1 / 49

The Byzantine Generals Problem

The Byzantine Generals Problem. Leslie Lamport Robert Shostak Marshall Pease. Part I - Infrastructure. Introduction – Why are we here and what do we want? Describing the Byzantine abstraction. Developing necessary conditions. Postulating the problem. Introduction (1).

kalyca
Download Presentation

The Byzantine Generals Problem

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Byzantine Generals Problem Leslie Lamport Robert Shostak Marshall Pease

  2. Part I - Infrastructure • Introduction – Why are we here and what do we want? • Describing the Byzantine abstraction. • Developing necessary conditions. • Postulating the problem.

  3. Introduction (1) • Generally speaking, a component of a system can malfunction. • Failed components may exhibit erratic behavior, including arbitrary, random or wrong output. • Failed components may provide conflicting data to other components.

  4. Introduction (2) • If a system is to be reliable, it must ensure that it can cope with failed components. • We’ll deal with the problem by means of the “Byzantine Generals” abstraction.

  5. The Abstraction (1) • Scenario: Imagine several divisions of the Byzantine army, camped outside an enemy city. • Each division is commanded by a general. • Division are separated geographically. • Generals can communicate via messengers.

  6. The Abstraction (2) • Mode of Operation: Each general: • Input: General observe the city. • Calculation: General decide either of the two options: “Attack” or “Retreat”. • Communication: General may communicate his decision to other generals. • Output: General computes locally a plan of action, according to his decision and data he received.

  7. The Abstraction – Traitors (3) • A general can be either “loyal” or “traitor”. • A traitor may do whatever he pleases, including sending conflicting messages to different generals. • Traitors can try to prevent the loyal generals from reaching an agreement.

  8. Abstraction vs. Reality • The army is the “system”. • A general is a component of the system. • A traitor is a failed component of the system.

  9. Objective • We demand these two conditions: • Condition A: All loyal generals decide upon the same plan of action. • Condition B: A small number of traitors cannot cause the loyal generals to adopt a bad plan. • Note nothing is demanded from the traitors’ behavior.

  10. Satisfying the Conditions (1) • Denote by v(i) the value communicated by the ith general. • In order to satisfy condition A (all loyal generals follow the same plan), this must hold: • Condition 1: Every loyal general must obtain the same information v(1),…,v(n). • Condition 1 implies a general cannot use v(i) sent from the ith general, as he may be a traitor.

  11. Satisfying the Conditions (2) • In order for condition B (A small number of traitors cannot cause the loyal generals to adopt a bad plan) to hold: • We must not introduce the possibility that the generals use a different value of v(i) if the ith general is loyal. • E.g., If all loyal generals sent “retreat”, loyal generals must not base their decision on “attack” values only. • We postulate: • Condition 2: If the ith general is loyal, then the value that he sends must be used by every loyal general as the value of v(i).

  12. Condition 1 Revisited • Condition 1: Every loyal general must obtain the same information v(1),…,v(n). • We rewrite condition 1 as: • For every i, whether the ith general is loyal or not: • Condition 1’: Any two loyal generals use the same value of v(i).

  13. Simplifying the Problem • Now, conditions 1’ and 2 are both conditions on the single value sent by the ith general. • Thus we restrict the consideration to the problem of how a single general sends his value to the others. • This single general becomes a commanding general, and the others become his lieutenants.

  14. Byzantine Generals Problem • A commanding general must send an order to his n-1 lieutenant generals such that: • IC1: All loyal lieutenants obey the same order. • IC2: If the commanding general is loyal, then every loyal lieutenant obeys the order he sends.

  15. Byzantine Generals Problem - Notes • IC1 and IC2 are called the interactive consistency conditions. • If the commander is loyal, IC1 follows from IC2. • If the Byzantine Generals problem is solved, the original problem is solved by having every general act as a commander, and the others as lieutenants.

  16. Part II – Impossibility Result • Degenerate case: Direct proof that there’s no solution if there are 2 loyal generals and 1 treacherous. • General case: Proof by reduction to the degenerate case: No solution unless more than 2/3 are loyal.

  17. Model • Currently we assume that the messages are “oral”. • Sender can transmit any data. • We assume (for now) a general can send a message to another general directly. That is, a message need not be relayed by any general in order to reach its destination.

  18. Degenerate Case • Assume: There are 3 generals – A commander and 2 lieutenants. • Scenario A: Assume the commander and lieutenant 1 are loyal, but lieutenant 2 is a traitor. • Commander orders both lieutenants to attack. • Lieutenant 2 lies to lieutenant 1. • IC2 -> lieutenant 1 must attack.

  19. Scenario A Commander Attack Attack Lieutenant 1 Lieutenant 2 Commander ordered “Retreat” Commander and me are loyal. I have to attack.

  20. Scenario B: Assume the commander is a traitor and both lieutenants are loyal. • Commander orders lieutenant 1 to attack, but orders lieutenant 2 to retreat. • Lieutenant 2 reports lieutenant 1 that the commander’s order is “Retreat”. • Lieutenant 1 cannot distinguish between scenarios A and B. • Thus, it must act as it acted in situation A and attack. • Therefore: Commander order lieutenant 1 to attack -> lieutenant 1 attacks.

  21. Scenario B Commander Attack Retreat Lieutenant 1 Lieutenant 2 Commander ordered “Retreat” As far as I’m concerned, I’m in scenario A. So I must attack.

  22. Symmetrically: Commander order lieutenant 2 to retreat -> lieutenant 2 retreats. • If so: In situation B, lieutenant 1 attacks and lieutenant 2 retreats, thereby violating IC1. • QED degenerate case.

  23. General Case • Assume there are m traitors. • No solution is possible if there are fewer than 3m+1 generals. • Proof by reduction: Assume, for contradiction, a solution to the general problem where there are less than 3m+1 generals. Show that the degenerate case is solvable.

  24. Albanian Generals • Assume there exists an Albanian Generals algorithm, solving the Byzantine Generals problem where n<3m+1 and number of traitors is m. • We build the Byzantine Generals algorithm for the degenerate case: • Intuition: Each Byzantine general simulate approximately 1/3 of the Albanian generals.

  25. n/3 Albanian lieutenants act like Byzantine lieutenant 1 acts. • n/3 of the Albanian lieutenants act like Byzantine lieutenant 2 acts. • n/3 -1 Albanian lieutenants and the Albanian commander acts like the Byzantine commander acts.

  26. Byzantine Commander Albanian Commander Attack Attack Attack Albanian Lieutenant 1 Attack Attack Byzantine Lieutenant 1 Byzantine Lieutenant 2 Attack Albanian Lieutenant 2 Albanian Lieutenant 4 Attack Albanian Lieutenant 3 Albanian Lieutenant 5

  27. There’s only 1 Byzantine traitor, and he’s simulating at most m Albanian generals, so there are no more than m Albanian traitors. • Therefore, conditions IC1 and IC2 hold for the Albanian generals. • IC1 -> All Albanian generals simulated by a loyal Byzantine general obey the same order. This is the order the (loyal) Byzantine general follows. • This implies IC1 holds also for the Byzantine generals.

  28. Byzantine IC2 • IC2 holds for the Albanian generals. Thus the n/3 Albanian lieutenants simulated by the loyal lieutenant follow the commander’s order (if the commander is loyal). • Therefore, IC2 also holds for the Byzantine generals. • QED

  29. Part III – Solution with Oral Messages • We first solve the problem with “oral messages”. • We make certain assumptions on the general’s message system: • A1. Every message that is sent is delivered correctly. • A2. The receiver of a message knows who sent it. • A3. The absence of a message can be detected. • We also require, currently, a full communication graph.

  30. Messaging System - Implications • A1 (all messages are delivered correctly) and A2 (sender is known to receiver) prevent a traitor from interfering with communications. • A3 (detectable absence of messages) prevents a traitor from sabotaging by not sending a message. Default value for unsent messages is “retreat”.

  31. OM(m) – Oral Messages Alg • OM(m) is used by the commander in order to send his command to n-1 lieutenants. • We use the majority function. • The algorithm is defined recursively.

  32. Base - OM(0) • The commander sends his value to every lieutenant. • Each lieutenant uses the value he receives from the commander, or uses the RETREAT default value if he receives no value.

  33. Recursion - OM(m), m>0 • The commander sends his value to every lieutenant. • Lieutenant i denotes the value it received from the commander by vi. • Every lieutenant acts as a commander, sending the value he received to n-2 other lieutenants using OM(m-1). • For each i, and each j≠i, lieutenant i obeys majority( ), where vj is the value received from lieutenant j.

  34. Kick off – commander sends his value v to all lieutenants. This is the first step of OM(2) Now, loyal lieutenant 2 uses OM(1) in order to convince others That the value he received from the commander is v. Lieutenant 3 Lieutenant 2 v v v v v When lieutenants 1 and 3 get lieutenant 2’s value, they use OM(0) in order to send this value to all other lieutenants. Here we see only the values lieutenant 6 receives. Note the Traitors send wrong values. Now lieutenant 6 can use v lieutenant 2 value: majority(v,v,v,x,x)=v v v Lieutenant 1 Commander Lieutenant 4 v v x v v v v Lieutenant 6 Lieutenant 5 x

  35. Lemma • For any m and k, algorithm OM(m) satisfies IC2 if there are more than 2k+m generals and at most k traitors. • Recall IC2 assumes commander is loyal. • Proof by induction: • Base: m=0. By A1 (sent messages are received correctly), all the loyal lieutenants receive the same value the commander sent. QED base.

  36. Lemma – Closure (1) • Assume lemma’s true for m-1, m>0. • According to the algorithm: Loyal commander sends value v to n-1 lieutenants. Then each lieutenant sends his value to other lieutenants. • By hypothesis: n>2k+m, implying n-1>2k+m-1. Using induction hypothesis we get that every loyal lieutenant receives v as the value of other loyal lieutenants.

  37. Lemma – Closure (2) • There are at most k traitors and n-1>2k + (m-1)≥2k, a majority of the n-1 lieutenants are loyal. • Thus, each loyal lieutenant has v as the majority of the n-1 values. • QED lemma.

  38. Correctness of OM(m) • Theorem: For any m, OM(m) satisfies conditions IC1 and IC2 if there are more than 3m generals and at most m traitors. • Proof by induction on m: • Base m=0 is trivial – there are no traitors. • Closure: Assume theorem holds for m-1.

  39. Correctness of OM(m) – Closure(1) • First assume commander is loyal. By taking k=m, the lemma assures us that IC2 holds. If the commander is loyal, IC1 follows from IC2. QED for this case. • We need to prove that if the commander is a traitor, IC1 holds.

  40. Correctness of OM(m) – Closure(2) • There are at most m traitors, and the commander is one of them. • There are more than 3m generals, implying there are more than 3m-1 lieutenants, and 3m-1>3(m-1), i.e. number of traitors is less than a third of the number of lieutenants. . • Thus, the induction hypothesis holds for OM(m-1) (which the lieutenants use).

  41. Correctness of OM(m) – Closure(3) • By correctness of OM(m-1), each lieutenant i receives from lieutenant j the value lieutenant j received from the commander. • Therefore, all loyal lieutenants receive the same vector of values. • Therefore, they all obey the same value. • IC1 holds. QED.

  42. Part IV – Solution with Signed Messages • The traitor’s ability to lie makes the Byzantine Generals problem difficult. • We restrict this ability by introducing signed messages, which can’t be forged. • We add the assumption: • A4. (a) A loyal general’s signature can’t be forged, and any alteration of the content of his signed message can be detected. (b) Anyone can verify the authenticity of a general’s signature.

  43. Notes on A4 • Considering public key encryption and/or the possibility of pre-shared secretes between the generals, A4 is plausible. • Note that traitors can forge each others signatures. This enables traitors to band against the loyal generals. • Assuming A4, problem can be solved for and number of traitors.

  44. SM Algorithm (informal) • The commander sends his order signed. • Each message a lieutenant receives is signed by him and forwarded to all other lieutenants who hadn’t signed the message yet. • A lieutenant collects all values he receives from authentic messages in a set named V. • In the end, a lieutenant obeys the order CHOICE(V), where CHOICE is some pre-defined deterministic function.

  45. SM Correctness – Informal (1) • For IC2, assume commander is loyal. • Since no one can forge the commander’s signature, any authentic message can only contain the commander’s order. • Thus, for every loyal lieutenant, V contains only one value. QED if commander is loyal.

  46. SM Correctness – Informal (2) • Assume commander is a traitor. • We prove that all loyal lieutenants obtain the same V. • If lieutenant i collected the order v (recall this implies the order was properly authenticated), then he sends this order to all other lieutenants. • Thus any other loyal lieutenant will also collect the order v. QED SM correctness.

  47. Part V - A Note on Reliable Systems - Pros • Using the aforementioned algorithms, one can implement a reliable system. • Reliability is obtained on the software level, and can cope with any hardware malfunctioning. • Such a system uses redundancy of extra-computations in order to avoid a single malfunctioning module crashing the entire system.

  48. A Note on Reliable Systems - Cons • Then again, one need to make sure all of the assumptions hold… • A1 – Messages are delivered correctly: Communication failures can always occur. • A2 – The receiver of a message knows who sent it: Requires communication will carried on hard-wired lines. Unnecessary is A4 is assumed. • A3 – The absence of a message can be detected: Requires synchronization. • A4 – As stated before, quite reasonable.

  49. In Conclusion • We’ve found a necessary and sufficient condition on the number of traitors in order for the problem to be solvable. • We’ve solved the problem for the cases it’s solvable. • Achieving reliability in the face of arbitrary malfunctioning is a difficult problem. • It seems any solution is inherently costly: • Long message paths. • Many messages. • Much transferred information.

More Related