Fireflies: Scalable Intrusion-Tolerant Overlay Networking

Fireflies: Scalable Intrusion-Tolerant Overlay Networking Robbert van Renesse and Maya Haridasan, Cornell University Håvard Johansen, Tromsø University, Norway André Allevana, University of Waterloo, Canada

Internet Overlay Networks gaining in popularity Important additional functionality without changing Internet: • Multicast Routing • Resilient Routing • Content-based Routing DHTs often used, but: • Fragile, insecure routes • Nodes easily “eclipsed” •  No good for secure applications

Fireflies Structure Accuse and rebut Deliver within  4 protocol components Each member monitors its 2t + 1 successors Membership Gossip 2t + 1 virtual rings: Pinging Set Reconciliation Monitor & Suspect Exchange diffs EACH COMPONENT IS PROBABILISTIC t chosen such that each member has no more than t byzantine predecessors with high probability

Partial view gossip with connections PlanetLab Experiment #members accusation rate (accs/sec) Erdös & Rényi: if probability of link is high enough, graph will be connected with high probability Chung & Lu: such a graph will have logarithmic diameter Bandwidth (bytes/sec)

Fireflies: Scalable Intrusion-Tolerant Overlay Networking