Synchronous Mortal Byzantine

A Fault Tolerant Mechanism For Distributed Systems

Seminar Report By: Bibaswann Bandyopadhyay CSE, 7th Semester Roll No. 20081017 University Institute of Technology

Introduction
`

Several divisions of the Byzantine army are camped outside an enemy city, each division commanded by its own general. However, some of the generals may be traitors. Since the Byzantine Empire ceased to exists, we observe that Byzantines were mortal, their traitors doubly so. In what follows, we treat them as such.

Faults
` `

Deviation from expected behavior Variety of factors

` ` ` `

hardware software operator Network

Three categories
` ` `

transient faults intermittent faults permanent faults

Any fault may be

` `

fail-silent (fail-stop) Byzantine

What is a Byzantine Failure?

`

Three primary differences from Fail-Stop Failure

1)

Component can produce arbitrary output

Fail-stop: produces correct output or none Fail-stop: can always detect that component has stopped No collusion across components

2)

Cannot always detect output is faulty

3)

Components may work together maliciously

Motivation
` `

Build reliable systems in the presence of faulty components Common approach:

` `

Have multiple (potentially faulty) components compute same function Perform majority vote on outputs to get right result

C1 C2 C3

majority(v1,v2,v3)

f faulty, f+1 good components ==> 2f+1 total

Key Step
A commanding general must send an order to his n-1 lieutenant generals such that IC1. All loyal lieutenants obey the same order. IC2. If the commanding general is loyal, then every loyal lieutenant obeys the order he sends.

Option 1: Loyal Commander

commander

attack attack L1 retreat L2

What must L1 do?

By IC2: L1 must obey commander and attack

Option 2: Loyal L2
commander

retreat attack L1 retreat L2

What must L1 do?

By IC1: L1 and L2 must obey same order --> L1 must retreat Problem: L1 cant distinguish between 2 scenarios

Oral Message Algorithm

` `

OM(0)
`

Commander sends his value to every lieutenant Commander sends his value to every lieutenant For each i, let vi be value Lieutenant i receives from commander; act as commander for OM(m-1) and send vi to n-2 other lieutenants For each i and each j i, let vj be value Lieutenant i received from Lieutenant j. Lieutenant i computes majority(v1,...,vn-1)

OM(m), m>0
` `

Example: Bad Lieutenant

`

Scenario: m=1, n=4, traitor = L3

A A L1 L2 L3 C A

OM(1):

C OM(0):??? L1 A A Decision?? R L1 = m (A, A, R); L2 = m (A, A, R); Both attack! L2 R L3

Example: Bad Commander

`

Scenario: m=1, n=4, traitor = C

A R L1 L2 L3 C A

OM(1):

A OM(0):??? L1 A R A Decision?? L1=m(A, R, A); L2=m(A, R, A); L3=m(A,R,A); Attack! L2 R A L3

Three Phase Protocol

` ` ` ` `

state of each replica is stored in a message log. Primary p receives a client request m , it starts a three-phase protocol. Three phases are: pre-prepare, prepare, commit. Pre-prepare and prepare phases is used to totally order requests. In pre-prepare phase
` `

Primary assigns sequence number n to request. Multicast pre-prepare msg. to all backups and appends the msg. to its log.

Three phase protocol(contd.)

Conclusion
`

The algorithm works correctly in asynchronous system like the internet. Previous algorithms are too slow to be used in practical (proportional to the number of faulty nodes vs. number of phases) One reason why Byzantine fault tolerant algorithms is important in future is that they allow the system to work correctly even when there are software errors.
` ` ` `

not all, software errors that occur in all replicas It can mask errors that occur independently at different replicas Non-deterministic software errors Persistent errors

Thank you