advanced network security
play

Advanced Network Security 6. Agreement and consensus II: Byzantine - PowerPoint PPT Presentation

Jan 16, 2024 •160 likes •477 views

Advanced Network Security 6. Agreement and consensus II: Byzantine failures Jaap-Henk Hoepman Digital Security (DS) Radboud University Nijmegen, the Netherlands @xotoxot // * jhh@cs.ru.nl // 8 www.cs.ru.nl/~jhh Byzantine failures are real

  1. Advanced Network Security 6. Agreement and consensus II: Byzantine failures Jaap-Henk Hoepman Digital Security (DS) Radboud University Nijmegen, the Netherlands @xotoxot // * jhh@cs.ru.nl // 8 www.cs.ru.nl/~jhh

  2. ↳ Byzantine failures are real binair 9 Én 1 -7 teshdd ' Jaap-Henk Hoepman // Radboud University Nijmegen // 29-2-2016 // Fault Tolerance - Byzantine Generals 2

  3. The consensus problem (again) n All processes have a binary input value (0 or 1) ● So it is different from a broadcast n Consistency condition ● All correct processes decide on the same value ( Agreement ) ● If all processors have the same input value ! , then all correct processors must decide ! ( Validity ) n Termination condition ● Deterministic n Now tolerating " < $/& byzantine failures ● Instead of arbitrary number of crash failures Jaap-Henk Hoepman // Radboud University Nijmegen // 29-2-2016 // Fault Tolerance - Byzantine Generals 4

  4. Consensus for Byzantine failures n Remember: Byzantine processors may lie… n So: what goes wrong in the protocol for crash failures? ( essential strategy gossip : ( for failure ) crash ( lle the be problem gossip a mag : Jaap-Henk Hoepman // Radboud University Nijmegen // 29-2-2016 // Fault Tolerance - Byzantine Generals 5

  5. Correctness proof of protocol for crash failures n Lemma: suppose both processors ' and ( are correct (i.e don’t fail). Then if ) ∈ + , then ) ∈ + - n Proof , for some 0 with ' ∉ σ ● If ) ∈ + , then ) = ) / , too, with ' ∉ 3 , « If ' ∈ 0 , i.e. 0 = 3; '; 5 then ' sent ) = 6 7;, and hence ) = ) 7 , = ) to q and then ) /;, - - ● If 0 < 8 + 1 then ' will send 6 /;, = ) / = ) and so ) ∈ + - ● If 0 = 8 + 1 then there is a non faulty processor ; with 0 = 3; ;; 5 such , Then at round 3 + 1 processor ; sent ) = ) 7 < = ) / < to ( as well that ) 7 1- - ). Hence ) 7;< - (as message ) = 6 7;< = ). Again ) ∈ + - Jaap-Henk Hoepman // Radboud University Nijmegen // 29-2-2016 // Fault Tolerance - Byzantine Generals 6

  6. ⇒ ⇒ Byzantine failures: " < $/& is necessary ⑧ goud baat n Suppose > = 3 and 8 = 1 (and two rounds) ② byzantijnen ③ ② ° @rmiarym.amia ① % a a @ µ " ËËË iii. . ÷ @ . . . ⑥ Mb b b mis b Mb C C tube It I must must decide are I allo decided b seek decide 0 gameuserset § decide 1 29-2-2016 // Fault Tolerance - Byzantine Generals Jaap-Henk Hoepman // Radboud University Nijmegen // 8

  7. A protocol tolerating " < $/& byzantine failures n Again each processor ' builds the following tree E , , ) M Level 0 , ) - F ,- G ,..,- H means: ( I told ' , , , , ) P Level 1 ) K ) - that ( IJK told ( I , …. , , , , that ( K ’s value is ) ) K,Q ) K,P ) P,K ) P,PJK Level 2 Initially all ⊥ , = N ' . O> ) M , ) / Level R , ) /;S for all T ∉ 0 , i.e. > − 0 = > − R children Level R + 1 Level 8 + 1 Jaap-Henk Hoepman // Radboud University Nijmegen // 29-2-2016 // Fault Tolerance - Byzantine Generals 10

  8. Byzantine failures: decision more complex , to each node in the tree n Associate a decision value V / ● After tree is filled with values top down, it is filled with decision values bottom up , is the value for N ' . VWXOYOZ> that ' decides on ● V M n Define [\TZRO]^ _ be the value that occurs most in a set _ , using some constant ⊥ to break ties Jaap-Henk Hoepman // Radboud University Nijmegen // 29-2-2016 // Fault Tolerance - Byzantine Generals 11

  9. Lamport’s OM protocol for building the tree , (O, )) to make clear processor ' executes this to n We write `[ / propagate ) and to keep track of ‘stack trace’ 0 ● O is recursion parameter (starts at 8 and ends at 0) (Lamport uses 6 in the paper) , O, ) is executed by ' for all 0 s.t. |0| = 8 − O and ' ∉ 0 ● `[ / , to all nodes ( (as message 6 /;, - , stored by ( as ) /;, - ), ● It sends ) = ) / and instructs them to propagate the value through recursion ● It essentially builds ' ’s part of the subtrees rooted at 0 for all - () the whole subtrees rooted processors; together with the other `[ / at 0 are built. , (8, N ' . O>) for all ' ● The protocol starts with `[ M Jaap-Henk Hoepman // Radboud University Nijmegen // 29-2-2016 // Fault Tolerance - Byzantine Generals 12

  10. Lamport’s OM protocol Here 0; ' = 8 + 1 , 0, ) : n `[ / , as 6 /;, - ● Send v / to all ( - - - - ● All processors ( that receive it set ) /;, = 6 /;, ; set ⊥ if no value received ; and set V /;, = ) /;, , = [\TZRO]^( V /;- , |( ∉ 0 ) ● Set V / , O, ) for 0 < O ≤ 8 n `[ / - ● Send ) as 6 /;, to all ( - - ● All processors ( that receive it set ) /;, = 6 /;, = ) ; set ⊥ if no value received - (O − 1, ) /;, - ) for all ( ∉ 0; ' ● Trigger `[ /;, m-1 rounds , (O − 1, 6 /;- , ) if ' ∉ 0; ( , « Or rather: when receiving 6 /;- execute `[ /;- , = [\TZRO]^( V /;- , |( ∉ 0 ) ● Set V / , (8, N ' . O>) for all ' in round 0 n Start as `[ M , ● Storing N ' . O> as ) M Jaap-Henk Hoepman // Radboud University Nijmegen // 29-2-2016 // Fault Tolerance - Byzantine Generals 13

  11. A protocol tolerating " < $/& byzantine failures n Again each processor ' builds the following tree E , , `[ M , ) M Level 0 , ) - F ,- G ,..,- H means: ( I told ' , , , `[ K , , ) P Level 1 ) K ) - that ( IJK told ( I , …. , `[ K,P , , , , that ( K ’s value is ) ) K,Q ) K,P ) P,K ) P,PJK Level 2 Initially all ⊥ , = N ' . O> ) M , ) / Level R , ) /;S for all T ∉ 0 , i.e. > − 0 = > − R children Level R + 1 Level 8 + 1 Jaap-Henk Hoepman // Radboud University Nijmegen // 29-2-2016 // Fault Tolerance - Byzantine Generals 14

  12. One step in detail K `[ M K ) M Level 0 P `[ K , 6 K,P P PJK ) K 6 K,P Level 1 , `[ K,P , ) K,P Level 2 - 6 K,P,, Level 3 - ) K,P,, Jaap-Henk Hoepman // Radboud University Nijmegen // 29-2-2016 // Fault Tolerance - Byzantine Generals 15

  13. So building the tree is the same protocol as for crash failures. , means: ( I told ' , ) - F ,- G ,..,- H that ( IJK told ( I , …. n Before round 1 that ( K ’s value is ) , =⊥ and ) M , = N ' . O> ● Initialise tree. Set all ) / Initially all ⊥ , = N ' . O> ) M n Round R, 1 ≤ R ≤ 8 + 1 , to all processors ( (including ● For all 0 with 0 = R − 1 ∧ ' ∉ 0, send ) / ' ) - « Call this message 6 /;, , , ● Receive all 6 /;y addressed to ' and store in ) /;y « By the protocol z ∉ 0 so ' receives > − (R − 1) such messages from each z Jaap-Henk Hoepman // Radboud University Nijmegen // 29-2-2016 // Fault Tolerance - Byzantine Generals 16

  14. Deciding on a value n Work from the leaves upwards , = ) / , for 0 = 8 + 1 ● V / , = [\TZRO]^( V /;- , |( ∉ 0 ) otherwise ● V / , ● Node ' decides on V M Jaap-Henk Hoepman // Radboud University Nijmegen // 29-2-2016 // Fault Tolerance - Byzantine Generals 17

  15. Correctness We reason over all trees , - n Lemma 1: If ', (, R are non faulty, then for all 0 we have ) /;| = ) /;| it ● Proof: ten is same value so ✓ correct seeds , to de p , = ) / , for all leaves, ie 0 = 8 + 1 n Set V / Jaap-Henk Hoepman // Radboud University Nijmegen // 29-2-2016 // Fault Tolerance - Byzantine Generals 18

  16. ⇒ ⇒ Correctness , - n Lemma 1: If ', (, R are non faulty, then for all 0 we have ) /;| = ) /;| n Lemma 2: Let 0 be arbitrary and let R be non faulty. Then there is , , a value ) such that for all non faulty p we have V /;| = ) . = ) /;| inductie tart tortilla Bij on inductieve - - TH lont basecase VI : level k - - tv-Toren In ten level level f II ' ' tweeten levert i. n ( . , er :p other dfr.tv Anodes - amajoin - f tarten div her have n & - > zf df.ru Jaap-Henk Hoepman // Radboud University Nijmegen // 29-2-2016 // Fault Tolerance - Byzantine Generals 20

  17. Correctness , - n Lemma 1: If ', (, R are non faulty, then for all 0 we have ) /;| = ) /;| n Lemma 2: Let 0 be arbitrary and let R be non faulty. Then there is a , , value ) such that for all non faulty p we have V /;| = ) /;| = ) . ● By induction on the length of 0; R starting with the leaves (length 8 + 1 ) ● The base case follows from lemma 1 and the fact that for 0; R = 8 + 1 we , , have V /;| = ) /;| . ● Now suppose 0 ≤ 0; R < 8 + 1 . By lemma 1 all non faulty processors have the , - same value ) /;| = ) . Then all non-faulty processors ' ∉ 0; R send ) as 6 /;|;, to - all other processors ( . If non faulty, ( sets ) /;|;, = ) . - - ● By the induction hypothesis we have V /;|;, = ) /;|;, = ) for all non faulty ( . ● The number of children of a node with label 0; R is > − 0; R ≥ > − 8 > 28 - - ● Hence the majority of children is non-faulty, and so V /;| = [\TZRO]^(É V /;|;, |' ∉ 0 ) = ) as required Ñ Jaap-Henk Hoepman // Radboud University Nijmegen // 29-2-2016 // Fault Tolerance - Byzantine Generals 22

  18. ⇒ ⇒ Validity n Theorem: If all non faulty processors have input ) they decide on ) - faalt If her have value alt send U v p nou - firstround - faun te In to q an man ✓ { d correct for 9- an p v = . plot die correct for an lemma 2 - ( Edit brand ) af v Maij = = Jaap-Henk Hoepman // Radboud University Nijmegen // 29-2-2016 // Fault Tolerance - Byzantine Generals 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Economics of network security Harald Vranken 1 Economics of network security Note that

Economics of network security Harald Vranken 1 Economics of network security Note that

Advanced Network Security (2019-2020) Economics of network security Harald Vranken 1 Economics of network security Note that network in this lecture means Physical communication network (eg. Internet, telephony, fax, telegraph)

769 views • 49 slides
VoIP Security* Professor Patrick McDaniel CSE545 - Advanced Network Security Spring 2011

VoIP Security* Professor Patrick McDaniel CSE545 - Advanced Network Security Spring 2011

VoIP Security* Professor Patrick McDaniel CSE545 - Advanced Network Security Spring 2011 *Thanks to Prof. Angelos Keromytis for materials for these lecture slides. CSE545 - Advanced Network Security - Professor McDaniel Page 1 Example of

941 views • 34 slides
Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice:

634 views • 36 slides
23-04-18 Advanced Network Security 3. Agreement and consensus I: concepts and protocols for

23-04-18 Advanced Network Security 3. Agreement and consensus I: concepts and protocols for

23-04-18 Advanced Network Security 3. Agreement and consensus I: concepts and protocols for crash failures Jaap-Henk Hoepman Digital Security (DS) Radboud University Nijmegen, the Netherlands @xotoxot // * jhh@cs.ru.nl // 8 www.cs.ru.nl/~jhh

115 views • 8 slides
Course Introduction Professor Patrick McDaniel CSE545 - Advanced Network Security Spring 2011

Course Introduction Professor Patrick McDaniel CSE545 - Advanced Network Security Spring 2011

Course Introduction Professor Patrick McDaniel CSE545 - Advanced Network Security Spring 2011 CSE545 - Advanced Network Security - Professor McDaniel Page 1 Network Security No really good definition, so we will accept the following for

419 views • 20 slides
Advanced Systems Security: Introduction to OS Security Trent Jaeger Systems and Internet

Advanced Systems Security: Introduction to OS Security Trent Jaeger Systems and Internet

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security: Introduction to OS Security Trent

770 views • 28 slides
27/04/2017 Advanced Network Security 6. Self-stabilisation Jaap-Henk Hoepman Digital Security

27/04/2017 Advanced Network Security 6. Self-stabilisation Jaap-Henk Hoepman Digital Security

27/04/2017 Advanced Network Security 6. Self-stabilisation Jaap-Henk Hoepman Digital Security (DS) Radboud University Nijmegen, the Netherlands @xotoxot // * jhh@cs.ru.nl // 8 www.cs.ru.nl/~jhh Self-stabilisation: a different failure model n

754 views • 4 slides
Economics of network security Joeri de Ruiter Outline What economic (dis)incentves are at

Economics of network security Joeri de Ruiter Outline What economic (dis)incentves are at

Advanced Network Security Economics of network security Joeri de Ruiter Outline What economic (dis)incentves are at play in network security? Motiwatnnh exbaplesh Econoic principlesh for econoicsh of shecurity

610 views • 31 slides
Routing Security Security Solutions CSE598K/CSE545 - Advanced Network Security Prof. McDaniel -

Routing Security Security Solutions CSE598K/CSE545 - Advanced Network Security Prof. McDaniel -

312 views • 16 slides
Advanced Systems Security: Security-Enhanced Linux Trent Jaeger Systems and Internet

Advanced Systems Security: Security-Enhanced Linux Trent Jaeger Systems and Internet

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security: Security-Enhanced Linux Trent

474 views • 26 slides
Advanced Systems Security: Linux Security Modules Trent Jaeger Systems and Internet

Advanced Systems Security: Linux Security Modules Trent Jaeger Systems and Internet

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security: Linux Security Modules Trent

872 views • 30 slides
Advanced Systems Security: Hardware Security Trent Jaeger Systems and Internet

Advanced Systems Security: Hardware Security Trent Jaeger Systems and Internet

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security: Hardware Security Trent Jaeger

703 views • 46 slides
Advanced Systems Security: Security Kernels Trent Jaeger Systems and Internet Infrastructure

Advanced Systems Security: Security Kernels Trent Jaeger Systems and Internet Infrastructure

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security: Security Kernels Trent Jaeger

555 views • 35 slides
CSE 544 Advanced Systems Security Trent Jaeger Systems and Internet Infrastructure Security

CSE 544 Advanced Systems Security Trent Jaeger Systems and Internet Infrastructure Security

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA CSE 544 Advanced Systems Security Trent Jaeger Systems and

651 views • 28 slides
S A V A N T Security Analytics &amp; Visualisation for Advanced Network Threats Paul D. Hood

S A V A N T Security Analytics &amp; Visualisation for Advanced Network Threats Paul D. Hood

S A V A N T Security Analytics &amp; Visualisation for Advanced Network Threats Paul D. Hood &amp; Kristian Kocher OxCERT OxCERT Paul D. Hood Security Operations Lead Kristian Kocher UNIX Security Systems Administrator

1.17k views • 58 slides
AMIA Hill Day Dr. Margo Edmunds, PPC Chair Dr. Ross D. Martin, VP, Policy &amp; Development

AMIA Hill Day Dr. Margo Edmunds, PPC Chair Dr. Ross D. Martin, VP, Policy &amp; Development

AMIA Hill Day Dr. Margo Edmunds, PPC Chair Dr. Ross D. Martin, VP, Policy &amp; Development September 4, 2014 www.amia.org 2014 Hill Day Schedule 8:15 a.m. Arrive Capitol Visitor Center Security Entrance 8:30 a.m. Registration and

434 views • 21 slides
Learning to Use RIMS II Multipliers The RIMS II Data and System of Analysis Dave Swenson 1

Learning to Use RIMS II Multipliers The RIMS II Data and System of Analysis Dave Swenson 1

10/3/2017 Learning to Use RIMS II Multipliers The RIMS II Data and System of Analysis Dave Swenson 1 RIMS II Regional Impact Modeling System This has been developed as a forafee data service by the U.S. Bureau of Economic

218 views • 21 slides
IT452 Advanced Web and Internet Systems Set 11: Mashups (emphasis on Google tools) Examples

IT452 Advanced Web and Internet Systems Set 11: Mashups (emphasis on Google tools) Examples

IT452 Advanced Web and Internet Systems Set 11: Mashups (emphasis on Google tools) Examples www.trulia.com www.housingmaps.com www.vizband.co.uk Student examples For more info: Maps : h

201 views • 9 slides
Non-interrogative wh-constructions in Chuj Hadas Kotek Michael Yoshitaka Erlewine McGill

Non-interrogative wh-constructions in Chuj Hadas Kotek Michael Yoshitaka Erlewine McGill

Non-interrogative wh-constructions in Chuj Hadas Kotek Michael Yoshitaka Erlewine McGill University National University of Singapore hadas.kotek@mcgill.ca mitcho@nus.edu.sg WSCLA 21, Universit du Qubec Montral April 2016 The

711 views • 47 slides
Fun IP Prof. Roger Ford April 13, 2016 Trademarks: Introduction; Device marks and

Fun IP Prof. Roger Ford April 13, 2016 Trademarks: Introduction; Device marks and

Fun IP Prof. Roger Ford April 13, 2016 Trademarks: Introduction; Device marks and trade dress

314 views • 9 slides
Natural Language Processing: How do humans process language? Philipp Gabler

Natural Language Processing: How do humans process language? Philipp Gabler

Natural Language Processing: How do humans process language? SCIENCE PASSION TECHNOLOGY Natural Language Processing: How do humans process language? Philipp Gabler &lt;pgabler@student.tugraz.at&gt; 2020-05-07 Philipp Gabler

651 views • 38 slides
EXPLAINABILITY FIRST! COUSTEAUING THE DEPTHS OF NEURAL NETWORKS ES4CPS@Dagstuhl Jan 7, 2019

EXPLAINABILITY FIRST! COUSTEAUING THE DEPTHS OF NEURAL NETWORKS ES4CPS@Dagstuhl Jan 7, 2019

EXPLAINABILITY FIRST! COUSTEAUING THE DEPTHS OF NEURAL NETWORKS ES4CPS@Dagstuhl Jan 7, 2019 @mrksbrg mrksbrg.com Research Institutes of Sweden Markus Borg RISE Research Institutes of Sweden AB - Safety first ! Nope

1k views • 21 slides
T RACEABLE A LGORITHMS Prasun Dewan Department of Computer Science University of North Carolina

T RACEABLE A LGORITHMS Prasun Dewan Department of Computer Science University of North Carolina

T RACEABLE A LGORITHMS Prasun Dewan Department of Computer Science University of North Carolina at Chapel Hill dewan@cs.unc.edu Code available at: https://github.com/pdewan/ColabTeaching P RE -R EQUISITES Model-Interactor Separation 2 A

1.03k views • 70 slides

More recommend