{"title":"Session details: Session 3","authors":"S. Schmid","doi":"10.1145/3246717","DOIUrl":"https://doi.org/10.1145/3246717","url":null,"abstract":"","PeriodicalId":186800,"journal":{"name":"Proceedings of the 2014 ACM symposium on Principles of distributed computing","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128901626","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
It is our great pleasure to welcome you to the 2014 ACM Symposium on Principles of Distributed Computing -- PODC'14. This year's symposium continues its tradition of being the premier forum for presentation of research on all aspects of distributed computing, including the theory, design, implementation and applications of distributed algorithms, systems and networks. During the years, PODC has been the stage where many landmark results have been presented that have increased our understanding of this exciting and fundamental research endeavor. In the best tradition of theoretical discovery, the insights that have been provided have not only elucidated fundamental conceptual issues but also found their way into the real world of systems and applications. � �The call for papers attracted 141 regular submissions and 23 brief announcements. The Program Committee accepted 39 papers and 11 brief announcements that cover a wide variety of topics. Every submitted paper was read and evaluated by at least three reviewers. The final decisions regarding acceptance or rejection of each paper were made through teleconference and electronic Program Committee discussions held during April 2014. Revised and expanded versions of a few selected papers will be considered for publication in a special issue of the journal Distributed Computing and in the Journal of the ACM. � �The program committee has selected the paper "Signature-Free Asynchronous Byzantine Consensus" by Achour Mostfaoui, Hamouma Moumen, and Michel Raynal for this year's Best Paper Award. In addition, the program committee selected the paper "Distributed Connectivity Decomposition" by Keren Censor-Hillel, Mohsen Ghaffari, and Fabian Kuhn for the Best Student Paper Award. Leslie Lamport, the 2013 ACM A.M. Turing Award recipient, will give his Turing Lecture. Three keynote talks will be given by Silvio Micali, Michael Luby, and Joseph Sifakis. The 2013 Dijkstra Prize was given to the paper, "Locality in distributed graph algorithms", by Nati Linial published in SIAM Journal on Computing, 21 (1992). It was presented at the 27th International Symposium on Distributed Computing (DISC). � �The 2014 Dijkstra Prize is given to the paper, "Distributed Snapshots: Determining Global States of Distributed Systems", by Kanianthra Mani Chandy and Leslie Lamport, published in ACM Transactions on Computer Systems (1985). It will be presented here. � �Finally, this year we will celebrate the 60th birthday of Maurice Herlihy.
我们非常高兴地欢迎您参加2014年ACM分布式计算原理研讨会(PODC'14)。今年的研讨会延续了它作为分布式计算各个方面研究的主要论坛的传统,包括分布式算法、系统和网络的理论、设计、实现和应用。多年来,PODC已经提出了许多具有里程碑意义的成果,这些成果增加了我们对这一令人兴奋的基础研究努力的理解。在理论发现的最佳传统中,所提供的见解不仅阐明了基本的概念问题,而且还找到了进入系统和应用的现实世界的方法。论文征集活动共收到141份定期提交的文件和23份简短公告。项目委员会接受了39篇论文和11篇简短的公告,涵盖了广泛的主题。每篇提交的论文都由至少三位审稿人阅读和评估。关于每篇论文的接受或拒绝的最终决定是通过2014年4月举行的电话会议和电子项目委员会讨论做出的。将考虑在《分布式计算》杂志的特刊和《美国计算机协会杂志》上发表几篇选定论文的修订和扩展版本。项目委员会选择了Achour Mostfaoui, Hamouma Moumen和Michel Raynal的论文“无签名异步拜占庭共识”作为今年的最佳论文奖。此外,项目委员会还将Keren centor - hillel、Mohsen Ghaffari和Fabian Kuhn的论文《分布式连接分解》评选为最佳学生论文奖。莱斯利·兰波特,2013年ACM A.M.图灵奖获得者,将进行图灵奖讲座。Silvio Micali, Michael Luby和Joseph Sifakis将做三个主题演讲。2013年Dijkstra奖授予了Nati Linial在SIAM Journal on Computing, 21(1992)上发表的论文“Locality in distributed graph algorithms”。这是在第27届国际分布式计算研讨会(DISC)上发表的。2014年Dijkstra奖授予论文“分布式快照:确定分布式系统的全局状态”,由Kanianthra Mani Chandy和Leslie Lamport撰写,发表在ACM计算机系统交易(1985)上。它将在这里展示。最后,今年我们将庆祝Maurice Herlihy的60岁生日。
{"title":"Proceedings of the 2014 ACM symposium on Principles of distributed computing","authors":"M. Halldórsson, S. Dolev","doi":"10.1145/2611462","DOIUrl":"https://doi.org/10.1145/2611462","url":null,"abstract":"It is our great pleasure to welcome you to the 2014 ACM Symposium on Principles of Distributed Computing -- PODC'14. This year's symposium continues its tradition of being the premier forum for presentation of research on all aspects of distributed computing, including the theory, design, implementation and applications of distributed algorithms, systems and networks. During the years, PODC has been the stage where many landmark results have been presented that have increased our understanding of this exciting and fundamental research endeavor. In the best tradition of theoretical discovery, the insights that have been provided have not only elucidated fundamental conceptual issues but also found their way into the real world of systems and applications. \u0000 \u0000The call for papers attracted 141 regular submissions and 23 brief announcements. The Program Committee accepted 39 papers and 11 brief announcements that cover a wide variety of topics. Every submitted paper was read and evaluated by at least three reviewers. The final decisions regarding acceptance or rejection of each paper were made through teleconference and electronic Program Committee discussions held during April 2014. Revised and expanded versions of a few selected papers will be considered for publication in a special issue of the journal Distributed Computing and in the Journal of the ACM. \u0000 \u0000The program committee has selected the paper \"Signature-Free Asynchronous Byzantine Consensus\" by Achour Mostfaoui, Hamouma Moumen, and Michel Raynal for this year's Best Paper Award. In addition, the program committee selected the paper \"Distributed Connectivity Decomposition\" by Keren Censor-Hillel, Mohsen Ghaffari, and Fabian Kuhn for the Best Student Paper Award. Leslie Lamport, the 2013 ACM A.M. Turing Award recipient, will give his Turing Lecture. Three keynote talks will be given by Silvio Micali, Michael Luby, and Joseph Sifakis. The 2013 Dijkstra Prize was given to the paper, \"Locality in distributed graph algorithms\", by Nati Linial published in SIAM Journal on Computing, 21 (1992). It was presented at the 27th International Symposium on Distributed Computing (DISC). \u0000 \u0000The 2014 Dijkstra Prize is given to the paper, \"Distributed Snapshots: Determining Global States of Distributed Systems\", by Kanianthra Mani Chandy and Leslie Lamport, published in ACM Transactions on Computer Systems (1985). It will be presented here. \u0000 \u0000Finally, this year we will celebrate the 60th birthday of Maurice Herlihy.","PeriodicalId":186800,"journal":{"name":"Proceedings of the 2014 ACM symposium on Principles of distributed computing","volume":"501 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127591037","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper presents a new round-based asynchronous consensus algorithm that copes with up to t < n/3 Byzantine processes, where n is the total number of processes. In addition of not using signature, not assuming a computationally-limited adversary, while being optimal with respect to the value of t, this algorithm has several noteworthy properties: the expected number of rounds to decide is four, each round is composed of two or three communication steps and involves O(n2) messages, and a message is composed of a round number plus a single bit. To attain this goal, the consensus algorithm relies on a common coin as defined by Rabin, and a new extremely simple and powerful broadcast abstraction suited to binary values. The main target when designing this algorithm was to obtain a cheap and simple algorithm. This was motivated by the fact that, among the first-class properties, simplicity --albeit sometimes under-estimated or even ignored-- is a major one.
{"title":"Signature-free asynchronous byzantine consensus with t < n/3 and o(n2) messages","authors":"A. Mostéfaoui, Moumen Hamouma, M. Raynal","doi":"10.1145/2611462.2611468","DOIUrl":"https://doi.org/10.1145/2611462.2611468","url":null,"abstract":"This paper presents a new round-based asynchronous consensus algorithm that copes with up to t < n/3 Byzantine processes, where n is the total number of processes. In addition of not using signature, not assuming a computationally-limited adversary, while being optimal with respect to the value of t, this algorithm has several noteworthy properties: the expected number of rounds to decide is four, each round is composed of two or three communication steps and involves O(n2) messages, and a message is composed of a round number plus a single bit. To attain this goal, the consensus algorithm relies on a common coin as defined by Rabin, and a new extremely simple and powerful broadcast abstraction suited to binary values. The main target when designing this algorithm was to obtain a cheap and simple algorithm. This was motivated by the fact that, among the first-class properties, simplicity --albeit sometimes under-estimated or even ignored-- is a major one.","PeriodicalId":186800,"journal":{"name":"Proceedings of the 2014 ACM symposium on Principles of distributed computing","volume":"1 3","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131450906","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Threshold cryptography is a fundamental distributed computational paradigm for enhancing the availability and the security of cryptographic public-key schemes. It does it by dividing private keys into n shares handed out to distinct servers. In threshold signature schemes, a set of at least t+1 ≤ n servers is needed to produce a valid digital signature. Availability is assured by the fact that any subset of t+1 servers can produce a signature when authorized. At the same time, the scheme should remain robust (in the fault tolerance sense) and unforgeable (cryptographically) against up to t corrupted servers; i.e., it adds quorum control to traditional cryptographic services and introduces redundancy. Originally, most practical threshold signatures have a number of demerits: They have been analyzed in a static corruption model (where the set of corrupted servers is fixed at the very beginning of the attack), they require interaction, they assume a trusted dealer in the key generation phase (so that the system is not fully distributed), or they suffer from certain overheads in terms of storage (large share sizes). In this paper, we construct practical fully distributed (the private key is born distributed), non-interactive schemes --- where the servers can compute their partial signatures without communication with other servers--- with adaptive security (i.e., the adversary corrupts servers dynamically based on its full view of the history of the system). Our schemes are very efficient in terms of computation, communication, and scalable storage (with private key shares of size O(1), where certain solutions incur O(n) storage costs at each server). Unlike other adaptively secure schemes, our schemes are erasure-free (reliable erasure is a hard to assure and hard to administer property in actual systems). To the best of our knowledge, such a fully distributed highly constrained scheme has been an open problem in the area. In particular, and of special interest, is the fact that Pedersen's traditional distributed key generation (DKG) protocol can be safely employed in the initial key generation phase when the system is born -- although it is well-known not to ensure uniformly distributed public keys. An advantage of this is that this protocol only takes one round optimistically (in the absence of faulty player).
{"title":"Born and raised distributively: fully distributed non-interactive adaptively-secure threshold signatures with short shares","authors":"Benoît Libert, M. Joye, M. Yung","doi":"10.1145/2611462.2611498","DOIUrl":"https://doi.org/10.1145/2611462.2611498","url":null,"abstract":"Threshold cryptography is a fundamental distributed computational paradigm for enhancing the availability and the security of cryptographic public-key schemes. It does it by dividing private keys into n shares handed out to distinct servers. In threshold signature schemes, a set of at least t+1 ≤ n servers is needed to produce a valid digital signature. Availability is assured by the fact that any subset of t+1 servers can produce a signature when authorized. At the same time, the scheme should remain robust (in the fault tolerance sense) and unforgeable (cryptographically) against up to t corrupted servers; i.e., it adds quorum control to traditional cryptographic services and introduces redundancy. Originally, most practical threshold signatures have a number of demerits: They have been analyzed in a static corruption model (where the set of corrupted servers is fixed at the very beginning of the attack), they require interaction, they assume a trusted dealer in the key generation phase (so that the system is not fully distributed), or they suffer from certain overheads in terms of storage (large share sizes). In this paper, we construct practical fully distributed (the private key is born distributed), non-interactive schemes --- where the servers can compute their partial signatures without communication with other servers--- with adaptive security (i.e., the adversary corrupts servers dynamically based on its full view of the history of the system). Our schemes are very efficient in terms of computation, communication, and scalable storage (with private key shares of size O(1), where certain solutions incur O(n) storage costs at each server). Unlike other adaptively secure schemes, our schemes are erasure-free (reliable erasure is a hard to assure and hard to administer property in actual systems). To the best of our knowledge, such a fully distributed highly constrained scheme has been an open problem in the area. In particular, and of special interest, is the fact that Pedersen's traditional distributed key generation (DKG) protocol can be safely employed in the initial key generation phase when the system is born -- although it is well-known not to ensure uniformly distributed public keys. An advantage of this is that this protocol only takes one round optimistically (in the absence of faulty player).","PeriodicalId":186800,"journal":{"name":"Proceedings of the 2014 ACM symposium on Principles of distributed computing","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121809960","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
With hardware transactional memory (HTM) becoming available in mainstream processors, lock-based critical sections may now initiate a hardware transaction instead of taking the lock, enabling their concurrent execution unless a real data conflict occurs. However, just a few transactional aborts can cause the lock to be acquired non-transactionally resulting in the serialization of all the threads, severely degrading the amount of speedup obtained. In this paper we provide two software extension mechanisms that considerably improve the concurrency and speedup levels attained by lock based programs using HTM-based lock elision. The first sacrifices opacity to achieve higher levels of concurrency, and the second retains opacity while reaching slightly lower levels of concurrency. Evaluation on STAMP and on data structure benchmarks on an Intel Haswell processor shows that these techniques improve the speedup by up to 3.5 times and $10$ times respectively, compared to using Haswell's hardware lock elision as is.
{"title":"Software-improved hardware lock elision","authors":"Y. Afek, A. Levy, Adam Morrison","doi":"10.1145/2611462.2611482","DOIUrl":"https://doi.org/10.1145/2611462.2611482","url":null,"abstract":"With hardware transactional memory (HTM) becoming available in mainstream processors, lock-based critical sections may now initiate a hardware transaction instead of taking the lock, enabling their concurrent execution unless a real data conflict occurs. However, just a few transactional aborts can cause the lock to be acquired non-transactionally resulting in the serialization of all the threads, severely degrading the amount of speedup obtained. In this paper we provide two software extension mechanisms that considerably improve the concurrency and speedup levels attained by lock based programs using HTM-based lock elision. The first sacrifices opacity to achieve higher levels of concurrency, and the second retains opacity while reaching slightly lower levels of concurrency. Evaluation on STAMP and on data structure benchmarks on an Intel Haswell processor shows that these techniques improve the speedup by up to 3.5 times and $10$ times respectively, compared to using Haswell's hardware lock elision as is.","PeriodicalId":186800,"journal":{"name":"Proceedings of the 2014 ACM symposium on Principles of distributed computing","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115208898","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Session details: Session 5","authors":"M. Yung","doi":"10.1145/3246719","DOIUrl":"https://doi.org/10.1145/3246719","url":null,"abstract":"","PeriodicalId":186800,"journal":{"name":"Proceedings of the 2014 ACM symposium on Principles of distributed computing","volume":"104 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126588632","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Manfred Schwarz, Kyrill Winkler, U. Schmid, M. Biely, Peter Robinson
We present a k-set agreement algorithm for synchronous dynamic distributed systems with unidirectional links controlled by an omniscient adversary. Our algorithm automatically adapts to the actual network properties: If the network is sufficiently well-connected, it solves consensus, while degrading gracefully to general k-set agreement in less well-behaved runs. The algorithm is oblivious to the maximum number of system-wide decision values k, which is bounded by the number of certain strongly connected components occurring in the dynamically changing network in a run. Related impossibility results reveal that this bound is close to the solvability border for k-set agreement. To the best of our knowledge, this is the first consensus algorithm that degrades in a graceful way in a dynamic network.
{"title":"Brief announcement: gracefully degrading consensus and k-set agreement under dynamic link failures","authors":"Manfred Schwarz, Kyrill Winkler, U. Schmid, M. Biely, Peter Robinson","doi":"10.1145/2611462.2611506","DOIUrl":"https://doi.org/10.1145/2611462.2611506","url":null,"abstract":"We present a k-set agreement algorithm for synchronous dynamic distributed systems with unidirectional links controlled by an omniscient adversary. Our algorithm automatically adapts to the actual network properties: If the network is sufficiently well-connected, it solves consensus, while degrading gracefully to general k-set agreement in less well-behaved runs. The algorithm is oblivious to the maximum number of system-wide decision values k, which is bounded by the number of certain strongly connected components occurring in the dynamically changing network in a run. Related impossibility results reveal that this bound is close to the solvability border for k-set agreement. To the best of our knowledge, this is the first consensus algorithm that degrades in a graceful way in a dynamic network.","PeriodicalId":186800,"journal":{"name":"Proceedings of the 2014 ACM symposium on Principles of distributed computing","volume":"70 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127347165","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Read copy update (RCU) is a novel synchronization mechanism, in which the burden of synchronization falls completely on the updaters, by having them wait for all pre-existing readers to finish their read-side critical section. This paper presents citrus, a concurrent binary search tree (BST) with a wait-free Contains operation, using RCU synchronization and fine-grained locking for synchronization among updaters. This is the first RCU-based data structure that allows concurrent updaters. While there are methodologies for using RCU to coordinate between readers and updaters, they do not address the issue of coordination among updaters, and indeed, all existing RCU-based data structures rely on coarse-grained synchronization between updaters. Experimental evaluation shows that citrus beats previous RCU-based search trees, even under mild update contention, and compares well with the best-known concurrent dictionaries.
{"title":"Concurrent updates with RCU: search tree as an example","authors":"M. Arbel, H. Attiya","doi":"10.1145/2611462.2611471","DOIUrl":"https://doi.org/10.1145/2611462.2611471","url":null,"abstract":"Read copy update (RCU) is a novel synchronization mechanism, in which the burden of synchronization falls completely on the updaters, by having them wait for all pre-existing readers to finish their read-side critical section. This paper presents citrus, a concurrent binary search tree (BST) with a wait-free Contains operation, using RCU synchronization and fine-grained locking for synchronization among updaters. This is the first RCU-based data structure that allows concurrent updaters. While there are methodologies for using RCU to coordinate between readers and updaters, they do not address the issue of coordination among updaters, and indeed, all existing RCU-based data structures rely on coarse-grained synchronization between updaters. Experimental evaluation shows that citrus beats previous RCU-based search trees, even under mild update contention, and compares well with the best-known concurrent dictionaries.","PeriodicalId":186800,"journal":{"name":"Proceedings of the 2014 ACM symposium on Principles of distributed computing","volume":"79 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125621381","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper compares, for the first time, the computational power of linearizable objects with that of eventually linearizable ones. We present the following paradox. We show that, unsurprisingly, no set of eventually linearizable objects can (1) implement any non-trivial linearizable object, nor (2) boost the consensus power of simple objects like linearizable registers. We also show, perhaps surprisingly, that any implementation of an eventually linearizable complex object like a fetch&increment counter (from linearizable base objects), can itself be viewed as a fully linearizable implementation of the same fetch&increment counter (using the exact same set of base objects).
{"title":"A paradox of eventual linearizability in shared memory","authors":"R. Guerraoui, E. Ruppert","doi":"10.1145/2611462.2611484","DOIUrl":"https://doi.org/10.1145/2611462.2611484","url":null,"abstract":"This paper compares, for the first time, the computational power of linearizable objects with that of eventually linearizable ones. We present the following paradox. We show that, unsurprisingly, no set of eventually linearizable objects can (1) implement any non-trivial linearizable object, nor (2) boost the consensus power of simple objects like linearizable registers. We also show, perhaps surprisingly, that any implementation of an eventually linearizable complex object like a fetch&increment counter (from linearizable base objects), can itself be viewed as a fully linearizable implementation of the same fetch&increment counter (using the exact same set of base objects).","PeriodicalId":186800,"journal":{"name":"Proceedings of the 2014 ACM symposium on Principles of distributed computing","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134159933","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
J. Garay, Clint Givens, R. Ostrovsky, Pavel Raykov
In this paper we focus on sender-anonymous channels (a.k.a. Dining Cryptographers networks) and present a construction requiring a very low (constant) number of rounds of interaction while tolerating actively malicious behavior by some of the participants (up to less than half of them). Our construction is unconditionally secure (meaning that no bounds are placed on the computational power of the adversary), makes black-box use of a verifiable secret sharing (VSS) protocol, and is based on a special-purpose secure multiparty computation protocol implementing the method of "throwing darts;" its round complexity is essentially equal to that of the VSS protocol. In addition, since broadcast cannot be simulated in a point-to-point network when a third or more of the participants are corrupt, it is impossible to construct VSS (and, more generally, any other basic multiparty protocol) in this setting without using a "physical broadcast channel," and a recent line of research has sought to minimize the use of this expensive resource. Our anonymous channel protocol's reduction to VSS is broadcast-round-preserving, thus making the fewest (known to date) calls to the broadcast channel while running in an overall constant number of rounds. Finally, anonymous channels play an important role in the setup phase of an authentication technique known as pseudosignatures, which then may be used to simulate authenticated Byzantine agreement protocols in the information-theoretic setting. Plugging in our anonymous channel translates into a fast (and broadcast-efficient) pseudosignature construction.
{"title":"Fast and unconditionally secure anonymous channel","authors":"J. Garay, Clint Givens, R. Ostrovsky, Pavel Raykov","doi":"10.1145/2611462.2611494","DOIUrl":"https://doi.org/10.1145/2611462.2611494","url":null,"abstract":"In this paper we focus on sender-anonymous channels (a.k.a. Dining Cryptographers networks) and present a construction requiring a very low (constant) number of rounds of interaction while tolerating actively malicious behavior by some of the participants (up to less than half of them). Our construction is unconditionally secure (meaning that no bounds are placed on the computational power of the adversary), makes black-box use of a verifiable secret sharing (VSS) protocol, and is based on a special-purpose secure multiparty computation protocol implementing the method of \"throwing darts;\" its round complexity is essentially equal to that of the VSS protocol. In addition, since broadcast cannot be simulated in a point-to-point network when a third or more of the participants are corrupt, it is impossible to construct VSS (and, more generally, any other basic multiparty protocol) in this setting without using a \"physical broadcast channel,\" and a recent line of research has sought to minimize the use of this expensive resource. Our anonymous channel protocol's reduction to VSS is broadcast-round-preserving, thus making the fewest (known to date) calls to the broadcast channel while running in an overall constant number of rounds. Finally, anonymous channels play an important role in the setup phase of an authentication technique known as pseudosignatures, which then may be used to simulate authenticated Byzantine agreement protocols in the information-theoretic setting. Plugging in our anonymous channel translates into a fast (and broadcast-efficient) pseudosignature construction.","PeriodicalId":186800,"journal":{"name":"Proceedings of the 2014 ACM symposium on Principles of distributed computing","volume":"2200 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130132282","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: