al. Secure and efficient asynchronous broadcast protocols, 2001 Bracha’s Broadcast G. Bracha, Asynchronous byzantine agreement protocols. Information and Computation, 1987 C. Cachin et al., Asynchronous verifiable information dispersal, 2005 Bracha’s Broadcast with Erasure coding A. Mostefaoui et al., Signature-free asynchronous byzantine consensus with t< n/3 and O(n^2) messages, 2014 |v| : Size of input λ : Security parameter M. Ben-Or et al., Asynchronous secure computations with optimal resilience (1994)
  • 23. 23 ACS MVBA RBC ABA reduction reduction RBC ABA C. Cachin et al. Secure and efficient asynchronous broadcast protocols, 2001 Bracha’s Broadcast G. Bracha, Asynchronous byzantine agreement protocols. Information and Computation, 1987 C. Cachin et al., Asynchronous verifiable information dispersal, 2005 Bracha’s Broadcast with Erasure coding A. Mostefaoui et al., Signature-free asynchronous byzantine consensus with t< n/3 and O(n^2) messages, 2014 |v| : Size of input λ : Security parameter M. Ben-Or et al., Asynchronous secure computations with optimal resilience (1994) Good batching
  • 24. 24 ACS MVBA RBC ABA reduction reduction RBC ABA C. Cachin et al. Secure and efficient asynchronous broadcast protocols, 2001 Bracha’s Broadcast G. Bracha, Asynchronous byzantine agreement protocols. Information and Computation, 1987 C. Cachin et al., Asynchronous verifiable information dispersal, 2005 Bracha’s Broadcast with Erasure coding A. Mostefaoui et al., Signature-free asynchronous byzantine consensus with t< n/3 and O(n^2) messages, 2014 |v| : Size of input λ : Security parameter M. Ben-Or et al., Asynchronous secure computations with optimal resilience (1994) Good batching HoneyBadgerBFT’s cherry picking
  • 25. 25 Modular Approach ● HoneyBadgerBFT ‘s modular composition – Module 1. HoneyBadgerBFT – Module 2. ACS (Asynchronous Common Subset) – Module 3. RBC (Reliable Broadcast) – Module 4. BA (Asynchronous Binary Agreement) – Module 5. CommonCoin
  • 26. 26 HoneyBadgerBFT use use use use ACS RBC BA CommonCoin Module Relationships in HoneyBadgerBFT TPKE use
  • 27. 27 Module: HoneyBadgerBFT ● Implements Atomic Broadcast (a.k.a Consensus) ● Why Threshold Encryption? – Adversary can selectively delay proposal from specific node – By using Threshold Encryption, adversary doesn’t know whose proposals are coming from (Censorship resiliency) – Cachin et al., Practical asynchronous byzantine agreement using cryptography(2000)
  • 28. 28 123n Message Buffer(FIFO Queue) Selection Policy 2 1 3 Subset Vector Message = Transaction (N, f+1) Threshold Encryption using Public key PK ACS Receive Random selection x y z input (bit vector) 01001….010 Threshold Decryption with its own share output (bit vector) Multicast decrypted share Wait until f+1 decrypted shares are received Recover original secret using Public Key Generate block Remove batched transactions from Buffer Consensus on bit vector Batch size
  • 30. 30 Module: ACS ● Agreement on common subset asynchronously ● Protocol – 1) Each node broadcast proposed value using RBC – 2) After 1), ABA decides a vector of proposed value from RBC Quorum size & legitimate contents Properties of Asynchronous Common Subset Above properties should hold with high probability Liveness Safety
  • 31. 31
  • 32. 32 Module RBC ● (Byzantine) Reliable broadcast for proposal ● Resolving leader bottleneck by using erasure coding – Without erasure coding, O( N B ) – With erasure coding, O( B ) Outsourced from Bracha’s broadcast with erasure coding (Reed-Solomon Impl.) from – C. Cachin and S. Tessaro. Asynchronous verifiable information dispersal (2005) – G. Bracha, Asynchronous byzantine agreement protocols(1987) Properties of Reliable Broadcast
  • 33. 33 (N-2f, N)-Erasure coding scheme Data Block A B C D Split data block into N pieces of small data blocks including parity block E F G H I J K L A B C D E F G H I J K L Some corrupted or lost Recover original Data block only from N-2f small blocks or intentionally omitted to save space N = 12, N-2f = 8 O(B)
  • 34. 34 A B h9 C D h10 E F h11 G H h12 h13 h14 h Erasure coded blocks h1 h2 h3 h4 h5 h6 h7 h8 In (N-2f, N)-erasure coding scheme, only N- 2f pieces of blocks are needed to recover the original. Situation where N-f ECHO msgs are not received yet, But, received f+1 READY msg
  • 35. 35 Module BA ● (Asynchronous) Binary & Randomized & Byzantine Agreement on a single bit ● Used for ensuring decided value from RBC instance Outsourced from ● Moustefaoui et al., Signature-free asynchronous byzantine consensus with t< n/3 and O(n ^2), 2014 ● Rabin M., Randomized Byzantine generals, 1983 Properties of Asynchronous Byzantine Agreement Above properties should hold with high probability
  • 36. 36 BA BA 1 BA 2 BA 3 BA N 0 / 1 0 / 1 0 : I don’t agree with you 1 : I agree with you Just think of BA as a blackbox for 0/1 agreement RBC 1 RBC 2 RBC 3 RBC N Do you agree the result of RBC instance? Yes(1) / No(0) 1 / 0 1 / 0 Vote result Vote result Vote result Vote result
  • 37. 37 Module CommonCoin ● Distributed object that delivers the same sequence of random bits b1 ,b2 ,... ,br ,... to each process ● Return random bit with threshold encryption Outsourced from Rabin M., Randomized Byzantine generals (1983)
  • 38. 38 Implementation ● Python, gevent library for concurrent task ● Threshold cryptography, Charm / PBC library ● Docker container
  • 39. 39 Evaluation Env. ● EC2 t2.medium instances throughout 8 regions spanning 5 continents – 32, 40, 48, 56, 64, and 104 instances ● Varying batch size: 256, 512, 1024, 2048, 4096, 8192, 16384, 32768, 65536, or 131072 ● N = 4f + 1 ● No faults or network interruptions
  • 40. 40 Comm. cost vs Batch size Comm. cost:
  • 43. 43 HoneyBadgerBFT vs PBFT PBFT has leader bottleneck
  • 44. 44 Conclusion ● HoneyBadgerBFT is the first practical asynchronous Byzantine consensus protocol ● HoneyBadgerBFT can be a suitable component in cryptocurrency-inspired deployments of fault tolerant transaction processing systems ● HoneyBadgerBFT is building block for dependable system based on asynchronous protocol
  • 45. 45
  • 48. 48
  • 49. 49 (RBC and BA) in ACS
  • 51. 51 Signature-Free Asynchronous Byzantine Consensus with t < n/3 and O(n^2 ) Messages (2014)
  • 52. 52 Signature-Free Asynchronous Byzantine Consensus with t < n/3 and O(n^2 ) Messages (2014)
  • 53. 53 Broadcast Primitives ● Best-effort Broadcast ● Reliable Broadcast ● Uniform Reliable Broadcast ● Stubborn Broadcast ● FIFO Broadcast ● Casual Broadcast ● Total-Order Broadcast (Atomic Broadcast) – Bracha’s Broadcast ● ...
  • 59. 59 A B C D E F G H I J K L Data Block Recover from small pieces of blocks A B C D Data Block Recover Data Block E F G H Recover Data Block I J K L Recover
  • 60. 60 Why do we need RBC and additional BA? Normally, PBFT’s reliable broadcast guarantee consistency → Asynchrony: In PBFT, there is explicit time bound. But, in asynchronous network, RBC may fail. So for finality, additional BA is needed to ensure that all correct processes decide same value.