Presentation is loading. Please wait.

Presentation is loading. Please wait.

Intrusion Tolerant Consensus in Wireless Ad hoc Networks Henrique Moniz, Nuno Neves, Miguel Correia LASIGE Dep. Informática da Faculdade de Ciências Universidade.

Published byAgatha Nelson Modified over 7 years ago

Similar presentations

Presentation on theme: "Intrusion Tolerant Consensus in Wireless Ad hoc Networks Henrique Moniz, Nuno Neves, Miguel Correia LASIGE Dep. Informática da Faculdade de Ciências Universidade."— Presentation transcript:

1 Intrusion Tolerant Consensus in Wireless Ad hoc Networks Henrique Moniz, Nuno Neves, Miguel Correia LASIGE Dep. Informática da Faculdade de Ciências Universidade de Lisboa

2

3 Consensus 1 0 0 1 1 1 1

4 Abstracting the Ad hoc Network

5 Environment

6 Communication Medium open and natural broadcasting environment where the cost of transmitting to multiple nodes can be the same of transmitting to a single one

7 Model n nodes communicate by broadcasting messages Dynamic omission transmission faults Byzantine process failures Asynchronous system

8 Impossibility Results Fischer, Lynch and Paterson, Impossibility of Distributed Consensus with One Faulty Process, 1985 Consensus is impossible in an asynchronous system if only one process can crash Santoro and Widmayer, Time is not a Healer, 1989 Consensus is impossible in a synchronous system if n−2 transmission omission faults can occur per communication step

9 Impossibility Results Fischer, Lynch and Paterson, Impossibility of Distributed Consensus with One Faulty Process, 1985 Consensus is impossible in an asynchronous system if only one process can crash Santoro and Widmayer, Time is not a Healer, 1989 Consensus is impossible in a synchronous system if n−2 transmission omission faults can occur per communication step

10 The Turquois Protocol

11 Desirable Features Ensure liveness when the number of omissions is within a certain upper bound σ Maintain safety despite any number of omissions Ensure both liveness and safety if the number of Byzantine nodes is within an upper bound f Terminate in three communication rounds in executions with benign fault patterns

12 k -consensus Validity Agreement Termination k correct processes decide with (asymptotic) probability 1 no two correct processes decide different values no correct process decides a value that wasn’t proposed by some correct process k out of n processes decide on a binary value 0 or 1

13 ConvergeLock Phase Decide phase mod 3 = 1 phase mod 3 = 2 phase mod 3 = 0

14 ConvergeLock Phase Decide phase mod 3 = 1 phase mod 3 = 2 phase mod 3 = 0 1 4 7 10... 2 5 8 11... 3 6 9 12...

15 ConvergeLock Phase Decide phase mod 3 = 1 phase mod 3 = 2 phase mod 3 = 0 Processes increment their phase if they receive messages from a strong majority (more than [n+f]/2 ) of processes with the same phase value 1 4 7 10... 2 5 8 11... 3 6 9 12... or from a process with a higher phase value

16 ConvergeLock Phase Decide phase mod 3 = 1 phase mod 3 = 2 phase mod 3 = 0 Set the proposal value to the value v that appears in a majority of the received messages

17 ConvergeLock Phase Decide phase mod 3 = 1 phase mod 3 = 2 phase mod 3 = 0 Set the proposal value to the value v that appears in a majority of the received messages Yes. Set the proposal value to v. No. Set the proposal value to a meaningless value ⊥. Is the same value v in a strong majority of messages?

18 ConvergeLock Phase Decide phase mod 3 = 1 phase mod 3 = 2 phase mod 3 = 0 Set the proposal value to the value v that appears in a majority of the received messages Is the same value v in a strong majority of messages? Yes. Set the proposal value to v. No. Set the proposal value to a meaningless value ⊥. Is the same value v in a strong majority of messages? A strong majority. Decide v. At least one. Set the proposal value to v. None. Set the proposal value to a random value 0 or 1. How many processes have proposed the same value v ∊ {0, 1} ?

19 If we ensure that this cycle continues to happen, then processes will decide eventually ConvergeLock Phase phase mod 3 = 1 phase mod 3 = 2 Decide phase mod 3 = 0

20 Limiting the Actions of Byzantine Processes

21 Validation of Messages Authenticity validation  Ensures that a message m was actually generated by the process at the source of a transmission Semantic validation  Ensures that the contents of a message m are congruent with the execution of the protocol

22 How many faults can we tolerate? Omission Faults (liveness): Byzantine Nodes: Omission Faults (safety): ∞

23 Performance Evaluation

24 The performance of Turquois was compared against two existing (randomized) binary Byzantine consensus algorithms Bracha’s consensus (Bracha, 1984) Expected running time to termination: O(2 n ) Message complexity: O(n 3 ) No public-key cryptography ABBA (Cachin, Kursawe, Shoup, 2001) Termination in one or two rounds Message complexity: O(n 2 ) Resorts to asymmetric cryptography

25 Performance Evaluation Testbed 802.11b wireless ad hoc network 4 to 16 nodes Pentium III computers with Linux 2.6.18 Experimental Parameters Initial proposal values - unanimous - divergent Faultload - no faulty nodes - less than one third of Byzantine nodes

26 n Bracha’s ABBA Turquois Average latency (in ms) with no faulty nodes and unanimous proposals

27 n Bracha’s ABBA Turquois Average latency (in ms) with no faulty nodes and unanimous proposals

28 n Bracha’s ABBA Turquois Average latency (in ms) with no faulty nodes and divergent proposals

29 n Bracha’s ABBA Turquois Average latency (in ms) with Byzantine nodes and unanimous proposals

30 n Bracha’s ABBA Turquois Average latency (in ms) with Byzantine nodes and divergent proposals

31 Conclusions The first consensus protocol that tolerates a combination of: ➡ Byzantine nodes ➡ Dynamic omission transmission faults The first protocol that circumvents the impossibility results of FLP and SW A novel mechanism for broadcast message authentication that relies on hashing operations during normal execution Our modeling assumptions paid off! Turquois was shown to be faster, in many cases by more than an order of magnitude

Download ppt "Intrusion Tolerant Consensus in Wireless Ad hoc Networks Henrique Moniz, Nuno Neves, Miguel Correia LASIGE Dep. Informática da Faculdade de Ciências Universidade."

Similar presentations

The Contest between Simplicity and Efficiency in Asynchronous Byzantine Agreement Allison Lewko The University of Texas at Austin TexPoint fonts used in.

The Contest between Simplicity and Efficiency in Asynchronous Byzantine Agreement Allison Lewko The University of Texas at Austin TexPoint fonts used in.
Fault Tolerance. Basic System Concept Basic Definitions Failure: deviation of a system from behaviour described in its specification. Error: part of.

Fault Tolerance. Basic System Concept Basic Definitions Failure: deviation of a system from behaviour described in its specification. Error: part of.
Impossibility of Distributed Consensus with One Faulty Process

Impossibility of Distributed Consensus with One Faulty Process
CS 542: Topics in Distributed Systems Diganta Goswami.

CS 542: Topics in Distributed Systems Diganta Goswami.
A General Characterization of Indulgence R. Guerraoui EPFL joint work with N. Lynch (MIT)

A General Characterization of Indulgence R. Guerraoui EPFL joint work with N. Lynch (MIT)
Failure Detection The ping-ack failure detector in a synchronous system satisfies – A: completeness – B: accuracy – C: neither – D: both.

Failure Detection The ping-ack failure detector in a synchronous system satisfies – A: completeness – B: accuracy – C: neither – D: both.
6.852: Distributed Algorithms Spring, 2008 Class 7.

6.852: Distributed Algorithms Spring, 2008 Class 7.
Failure detector The story goes back to the FLP’85 impossibility result about consensus in presence of crash failures. If crash can be detected, then consensus.

Failure detector The story goes back to the FLP’85 impossibility result about consensus in presence of crash failures. If crash can be detected, then consensus.
Byzantine Generals Problem: Solution using signed messages.

Byzantine Generals Problem: Solution using signed messages.
Data Consistency in Sensor Networks: Secure Agreement Fatemeh Borran Supervised by: Panos Papadimitratos, Marcin Poturalski Prof. Jean-Pierre Hubaux IC-29.

Data Consistency in Sensor Networks: Secure Agreement Fatemeh Borran Supervised by: Panos Papadimitratos, Marcin Poturalski Prof. Jean-Pierre Hubaux IC-29.
CPSC 668Set 10: Consensus with Byzantine Failures1 CPSC 668 Distributed Algorithms and Systems Fall 2009 Prof. Jennifer Welch.

CPSC 668Set 10: Consensus with Byzantine Failures1 CPSC 668 Distributed Algorithms and Systems Fall 2009 Prof. Jennifer Welch.
1 Principles of Reliable Distributed Systems Lectures 11: Authenticated Byzantine Consensus Spring 2005 Dr. Idit Keidar.

1 Principles of Reliable Distributed Systems Lectures 11: Authenticated Byzantine Consensus Spring 2005 Dr. Idit Keidar.
1 Principles of Reliable Distributed Systems Lecture 6: Synchronous Uniform Consensus Spring 2005 Dr. Idit Keidar.

1 Principles of Reliable Distributed Systems Lecture 6: Synchronous Uniform Consensus Spring 2005 Dr. Idit Keidar.
1 Principles of Reliable Distributed Systems Lecture 3: Synchronous Uniform Consensus Spring 2006 Dr. Idit Keidar.

1 Principles of Reliable Distributed Systems Lecture 3: Synchronous Uniform Consensus Spring 2006 Dr. Idit Keidar.
 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2006 1 Principles of Reliable Distributed Systems Lecture 7: Failure Detectors.

 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Lecture 7: Failure Detectors.
Asynchronous Consensus (Some Slides borrowed from ppt on Web.(by Ken Birman) )

Asynchronous Consensus (Some Slides borrowed from ppt on Web.(by Ken Birman) )
CPSC 668Set 9: Fault Tolerant Consensus1 CPSC 668 Distributed Algorithms and Systems Fall 2006 Prof. Jennifer Welch.

CPSC 668Set 9: Fault Tolerant Consensus1 CPSC 668 Distributed Algorithms and Systems Fall 2006 Prof. Jennifer Welch.
CPSC 668Set 9: Fault Tolerant Consensus1 CPSC 668 Distributed Algorithms and Systems Spring 2008 Prof. Jennifer Welch.

CPSC 668Set 9: Fault Tolerant Consensus1 CPSC 668 Distributed Algorithms and Systems Spring 2008 Prof. Jennifer Welch.
Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring 2009 1 Principles of Reliable Distributed Systems Lecture 6: Synchronous Byzantine.

Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Lecture 6: Synchronous Byzantine.
1 Fault-Tolerant Consensus. 2 Failures in Distributed Systems Link failure: A link fails and remains inactive; the network may get partitioned Crash:

1 Fault-Tolerant Consensus. 2 Failures in Distributed Systems Link failure: A link fails and remains inactive; the network may get partitioned Crash:

Similar presentations

Ads by Google