1. The Byzantine Generals Problems
LESLIE LAMPORT, ROBERT SHOSTAK, and MARSHALL PEASE
!
Present by: Nguyen Thi Mai & Nguyen Van Luong
2. Motivation
A reliable computer system must be able to cope
with a failure of one or more of its components
A failed computer behaviour in this case:
Sending conflicting messages to different
parts of the system
Not sending some of the messages
3. Motivation
All generals must agree
upon a common battle
plan
Communicate only be
messenger
Some of generals are
traitors who try to confuse
the others
5. Formally
1. All loyal lieutenants obey the same order
2. If the commander is loyal, then every loyal
lieutenant obeys the order he sends
6. Oral Message algorithm
Assumptions:
Every message that is sent is delivered
correctly
A receiver of a message knows who sent it
The absence of a message can be detected
7. Oral Message algorithm
A recursive definition, with a base case for m=0, and a recursive step for m > 0:
Algorithm OM(0) :
1.The commander sends his value to every lieutenant.
2.Each lieutenant uses the value he receives from the commander.
Algorithm OM(m), m > 0
1.The commander sends his value to each lieutenant.
2.For each i, let vi be the value lieutenant i receives from the commander. Lieutenant
i acts as the commander in Algorithm OM(m-1) to send the value vi to each of the
n-2 other lieutenants.
3.For each i, and each j ≠ i, let vi be the value lieutenant i received from lieutenant j in
step 2 (using Algorithm OM(m-1)). Lieutenant i uses the value Majority(v1, v2, …
vn).
8. Oral Message algorithm
Lemma 1:
For any m and k, Algorithm OM(m) satisfies (2)
if there are more than 2k+m generals and at
most k traitors
Theorem 1:
For any m, algorithm OM(m) satisfies conditions
1 and 2 if there are more than 3m generals, and
at most m traitors.
9. Oral Message algorithm
Example: Bad Lieutenant
Scenario: m=1, n=4, traitor = L3
OM(1):
C
A
A
A
L2
L1
L3
C
OM(0):???
L1
L2
A
A
Decision??
R
L3
R
L1 = m (A, A, R); L2 = m (A, A, R); Both attack!
10. Oral Message algorithm
Example: Bad Commander
Scenario: m=1, n=4, traitor = C
OM(1):
C
A
R
L2
L1
OM(0):???
A
L3
A
L1
R
A
L2
A
R
L3
A
Decision?? L1=m(A, R, A); L2=m(A, R, A); L3=m(A,R,A); Attack!
11. Signed Message algorithm
More assumptions:
A loyal general’s signature cannot be forged, and any
alteration of the contents of his signed message can be
detected
Anyone can verify the authenticity of a general’s
signature
=> There exists an algorithm that copes with m traitors
for any number of generals (n≥m+2)
12. Signed Message algorithm
1. Commander signs v and sends to all as (v:0)
2. Each lieutenant i:
A) If receive (v:0) and no other order
1) Vi = v
2) send (V:0:i) to all
B) If receive (v:0:j:...:k) and v not in Vi
1) Add v to Vi
2) if (k<m) send (v:0:j:...:k:i) to all not in j...k
3. When no more msgs, obey order of choice(Vi)
14. Signed Message algorithm
SM(1) Example: Bad Commander
Scenario: m=1, n=m+2=3, bad commander
A:0
C
R:0
L2
L1
What next?
A:0:L1
L2
L1
R:0:L2
V1={A,R} V2={R,A}
Both L1 and L2 can trust orders are from C
Both apply same decision to {A,R}
15. Signed Message algorithm
SM(2): Bad Commander+
Scenario: m=2, n=m+2=4, bad commander and L3
A:0
L1
A:0:L1
L1 A:0:L2
C
A:0
L2
L2 A:0:L3 L3
R:0:L3
V1 = V2 = {A,R} ==> Same decision
x
L3
Goal? L1 and L2
must make same
decision
R:0:L3:L1
L2
L1
16. Conclusion
Problem: T implement a fault-tolerant service with coordinated replicas, must
o
agree on inputs
Byzantine failures make agreement challenging: Produce arbitrary output, can’t
detect, collude
User different agreement protocol depending on assumptions:
Oral messages:
Need 3f+1 nodes to tolerate f failures
Difficult because traitors can lie about what others said
Signed messages:
Need f+2 nodes
Easier because traitors can only lie about other traitors