Speculative Byzantine Fault Tolerance By Ocan Gillaux University of - - PowerPoint PPT Presentation

▶

Sep 29, 2022 25 likes •270 views

Speculative Byzantine Fault Tolerance By Ocan Gillaux University of Stavanger, MID110, April 2010 Plan Zyzzyva: Last word of dictionary Requirements & Introduction Byzantine problem Zyzzyva Protocol Evaluation

SLIDE 1

Speculative Byzantine Fault Tolerance

By Océan Gillaux University of Stavanger, MID110, April 2010

SLIDE 2

Plan

 Zyzzyva: Last word of dictionary  Requirements & Introduction  Byzantine problem  Zyzzyva Protocol  Evaluation  Conclusion

SLIDE 3

Requirements

 Fault Tolerance ?

 Servers Problems:

○ Hardware ○ Software ○ Hacking

 Access 24/7

 Application see centralized services

SLIDE 4

Solution

Client Server Request Reply Request Replies Zyzzyva  Add Servers

 Problem reliability: Byzantine General’s

problem

SLIDE 5

Byzantine General's problem

 Captain 2 is a liar  Minimum 2m+1 loyal for 1 liar

General Captain 2 Captain 1

SLIDE 6

Security

 We admit that adversary cannot break

cryptographic techniques

 Zyzzyva uses the concept of

private/public key

SLIDE 7

Introduction: Byzantine Fault Tolerance

Client

Primary Replica Replica Replica Request Reply Agreement Execution

SLIDE 8

Introduction: Byzantine Fault Tolerance

 Long phase of agreement  Cost important  Many messages

SLIDE 9

Introduction: Zyzzyva

Client Primary Replica Replica Replica Request Reply Speculative execution

SLIDE 10

Introduction: Zyzzyva

 Replica make speculation to send the

response:

 It is faster

 The client verifies if the reply is stable

SLIDE 11

Zyzzyva Protocol

 3 sub-protocols

 Agreement protocol  View-change protocol  Checkpoint protocol

SLIDE 12

Agreement Protocol

 How the client check stable reply?

 History included in the message  Matching responses

SLIDE 13

Execution with 3f+1

Client Primary Replica Replica Replica Request: RC

R1k=R2k= ? H1k=H2k=?

Speculative execution <Rc,k>

Replies: <R1k, H1k> … <R4k, H4k>

SLIDE 14

One faulty: 2f+1 replies

Client Primary Replica Replica Replica Request: Rc 2f+1 Speculative execution <Rc,k> <R1k, H1k>… Commit C:<H1k,..,H3k> 2f+1 Done

SLIDE 15

Less 2f+1 responses

Client Primary Replica Replica Replica Request: Rc <2f+1 Speculative execution <Rc,k> <R1k, H1k>… Rc

SLIDE 16

Checkpoint Protocol

 History is important

 Manage the history  Replica maintains only 1 checkpoint  Only last information could be necessary

SLIDE 17

View Change

 Election new Primary AND guarantees

the history

 Concept “I hate the primary”

 Replica can make a mutiny  View-change message

SLIDE 18

Client

 Important Roles in Zyzzyva

 Can a faulty client block zyzzyva?

○ Not commit message ○ Only affect own process

 Can a faulty client compromised zyzzyva?

○ Commit bad history ○ Security encryption

SLIDE 19

Optimization

 Replacing signatures with MACs  Separating agreement from execution  Request Batching  Zyzzyva5

SLIDE 20

Zyzzyva5: 5f+1

Client Primary Replica Request: Rc 4f+1 Speculative execution <Rc,k> Donne <R1k, H1k>… Replica Replica Replica Replica

SLIDE 21

Evaluation

SLIDE 22

Evaluation

SLIDE 23

Conclusion

 In exploiting speculation, Zyzzyva has a

good performance over existing BFT

services. Zyzzyva approaches the

theoretical lower bounds for any BFT.

SLIDE 24

Speculative Byzantine Fault Tolerance

Plan

 Zyzzyva: Last word of dictionary  Requirements & Introduction  Byzantine problem  Zyzzyva Protocol  Evaluation  Conclusion

Requirements

 Fault Tolerance ?

 Servers Problems:

 Access 24/7

 Application see centralized services

Solution

Client Server Request Reply Request Replies Zyzzyva  Add Servers

problem

Byzantine General's problem

 Captain 2 is a liar  Minimum 2m+1 loyal for 1 liar

Security

 We admit that adversary cannot break

cryptographic techniques

 Zyzzyva uses the concept of

private/public key

Introduction: Byzantine Fault Tolerance

Client

Introduction: Byzantine Fault Tolerance

 Long phase of agreement  Cost important  Many messages

Introduction: Zyzzyva

Introduction: Zyzzyva

 Replica make speculation to send the

response:

 It is faster

 The client verifies if the reply is stable

Zyzzyva Protocol

 3 sub-protocols

 Agreement protocol  View-change protocol  Checkpoint protocol

Agreement Protocol

 How the client check stable reply?

 History included in the message  Matching responses

Execution with 3f+1

R1k=R2k= ? H1k=H2k=?

Replies: <R1k, H1k> … <R4k, H4k>

One faulty: 2f+1 replies

Less 2f+1 responses

Checkpoint Protocol

 History is important

 Manage the history  Replica maintains only 1 checkpoint  Only last information could be necessary

View Change

 Election new Primary AND guarantees

the history

 Concept “I hate the primary”

 Replica can make a mutiny  View-change message

Client

 Important Roles in Zyzzyva

 Can a faulty client block zyzzyva?

 Can a faulty client compromised zyzzyva?

Optimization

 Replacing signatures with MACs  Separating agreement from execution  Request Batching  Zyzzyva5

Zyzzyva5: 5f+1

Evaluation

Evaluation

Conclusion

 In exploiting speculation, Zyzzyva has a

good performance over existing BFT

theoretical lower bounds for any BFT.

Thank you Questions ?