making byzantine fault tolerant systems tolerate
play

Making Byzantine Fault Tolerant Systems Tolerate Byzantine - PowerPoint PPT Presentation

Jan 27, 2024 •15 likes •655 views

Making Byzantine Fault Tolerant Systems Tolerate Byzantine Failures Allen Clement, Mirco Marchetti, Edmund Wong Lorenzo Alvisi, Mike Dahlin BFT Systems PBFT [OSDI 98] Attested Append Only Memory [SOSP 07] HQ [OSDI 06] Beyond 1/3 Faulty in

  1. Making Byzantine Fault Tolerant Systems Tolerate Byzantine Failures Allen Clement, Mirco Marchetti, Edmund Wong Lorenzo Alvisi, Mike Dahlin

  2. BFT Systems PBFT [OSDI 98] Attested Append Only Memory [SOSP 07] HQ [OSDI 06] Beyond 1/3 Faulty in BFT [SOSP 07] Zyzzyva [SOSP 07] BASE [OSDI 02] HT BFT [DSN 04] SafeStore [USENIX 07] QU [SOSP 05] Separating Agreement from BFT Under Attack [NSDI 08] Execution [SOSP 03] Commit Barrier Scheduling SUNDR [OSDI 04] [SOSP 07] ... Low Overhead BFT [SOSP 07]

  3. System Throughput Best Faulty Client Faulty Faulty Case Client Flood Primary Replica PBFT 62k 0 crash 1K 250 Q/U 24k 0 crash NA 19k HQ 15k NA 4.5k NA crash Zyzzyva 65k 0 crash crash 0 ops/sec

  4. System Throughput Best Faulty Client Faulty Faulty Case Client Flood Primary Replica PBFT 62k 0 crash 1K 250 Q/U 24k 0 crash NA 19k HQ 15k NA 4.5k NA crash Zyzzyva 65k 0 crash crash 0 ops/sec

  5. System Throughput Best Faulty Client Faulty Faulty Case Client Flood Primary Replica PBFT 62k 0 crash 1K 250 Q/U 24k 0 crash NA 19k HQ 15k NA 4.5k NA crash Zyzzyva 65k 0 crash crash 0 Aardvark 39k 39k 7 .8k 37k 11k ops/sec

  6. Outline Robust BFT: The case for a new goal Aardvark: Designing for RBFT Evaluation: RBFT in action

  7. Paved with good intentions No BFT protocol should rely on synchrony for safety FLP: No consensus protocol can be both safe and live in an asynchronous system! All one can guarantee is eventual progress “Handle normal and worst case separately as a rule, because the requirements for the two are quite different: the normal case must be fast; the worst case must make some progress” -- Butler Lampson, “Hints for Computer System Design”

  8. Recasting the problem Maximize performance when the network is synchronous all clients and servers behave correctly While remaining safe if at most servers fails f eventually live

  9. Recasting the problem Misguided Dangerous Futile

  10. Recasting the problem Misguided it encourages systems that fail to deliver BFT Dangerous Futile

  11. Recasting the problem Misguided it encourages systems that fail to deliver BFT Dangerous it encourages fragile optimizations Futile

  12. Recasting the problem Misguided it encourages systems that fail to deliver BFT Dangerous it encourages fragile optimizations Futile it yields diminishing return on common case

  13. A New Goal Asynchronous Synchronous Failures No Failures No Failures

  14. A New Goal Asynchronous Synchronous Synchronous ? Failures Failures No Failures No Failures

  15. A New Goal Asynchronous Synchronous Failures Failures No Failures

  16. Robust BFT Maximize performance when the network is synchronous at most servers fail f While remaining safe if at most servers fail f eventually live

  17. Outline Robust BFT: The case for a new goal Aardvark: Designing for RBFT Evaluation: RBFT in action

  18. Protocol Structure Step 1 Step 2 Step 3 “Good” messages Computation steps “Bad” messages

  19. Fragile Optimizations

  20. Revisiting conventional wisdom Signatures are expensive - use MACs View changes are to be avoided � Hardware multicast is a boon

  21. Revisiting conventional wisdom Signatures are expensive - use MACs Faulty clients can use MACs to generate ambiguity Aardvark requires clients to sign requests View changes are to be avoided Hardware multicast is a boon

  22. Revisiting conventional wisdom Signatures are expensive - use MACs Faulty clients can use MACs to generate ambiguity Aardvark requires clients to sign requests View changes are to be avoided Aardvark uses regular view changes to maintain high throughput despite faulty primaries Hardware multicast is a boon

  23. Revisiting conventional wisdom Signatures are expensive - use MACs Faulty clients can use MACs to generate ambiguity Aardvark requires clients to sign requests View changes are to be avoided Aardvark uses regular view changes to maintain high throughput despite faulty primaries Hardware multicast is a boon Aardvark uses separate work queues for clients and individual replicas

  24. Big MAC Attack c

  25. Big MAC Attack c

  26. Big MAC Attack c

  27. Big MAC Attack c c c

  28. Big MAC Attack c c c

  29. Big MAC Attack

  30. Big MAC Attack c

  31. Big MAC Attack c

  32. Big MAC Attack c

  33. Big MAC Attack c c c

  34. Big MAC Attack c c c

  35. Big MAC Attack c c c c c c c c c c Faulty Client Faulty Primary

  36. Hybrid MAC/Signatures [ ] c

  37. Hybrid MAC/Signatures [ ] c request submission

  38. Hybrid MAC/Signatures The MAC is good. How is the signature? [ ] c request submission

  39. Hybrid MAC/Signatures c request submission

  40. Hybrid MAC/Signatures Signature is good too! c request submission

  41. Hybrid MAC/Signatures c request submission

  42. Hybrid MAC/Signatures c c c request primary submission orders request

  43. Hybrid MAC/Signatures c c c request primary submission orders request

  44. Hybrid MAC/Signatures c c c request primary submission orders request

  45. Signed Request Filtering Client Verify Verify Blacklist Blacklisted? MAC Signature Client Process Request

  46. Big MAC Attack PBFT request primary replicas agree on replicas respond submission orders the next request to the client request

  47. Big MAC Attack Zyzzyva execute the request request primary primary replicas agree on replicas respond submission orders orders the next request to the client request request

  48. Big MAC Attack Q/U execute the request “primary” orders request replicas agree on request replicas respond the next request submission to the client view change

  49. Big MAC Attack HQ execute the request request view replicas respond “primary” orders request submission change to the client replicas agree on the next request

  50. Slow Primary

  51. Slow Primary

  52. Slow Primary

  53. Adaptive View Changes Throughput Time Observed Throughput Required Throughput

  54. Adaptive View Changes Throughput Time Observed Throughput Required Throughput

  55. Adaptive View Changes Throughput Time Observed Throughput Required Throughput

  56. Adaptive View Changes Throughput Time Observed Throughput Required Throughput

  57. Implementation details Sign client requests Adaptive view change Separate network channels Fair scheduling clients -v- replicas replicas -v- replicas Exploit multicore architectures

  58. Outline Robust BFT: The case for a new goal Aardvark: Designing for RBFT Evaluation: RBFT can work

  59. Throughput -v- Latency 7 6 5 Latency (ms) 4 HQ Q/U Aardvark 3 PBFT Zyzzyva 2 1 0 0 10 20 30 40 50 60 70 80 Throughput (Kops/sec)

  60. Aardvark, Incrementally Adaptive MAC Client Sign Client View Request Request Change 62k 30k - PBFT 58k 39k 39k Aardvark

  61. Performance with failures Byzantine failures are arbitrary Good faith effort

  62. Big MAC Attack Faulty Peak Client 62k 0 PBFT 24k 0 Q/U 7 .6k - HQ 65k 0 Zyzzyva 39k 39k Aardvark

  63. Slow Primary 1ms 10ms 100ms Peak delay delay delay PBFT 62k 5k 5k 1k Zyzzyva 65k 28k 5k crash Aardvark 39k 38k 37k 38k

  64. Summary RBFT: a new goal for BFT systems Aardvark: rejecting conventional wisdom Evaluation: it works!

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults Dian Yu 1/16 Comparison with

Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults Dian Yu 1/16 Comparison with

Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults Dian Yu 1/16 Comparison with PBFT (Traditional BFT protocols) Similarities: Build practical Byzantine fault tolerance systems Protocol: Clients Primary Replicas

493 views • 18 slides
Distributed Systems Making Byzantine Fault-Tolerant Systems Tolerate Byzantine Faults Hubert

Distributed Systems Making Byzantine Fault-Tolerant Systems Tolerate Byzantine Faults Hubert

Distributed Systems Making Byzantine Fault-Tolerant Systems Tolerate Byzantine Faults Hubert Jaworski Byzantine system Copies of critical components Concurent replicas Response agreement Omission failure proof Robustness

660 views • 20 slides
Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults Xiaotian Zou, Lei Chu Outline

Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults Xiaotian Zou, Lei Chu Outline

Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults Xiaotian Zou, Lei Chu Outline - Introduction - System Model - Problem Recasting - Basic Structure - Protocol description - Analysis - Evaluation Introduction 1

715 views • 43 slides
BFTCBFTP: BYZANTINE-FAULT -TOLERANT CONSTRUCTION OF BFT PROTOCOLS EDWARD TREMEL SIGSEGV 2019

BFTCBFTP: BYZANTINE-FAULT -TOLERANT CONSTRUCTION OF BFT PROTOCOLS EDWARD TREMEL SIGSEGV 2019

BFTCBFTP: BYZANTINE-FAULT -TOLERANT CONSTRUCTION OF BFT PROTOCOLS EDWARD TREMEL SIGSEGV 2019 BYZANTINE FAULT TOLERANCE Long-standing problem in systems Byzantine (adj): excessively complicated, and typically involving a great deal of

685 views • 19 slides
Increasing Performance in Byzantine Fault-Tolerant Systems with On-Demand Replica Consistency

Increasing Performance in Byzantine Fault-Tolerant Systems with On-Demand Replica Consistency

Increasing Performance in Byzantine Fault-Tolerant Systems with On-Demand Replica Consistency Tobias Distler and R udiger Kapitza System Software Group Friedrich-Alexander University Erlangen-Nuremberg EuroSys April 11, 2011 supported by

620 views • 43 slides
Byzantine Fault Tolerant Systems Stefan Heinz Advanced Topics in Distributed Computing Ph. D.

Byzantine Fault Tolerant Systems Stefan Heinz Advanced Topics in Distributed Computing Ph. D.

Byzantine Fault Tolerant Systems Stefan Heinz Advanced Topics in Distributed Computing Ph. D. Petr Kuznetsov WS 07/08 Stefan Heinz, WS 07/08 Farsite Federated, Available and Reliable Storage for an Incompletely Trusted Environment Adya et

710 views • 57 slides
Low-Latency Network-Scalable Byzantine Fault-Tolerant Replication 12th EuroSys Doctoral Workshop

Low-Latency Network-Scalable Byzantine Fault-Tolerant Replication 12th EuroSys Doctoral Workshop

Low-Latency Network-Scalable Byzantine Fault-Tolerant Replication 12th EuroSys Doctoral Workshop (EuroDW 2018) Ines Messadi, TU Braunschweig, Germany, 2018-04-23 New PhD student (Second month) in the distributed systems group Research area:

831 views • 13 slides
Performance of UDP-based Byzantine Fault Tolerant Consensus Final talk for the Bachelors

Performance of UDP-based Byzantine Fault Tolerant Consensus Final talk for the Bachelors

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Performance of UDP-based Byzantine Fault Tolerant Consensus Final talk for the Bachelors Thesis by Lucas Mair advised by Richard von Seck,

523 views • 36 slides
Generating a Family of Byzantine- Fault-Tolerant Protocol Implementations Using a Meta- Model

Generating a Family of Byzantine- Fault-Tolerant Protocol Implementations Using a Meta- Model

Generating a Family of Byzantine- Fault-Tolerant Protocol Implementations Using a Meta- Model Architecture Graham Kirby, Alan Dearle & Stuart Norcross School of Computer Science, University of St Andrews A Finite State Machine WADS 2007

599 views • 20 slides
Adaptive Fault Tolerant Systems: Adaptive Fault Tolerant Systems: Reflective Design and

Adaptive Fault Tolerant Systems: Adaptive Fault Tolerant Systems: Reflective Design and

1 Adaptive Fault Tolerant Systems: Adaptive Fault Tolerant Systems: Reflective Design and Validation Reflective Design and Validation Marc-Olivier Killijian Dependable Computing and Fault Tolerance Research Group Toulouse - France 2

865 views • 50 slides
MochiDB: A Byzantine Fault Tolerant Datastore Tigran Tsaturyan Saravanan Dhakshinamurthy 1. BFT

MochiDB: A Byzantine Fault Tolerant Datastore Tigran Tsaturyan Saravanan Dhakshinamurthy 1. BFT

MochiDB: A Byzantine Fault Tolerant Datastore Tigran Tsaturyan Saravanan Dhakshinamurthy 1. BFT KeyValue datastore (read(k), write(k,v), delete(k)) 2. Consistent 3. Supports transactions Description 4. In-built sharding 5. Optimized for

336 views • 12 slides
Fault-tolerant techniques Fault-tolerant techniques What causes component faults? What are the

Fault-tolerant techniques Fault-tolerant techniques What causes component faults? What are the

EDA421/DIT171 - Parallel and Distributed Real-Time Systems, Chalmers/GU, 2011/2012 Lecture #14 Updated May 2, 2012 Fault-tolerant techniques Fault-tolerant techniques What causes component faults? What are the effects if the

374 views • 9 slides
Federated Byzantine Quorum Systems lvaro Garca-Prez and Alexey Gotsman IMDEA Software

Federated Byzantine Quorum Systems lvaro Garca-Prez and Alexey Gotsman IMDEA Software

Federated Byzantine Quorum Systems lvaro Garca-Prez and Alexey Gotsman IMDEA Software Institute Blockchains Append-only, distributed ledger. Uses a Byzantine fault-tolerant (BFT) consensus algorithm to ensure that distributed nodes

1.12k views • 84 slides
4/22/2009 Designing highly available systems Incorporate elements of fault-tolerant design

4/22/2009 Designing highly available systems Incorporate elements of fault-tolerant design

4/22/2009 Designing highly available systems Incorporate elements of fault-tolerant design Replication, TMR Distributed Systems Fully fault tolerant system will offer non-stop availability Clusters You cant achieve this! Problem:

458 views • 11 slides
Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault

Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault

Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault tolerant programming are: Fault Detection - Knowing that a fault exists Fault Recovery - having atomic instructions that can be rolled back in

361 views • 18 slides
Distributed Systems 5. Fault Tolerant Systems Fault-Tolerance - 1 Lszl Bszrmnyi

Distributed Systems 5. Fault Tolerant Systems Fault-Tolerance - 1 Lszl Bszrmnyi

Distributed Systems 5. Fault Tolerant Systems Fault-Tolerance - 1 Lszl Bszrmnyi Distributed Systems Fault tolerance A system or a component fails due to a fault Fault tolerance means that the system continues to provide its

428 views • 40 slides
Jon Weissman Administrivia Greetings Welcome to CSci 5103! me: Jon Weissman, Professor CS

Jon Weissman Administrivia Greetings Welcome to CSci 5103! me: Jon Weissman, Professor CS

CSci 5103 Operating Systems Jon Weissman Administrivia Greetings Welcome to CSci 5103! me: Jon Weissman, Professor CS office hours M 9-11am, 4-225F KH or when I am around interests: distributed and parallel systems

487 views • 34 slides
CSCI 350 Ch. 5 Synchronization Mark Redekopp Michael Shindler & Ramesh Govindan 2 RACE

CSCI 350 Ch. 5 Synchronization Mark Redekopp Michael Shindler & Ramesh Govindan 2 RACE

1 CSCI 350 Ch. 5 Synchronization Mark Redekopp Michael Shindler & Ramesh Govindan 2 RACE CONDITIONS AND ATOMIC OPERATIONS 3 Race Condition A race condition occurs when the behavior of the program depends on the interleaving of

781 views • 49 slides
Quantum Causal Structures Christian Majenz University of Copenhagen Joint work with Rafael

Quantum Causal Structures Christian Majenz University of Copenhagen Joint work with Rafael

Quantum Causal Structures Christian Majenz University of Copenhagen Joint work with Rafael Chaves and David Gross, University of Freiburg (arXiv:1407.3800) 04.12.2014 Motivation Question Question Can we rule out certain causal relationships

1.51k views • 131 slides
CS 401: Computer Algorithm I DFS / Topological Ordering Xiaorui Sun 1 BFS Application:

CS 401: Computer Algorithm I DFS / Topological Ordering Xiaorui Sun 1 BFS Application:

CS 401: Computer Algorithm I DFS / Topological Ordering Xiaorui Sun 1 BFS Application: Testing Bipartiteness Problem: Given a graph ! , is it bipartite? Many graph problems become: Easier/Tractable if the underlying graph is bipartite

913 views • 54 slides
Hierarchical Bayesian ARX models for robust inference Johan Dahlin, Fredrik Lindsten, Thomas B.

Hierarchical Bayesian ARX models for robust inference Johan Dahlin, Fredrik Lindsten, Thomas B.

Hierarchical Bayesian ARX models for robust inference Johan Dahlin, Fredrik Lindsten, Thomas B. Sch on, Adrian Wills Division of Automatic Control, Link oping University School of EECS, University of Newcastle, Australia AUTOMATIC

326 views • 17 slides
intro / what is an OS / processes and system calls 1 Changelog 14 January 2020: reorganize

intro / what is an OS / processes and system calls 1 Changelog 14 January 2020: reorganize

intro / what is an OS / processes and system calls 1 Changelog 14 January 2020: reorganize slides to move process defjnition earlier 14 January 2020: use 64 instead of 0x40 in write() fmow chart to be more consistent with code

3.13k views • 108 slides
Advanced Distributed Systems RPCs & MapReduce Wyatt Lloyd Some slides adapted from:

Advanced Distributed Systems RPCs & MapReduce Wyatt Lloyd Some slides adapted from:

Advanced Distributed Systems RPCs & MapReduce Wyatt Lloyd Some slides adapted from: Dave Andersen/Srini Seshan; Lorenzo Alisi/Mike Dahlin; Frans Kaashoek/Robert Morris/Nickolai Zeldovich; Jinyang Li;

820 views • 61 slides
Parcle Metropolis-Hasngs Johan Dahlin Department of Informaon Technology, Uppsala

Parcle Metropolis-Hasngs Johan Dahlin Department of Informaon Technology, Uppsala

work@johandahlin.com Parcle Metropolis-Hasngs Johan Dahlin Department of Informaon Technology, Uppsala University, Sweden. September 28, 2016 This is collaborave work together with Dr. Fredrik Lindsten (Uppsala University,

476 views • 35 slides

More recommend