From Byzantine-Tolerant to Intrusion-Safe Services Christian - - PowerPoint PPT Presentation

from byzantine tolerant to intrusion safe services
SMART_READER_LITE
LIVE PREVIEW

From Byzantine-Tolerant to Intrusion-Safe Services Christian - - PowerPoint PPT Presentation

Dec 14, 2023 187 likes •390 views

From Byzantine-Tolerant to Intrusion-Safe Services Christian Cachin IBM Zurich Research Laboratory & LPD, EPFL With Idit Keidar and Alexander Shraer 22 September 2009 Overview BFT services Are f < n/3 faults realistic?

slide-1
SLIDE 1

From Byzantine-Tolerant to Intrusion-Safe Services

With Idit Keidar and Alexander Shraer

22 September 2009

IBM Zurich Research Laboratory & LPD, EPFL

Christian Cachin

slide-2
SLIDE 2

Overview

  • BFT services

– Are f < n/3 faults realistic?

  • Intrusion-tolerant services

– Provide graceful degradation

  • Strong guarantee for f < n/3
  • Weak guarantee for n/3 ≤ f ≤ n
slide-3
SLIDE 3

...

Byzantine Fault Tolerance

  • n servers S1 ... Sn
  • f < n/3 server faults
  • Replicated state
  • Atomic broadcast
  • Service tolerates f

faulty servers

S1 S2 Si Sn

...

slide-4
SLIDE 4

An appropriate deployment?

slide-5
SLIDE 5

Independence

"Many academics will confess to have made the assumption that failures of components are not correlated. This absolutely unrealistic assumption will come back to haunt you in real life (...)." Werner Vogels, CTO Amazon.com, "Life is not a State-Machine", 2006.

slide-6
SLIDE 6

A better deployment

slide-7
SLIDE 7

Independence against attacks

  • Randomize the address space
  • Use multiple administrators & trust domains
  • Distribute geographically
  • Run different operating systems
  • Vary physical machines
  • Refresh state periodically
slide-8
SLIDE 8

Generalized adversaries

  • Design protocols for non-threshold adversaries

(with linear secret sharing) [C01]

  • Ex. n=16 servers, vary by location and by OS

– Tolerates corruption of one location and one OS Linux Sola- ris IBM AIX MS Win Paris Linux Sola- ris IBM AIX MS Win Zurich Linux Sola- ris IBM AIX MS Win Madrid Linux Sola- ris IBM AIX MS Win London

Tolerates up to 7 faults (instead of only 5 = f < n/3)

slide-9
SLIDE 9

Beyond n/3 faulty replicas?

  • Asynchronous Byz. consensus: f < n/3 faults
  • If assumption violated, then state-of-the-art

BFT systems guarantee no consistency!

  • Truly dependable systems offer

graceful degradation to weaker notions.

slide-10
SLIDE 10

Intrusion-safe services

  • System with n replicas

– BFT replication – Untrusted service emulation (no client-client comm.) – Fail-aware untrusted service (with client interaction)

Application Fail-awareness Untrusted service protocol BFT replication Any service Eventual consistency Weak fork-linearizability Linearizability if f < n/3

slide-11
SLIDE 11

Benefits of intrusion-safety (1)

Consistency (lin=linearizability, wfl=weak fork-lin.) Liveness (y=yes, n=no) Untrusted service

f n/3 2n/3 n

lin y n wfl Fail-aware service BFT

f n/3 2n/3 n

lin y n

slide-12
SLIDE 12

Benefits of intrusion-safety (2)

Consistency (lin=linearizability, f*=fork* linearizability, wfl=weak fork-lin.) Liveness (y=yes, n=no) BFT2F [LM07]

f n/3 2n/3 n

lin y f* n Untrusted service

f n/3 2n/3 n

lin y n wfl Fail-aware service

slide-13
SLIDE 13

Model of untrusted service

Client Client Client

  • Clients: C1 ... Cm

– Correct, but may crash – Invoke operations on

server

– Talk to each other

  • ccasionally

– Small trusted memory

  • Server S

– Normally correct – Sometimes faulty

(untrusted, Byzantine)

slide-14
SLIDE 14

Using an [untrusted] service

  • Clients interact with service through opera-

tions (request/reply)

  • Clients may sign with digital signatures

→ Server cannot forge values → But answer with outdated value ("replay attack") → But send different values to different clients

  • First addressed by SUNDR storage system

[MS02, LKMS04]

slide-15
SLIDE 15
  • Ex. storage service

C1 C3 C1 C1 C2 C3

write(1,x) write(1,u) read(1) → u write(2,v) read(1) → x write(2,w) read(2) → v write(1,t)

slide-16
SLIDE 16

[Weak] Fork-linearizability

  • Fork-linearizability restricts an untrusted server

and guarantees "forking" linearizable client views

  • Protocols to impose fork-linearizability

– Untrusted storage [MS02] – Efficient untrusted storage [CSS07]

  • Fork-linearizability contradicts wait-free client
  • perations [CSS07]

→ Notion of weak fork-linearizability (w.f.l.) [CKS09] → W.f.l. untrusted storage protocol [CKS09] → W.f.l. untrusted service [unpublished]

slide-17
SLIDE 17

Fork-linearizability

w(1,x) w(2,v) w(1,u) r(1) x → w(2,w) r(2) v → r(1) u → w(1,t)

C1 C1 C2 C3

write(1,x) write(1,u) read(1) → u write(2,v) read(1) → x write(2,w) read(2) → v write(1,t)

View of C1 View of C3 View of C2

slide-18
SLIDE 18

Conclusion

  • Diversity is important for BFT
  • Beyond BFT, we need graceful degradation

– BFT2F for f < 2n/3 – Novel modular intrusion-safe service protocol

achieves for f ≤ n

slide-19
SLIDE 19

References

  • C. Cachin, a. shelat, A. Shraer. Efficient fork-linearizable

access to untrusted shared memory. PODC 2007.

  • C. Cachin, M. Geisler. Integrity Protection for Revision
  • Control. ACNS 2009.
  • C. Cachin, I. Keidar, A. Shraer. Fail-aware untrusted storage.

DSN 2009.

  • C. Cachin, I. Keidar, A. Shraer. Fork sequential consistency

is blocking. Information Processing Letters, vol. 109, 2009.

  • C. Cachin, I. Keidar, A. Shraer. Fail-aware untrusted
  • services. In progress.