Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
C
cmsc818fall2023projects
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Requirements
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Locked files
Build
Pipelines
Jobs
Pipeline schedules
Test cases
Artifacts
Deploy
Releases
Package Registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Service Desk
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Code review analytics
Issue analytics
Insights
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Peter Keleher
cmsc818fall2023projects
Commits
2312a96b
Commit
2312a96b
authored
1 year ago
by
Peter J. Keleher
Browse files
Options
Downloads
Patches
Plain Diff
auto
parent
eccf51c0
No related branches found
Branches containing commit
No related tags found
No related merge requests found
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
notes/pbft.md
+9
-126
9 additions, 126 deletions
notes/pbft.md
with
9 additions
and
126 deletions
notes/pbft.md
+
9
−
126
View file @
2312a96b
# Byzantine Consensus, and PBFT
## Simple example: Two Generals
-
one is a decider:
-
both need to attack same time
-
need to agree on:
-
time: (easy: msg and an ack)
-
agreement to attack (hard)
<p>
<p>
<p>
<p>
**Example:**
A sends to B "attack at 10".
But did B get it? Can't go unless sure.
B sends an ack,
but did A get the ack?
<p>
<p>
<p>
<p>
### Impossibility
Look at sequence of msg-ack-ack......
Assume there is some subset of i msgs that constitutes a proof, and
that both would attack.
However, what if the last msg not delivered?
-
receiver presumably would not attack
-
sender, though, sees same msgs as the i-sequence, and so attacks....
<p>
<p>
<p>
<p>
### Fix?
-
A sends a whole bunch, assume one gets through
-
A and B send and ack a while
However,
*
provable agreement between even two parties in asynchronous
environment not possible
*
.
<p>
<p>
<p>
<p>
## Two Lieutenants Problem
*Safety*
:
-
all loyal lieutenants make same decision
-
all loyal lieutenants follow loyal general
<p>
<p>
<p>
<p>
<p>
Clearly impossible for both lieutenants to always make same decision, as neither knows if the fault
lies with the general or the other lieutenant.
**
Therefore, no solution when
*n = 3f*
.
**
<p>
<p>
<p>
<p>
<p>
Each lieutenant decides based on majority of input, done!
**
So
*3f+1*
works, at least in the case of
*f=1*
.
**
<p>
<p>
<p>
<p>
<p>
Byzantine faults means byzantine protocols.
*3f+1*
nodes needed to tolerate
*f*
faults.
-
(Above) showed impossibility of
*3*
nodes to tolerate a single fault
-
Proof by contradiction:
-
Assume we have a protocol, "BYZ3", that works even if one third of its members are faulty.
-
Have
*3*
Byzantine generals each simulate
*m*
Albanian generals via the above protocol.
-
Since only one Byzantine general is faulty, the other
*2m*
generals are simulated correctly, so the situation is identical to
having
*2f*
non-faulty generals and
*f*
faulty generals.
-
If BYZ3 is correct, this simulation will reach the correct conclusion.
-
However, there are
**really**
only
*3*
generals, meaning we have
solved the problem for
*3*
generals with a single faulty node, which we
know to be impossible.
-
Contradiction!
## Different Problems
-
Byz generals also called
*byzantine broadcast*
.
-
sync:
*f < n-1*
-
async
*f < n/3*
-
Byz agreement: trying to decide the truth by quorum consensus ("sky is blue" vs "sky is red")
-
sync:
*f < n/2*
-
async
*f < n/3*
## Castro's proof of *3n + 1* for Byz Agreement
-
must be possible to make progress w/ only
*n - f*
replicas (because
*f*
might be faulty and choose not to respond)
-
however, the
*f*
not responding might be correct but slow (asynchrony), so there might be
*f*
bad responses out of the
*n - f*
-
implies
*(n - f - f) > f*
, or
*n >= 3f + 1*
# Practical Byzantine Fault Tolerence (Castro and Liskov)
## Assumptions
-
operations are deterministic
-
replicas start in the same state
Means that
correct replicas will return identical results.
-
i.e.,
correct replicas will return identical results.
## Differences from fail-stop consensus
-
3
*f*
+1 replicas instead of 2
*f*
+1
-
3
*f*
+1 replicas instead of 2
*f*
+1 (non-byzantine consensus):
-
must be possible to make progress w/ only
*n - f*
replicas (because
*f*
might be faulty and choose not to respond)
-
however, the
*f*
not responding might be correct but slow (asynchrony), so there might be
*f*
bad responses out of the
*n - f*
-
implies
*(n - f - f) > f*
, or
*n >= 3f + 1*
-
3 phases instead of two
-
cryptographic signatures
...
...
@@ -169,8 +49,9 @@ Means that correct replicas will return identical results.
## Phases
-
*pre-prepare*
and
*prepare*
phases order request even if primary lying
-
replica tells all others what the primary told it
-
a replica is
*prepared*
when:
-
has received a proper pre-prepare from primary, sig, current view
-
has received a proper pre-prepare from primary, sig
nature
, current
*
view
*
-
2
*f*
"prepares" from other replicas that match it
-
Such a replica then:
-
multicasts "commit" to other replicas
...
...
@@ -195,3 +76,5 @@ Means that correct replicas will return identical results.
-
rep
*r*
signs by encrypting msg digest w/ each other rep
-
vector of such sigs is the
**authenticator**
## Questions
-
how else can we do byzantine fault tolerance?
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
