{"title":"Byzantine Agreement with Optimal Resilience via Statistical Fraud Detection","authors":"Shang-En Huang, Seth Pettie, Leqi Zhu","doi":"10.1145/3639454","DOIUrl":null,"url":null,"abstract":"<p>Since the mid-1980s it has been known that Byzantine Agreement can be solved with probability 1 asynchronously, even against an omniscient, computationally unbounded adversary that can adaptively <i>corrupt</i> up to <i>f</i> < <i>n</i>/3 parties. Moreover, the problem is insoluble with <i>f</i> ≥ <i>n</i>/3 corruptions. However, Bracha’s [13] 1984 protocol (see also Ben-Or [8]) achieved <i>f</i> < <i>n</i>/3 resilience at the cost of <i>exponential</i> expected latency 2<sup><i>Θ</i>(<i>n</i>)</sup>, a bound that has <i>never</i> been improved in this model with <i>f</i> = ⌊(<i>n</i> − 1)/3⌋ corruptions. </p><p>In this paper, we prove that Byzantine Agreement in the asynchronous, full information model can be solved with probability 1 against an adaptive adversary that can corrupt <i>f</i> < <i>n</i>/3 parties, while incurring only <i>polynomial latency with high probability</i>. Our protocol follows an earlier polynomial latency protocol of King and Saia [33,34], which had <i>suboptimal</i>\nresilience, namely <i>f</i> ≈ <i>n</i>/10<sup>9</sup> [33,34]. </p><p>Resilience <i>f</i> = (<i>n</i> − 1)/3 is uniquely difficult, as this is the point at which the influence of the Byzantine and honest players are of roughly equal strength. The core technical problem we solve is to design a collective coin-flipping protocol that <i>eventually</i>\nlets us flip a coin with an unambiguous outcome. In the beginning, the influence of the Byzantine players is too powerful to overcome, and they can essentially fix the coin’s behavior at will. We guarantee that after just a polynomial number of executions of the coin-flipping protocol, either (a) the Byzantine players fail to fix the behavior of the coin (thereby ending the game) or (b) we can “blacklist” players such that the blacklisting rate for Byzantine players is at least as large as the blacklisting rate for good players. The blacklisting criterion is based on a simple statistical test of <i>fraud detection</i>.</p>","PeriodicalId":50022,"journal":{"name":"Journal of the ACM","volume":"6 1","pages":""},"PeriodicalIF":2.3000,"publicationDate":"2024-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of the ACM","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1145/3639454","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0
Abstract
Since the mid-1980s it has been known that Byzantine Agreement can be solved with probability 1 asynchronously, even against an omniscient, computationally unbounded adversary that can adaptively corrupt up to f < n/3 parties. Moreover, the problem is insoluble with f ≥ n/3 corruptions. However, Bracha’s [13] 1984 protocol (see also Ben-Or [8]) achieved f < n/3 resilience at the cost of exponential expected latency 2Θ(n), a bound that has never been improved in this model with f = ⌊(n − 1)/3⌋ corruptions.
In this paper, we prove that Byzantine Agreement in the asynchronous, full information model can be solved with probability 1 against an adaptive adversary that can corrupt f < n/3 parties, while incurring only polynomial latency with high probability. Our protocol follows an earlier polynomial latency protocol of King and Saia [33,34], which had suboptimal
resilience, namely f ≈ n/109 [33,34].
Resilience f = (n − 1)/3 is uniquely difficult, as this is the point at which the influence of the Byzantine and honest players are of roughly equal strength. The core technical problem we solve is to design a collective coin-flipping protocol that eventually
lets us flip a coin with an unambiguous outcome. In the beginning, the influence of the Byzantine players is too powerful to overcome, and they can essentially fix the coin’s behavior at will. We guarantee that after just a polynomial number of executions of the coin-flipping protocol, either (a) the Byzantine players fail to fix the behavior of the coin (thereby ending the game) or (b) we can “blacklist” players such that the blacklisting rate for Byzantine players is at least as large as the blacklisting rate for good players. The blacklisting criterion is based on a simple statistical test of fraud detection.
期刊介绍:
The best indicator of the scope of the journal is provided by the areas covered by its Editorial Board. These areas change from time to time, as the field evolves. The following areas are currently covered by a member of the Editorial Board: Algorithms and Combinatorial Optimization; Algorithms and Data Structures; Algorithms, Combinatorial Optimization, and Games; Artificial Intelligence; Complexity Theory; Computational Biology; Computational Geometry; Computer Graphics and Computer Vision; Computer-Aided Verification; Cryptography and Security; Cyber-Physical, Embedded, and Real-Time Systems; Database Systems and Theory; Distributed Computing; Economics and Computation; Information Theory; Logic and Computation; Logic, Algorithms, and Complexity; Machine Learning and Computational Learning Theory; Networking; Parallel Computing and Architecture; Programming Languages; Quantum Computing; Randomized Algorithms and Probabilistic Analysis of Algorithms; Scientific Computing and High Performance Computing; Software Engineering; Web Algorithms and Data Mining
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
