Brijesh Dongol,John Derrick

DOI: https://doi.org/10.48550/arXiv.1410.6268

2015-01-31

Abstract:Linearizability has become the key correctness criterion for concurrent data structures, ensuring that histories of the concurrent object under consideration are consistent, where consistency is judged with respect to a sequential history of a corresponding abstract data structure. Linearizability allows any order of concurrent (i.e., overlapping) calls to operations to be picked, but requires the real-time order of non-overlapping to be preserved. Over the years numerous techniques for verifying linearizability have been developed, using a variety of formal foundations such as refinement, shape analysis, reduction, etc. However, as the underlying framework, nomenclature and terminology for each method differs, it has become difficult for practitioners to judge the differences between each approach, and hence, judge the methodology most appropriate for the data structure at hand. We compare the major of methods used to verify linearizability, describe the main contribution of each method, and compare their advantages and limitations.

Logic in Computer Science

Hongjin Liang,Xinyu Feng

DOI: https://doi.org/10.1145/3453483.3454067

2021-01-01

Abstract:Strong eventual consistency (SEC) has been used as a classic notion of correctness for Conflict-Free Replicated Data Types (CRDTs). However, it does not give proper abstractions of functionality, thus is not helpful for modular verification of client programs using CRDTs. We propose a new correctness formulation for CRDTs, called Abstract Converging Consistency (ACC), to specify both data consistency and functional correctness. ACC gives abstract atomic specifications (as an abstraction) to CRDT operations, and establishes consistency between the concrete execution traces and the execution using the abstract atomic operations. The abstraction allows us to verify the CRDT implementation and its client programs separately, resulting in more modular and elegant proofs than monolithic approaches for whole program verification. We give a generic proof method to verify ACC of CRDT implementations, and a rely-guarantee style program logic to verify client programs. Our Abstraction theorem shows that ACC is equivalent to contextual refinement, linking the verification of CRDT implementations and clients together to derive functional correctness of whole programs.

Amir Esmaeili,Abderrahmen Mtibaa

2024-04-18

Abstract:The rapid advancement of autonomous driving technology is accompanied by substantial challenges, particularly the reliance on remote task execution without ensuring a reliable and accurate returned results. This reliance on external compute servers, which may be malicious or rogue, represents a major security threat. While researchers have been exploring verifiable computing, and replication-based task verification as a simple, fast, and dependable method to assess the correctness of results. However, colluding malicious workers can easily defeat this method. Existing collusion detection and mitigation solutions often require the use of a trusted third party server or verified tasks which may be hard to guarantee, or solutions that assume the presence of a minority of colluding servers. We propose SERENE, a collusion resilient replication-based verification framework that detects, and mitigates colluding workers. Unlike state-of-the-art solutions, SERENE uses a lightweight detection algorithm that detects collusion based on a single verification task. Mitigation requires a two stage process to group the workers and identifying colluding from honest workers. We implement and compare SERENE's performance to Staab et. al, resulting in an average of 50\% and 60\% accuracy improvement in detection and mitigation accuracy respectively.

Cryptography and Security,Networking and Internet Architecture

Priyanka Kumar,Sathya Peri

DOI: https://doi.org/10.48550/arXiv.1509.04048

2015-09-14

Distributed, Parallel, and Cluster Computing

Abstract:In recent years, Software Transactional Memory systems (STMs) have garnered significant interest as an elegant alternative for addressing concurrency issues in memory. STM systems take optimistic approach. Multiple transactions are allowed to execute concurrently. On completion, each transaction is validated and if any inconsistency is observed it is aborted. Otherwise it is allowed to commit. In databases a class of histories called as conflict-serializability (CSR) based on the notion of conflicts have been identified, whose membership can be efficiently verified. As a result, CSR is the commonly used correctness criterion in databases. Similarly, using the notion of conflicts, a correctness criterion, conflict-opacity (co-opacity) which is a sub-class of can be designed whose membership can be verified in polynomial time. Using the verification mechanism, an efficient STM implementation can be designed that is permissive w.r.t co-opacity. By storing multiple versions for each transaction object, multi-version STMs provide more concurrency than single-version STMs. But the main drawback of co-opacity is that it does not admit histories that are uses multiple versions. This has motivated us to develop a new conflict notions for multi-version STMs. In this paper, we present a new conflict notion multi-version conflict. Using this conflict notion, we identify a new subclass of opacity (a popular correctness-criterion), mvc-opacity that admits multi-versioned histories and whose membership can be verified in polynomial time. We show that co-opacity is a proper subset of this class. The proposed conflict notion mv-conflict can be applied on non-sequential histories as well unlike traditional conflicts. Further, we believe that this conflict notion can be easily extended to other correctness-criterion as well.

Joseph M. Hellerstein,Peter Alvaro

DOI: https://doi.org/10.48550/arXiv.1901.01930

2019-01-26

Abstract:A key concern in modern distributed systems is to avoid the cost of coordination while maintaining consistent semantics. Until recently, there was no answer to the question of when coordination is actually required. In this paper we present an informal introduction to the CALM Theorem, which answers this question precisely by moving up from traditional storage consistency to consider properties of programs. CALM is an acronym for "consistency as logical monotonicity". The CALM Theorem shows that the programs that have consistent, coordination-free distributed implementations are exactly the programs that can be expressed in monotonic logic. This theoretical result has practical implications for developers of distributed applications. We show how CALM provides a constructive application-level counterpart to conventional "systems" wisdom, such as the apparently negative results of the CAP Theorem. We also discuss ways that monotonic thinking can influence distributed systems design, and how new programming language designs and tools can help developers write consistent, coordination-free code.

Distributed, Parallel, and Cluster Computing,Databases,Programming Languages,Software Engineering

Alex Wolf,Marco Edoardo Palma,Pasquale Salza,Harald C. Gall

DOI: https://doi.org/10.48550/arXiv.2402.13792

2024-02-21

Abstract:Verifying the execution of a program is complicated and often limited by the inability to validate the code's correctness. It is a crucial aspect of scientific research, where it is needed to ensure the reproducibility and validity of experimental results. Similarly, in customer software testing, it is difficult for customers to verify that their specific program version was tested or executed at all. Existing state-of-the-art solutions, such as hardware-based approaches, constraint solvers, and verifiable computation systems, do not provide definitive proof of execution, which hinders reliable testing and analysis of program results. In this paper, we propose an innovative approach that combines a prototype programming language called Mona with a certification protocol OCCP to enable the distributed and decentralized re-execution of program segments. Our protocol allows for certification of program segments in a distributed, immutable, and trustworthy system without the need for naive re-execution, resulting in significant improvements in terms of time and computational resources used. We also explore the use of blockchain technology to manage the protocol workflow following other approaches in this space. Our approach offers a promising solution to the challenges of program execution verification and opens up opportunities for further research and development in this area. Our findings demonstrate the efficiency of our approach in reducing the number of program executions compared to existing state-of-the-art methods, thus improving the efficiency of certifying program executions.

Software Engineering

Xingkai Wang,Zhenfu Cao,Zhen Liu,Kaitai Liang

DOI: https://doi.org/10.1109/tdsc.2024.3449770

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Gordon et al. systematically studied the Universally Composable (UC) security of Multi-client Verifiable Computation (MVC), in which a set of computationally-weak clients delegate the computation of a general function to an untrusted server based on their private inputs, and proposed a UC-secure scheme ensuring that the protocol remains secure even when arbitrarily composed with other UC-secure instances. However, this scheme imposed a significant computational overhead on clients due to the utilization of fully homomorphic encryption, and the plaintext size scaled linearly with function input size. In this work, we present MVOC, a more efficient UC-secure MVC protocol, that significantly reduces the amortized overhead for clients in both semi-honest and malicious settings, by delegating a larger portion of the computation to the server. We enable clients to verify the garbled circuit before entering the online phase, ensuring security against malicious clients without incurring heavy overhead of compiling a semi-honest protocol into a malicious one. We present the detailed proof and analyze the theoretical complexity of MVOC. Furthermore, we implement our protocol and evaluate the performance, and the results demonstrate that the computation and communication overheads during the input phase can be decreased by at least 95.55% and 87.17%, respectively.

Hongjin Liang,Xinyu Feng

DOI: https://doi.org/10.1561/2500000041

2020-01-01

Abstract:Implementations of concurrent objects should guarantee linearizability and a progress property such as wait-freedom, lock-freedom, starvation-freedom, or deadlock-freedom. These progress properties describe conditions under which a method call is guaranteed to complete. However, they fail to describe how clients are affected, making it difficult to utilize them in layered and modular program verification. Also we lack verification techniques for starvation-free or deadlock-free objects. They are challenging to verify because the fairness assumption introduces complicated interdependencies among progress of threads. Even worse, none of the existing results applies to concurrent objects with partial methods, i.e., methods that are supposed not to return under certain circumstances. A typical example is the lock_acquire method, which must not return when the lock has already been acquired. In this tutorial we examine the progress properties of concurrent objects. We formulate each progress property (together with linearizability as a basic correctness requirement) in terms of contextual refinement. This essentially gives us progress-aware abstraction for concurrent objects. Thus, when verifying clients of the objects, we can soundly replace the concrete object implementations with their abstractions, achieving modular verification. For concurrent objects with partial methods, we formulate two new progress properties, partial starvation-freedom (PSF) and partial deadlock-freedom (PDF). We also design four patterns to write abstractions for PSF or PDF objects under strongly or weakly fair scheduling, so that these objects contextually refine their abstractions. Finally, we introduce a rely-guarantee style program logic LiLi for verifying linearizability and progress together for concurrent objects. It unifies thread-modular reasoning about all the six progress properties (wait-freedom, lock-freedom, starvation-freedom, deadlock-freedom, PSF and PDF) in one framework. We have successfully applied LiLi to verify starvation-freedom or deadlock-freedom of representative algorithms such as lock-coupling lists, optimistic lists and lazy lists, and PSF or PDF of lock algorithms.

Eduard Kamburjan,Nathan Wasser

DOI: https://doi.org/10.4204/EPTCS.365.1

2022-08-09

Abstract:We present a novel and well automatable approach to formal verification of C programs with underspecified semantics, i.e., a language semantics that leaves open the order of certain evaluations. First, we reduce this problem to non-determinism of concurrent systems, automatically extracting a distributed Active Object model from underspecified, sequential C code. This translation process provides a fully formal semantics for the considered C subset. In the extracted model every non-deterministic choice corresponds to one possible evaluation order. This step also automatically translates specifications in the ANSI/ISO C Specification Language (ACSL) into method contracts and object invariants for Active Objects. We then perform verification on the specified Active Objects model, using the Crowbar theorem prover, which verifies the extracted model with respect to the translated specification and ensures the original property of the C code for all possible evaluation orders. By using model extraction, we can use standard tools, without designing a new complex program logic to deal with underspecification. The case study used is highly underspecified and cannot be handled correctly by existing tools for C.

Programming Languages

Steven Cao,Swanand Kadhe,Kannan Ramchandran

DOI: https://doi.org/10.48550/arXiv.2010.00217

2020-10-01

Abstract:Validating a blockchain incurs heavy computation, communication, and storage costs. As a result, clients with limited resources, called light nodes, cannot verify transactions independently and must trust full nodes, making them vulnerable to security attacks. Motivated by this problem, we ask a fundamental question: can light nodes securely validate without any full nodes? We answer affirmatively by proposing CoVer, a decentralized protocol that allows a group of light nodes to collaboratively verify blocks even under a dishonest majority, achieving the same level of security for block validation as full nodes while only requiring a fraction of the work. In particular, work per node scales down proportionally with the number of participants (up to a log factor), resulting in computation, communication, and storage requirements that are sublinear in block size. Our main contributions are light-node-only protocols for fraud proofs and data availability.

Cryptography and Security

Louis Cheung,Liam O'Connor,Christine Rizkallah

DOI: https://doi.org/10.1145/3497775.3503686

2021-12-21

Abstract:Cogent is a restricted functional language designed to reduce the cost of developing verified systems code. Because of its sometimes-onerous restrictions, such as the lack of support for recursion and its strict uniqueness type system, Cogent provides an escape hatch in the form of a foreign function interface (FFI) to C code. This poses a problem when verifying Cogent programs, as imported C components do not enjoy the same level of static guarantees that Cogent does. Previous verification of file systems implemented in Cogent merely assumed that their C components were correct and that they preserved the invariants of Cogent's type system. In this paper, we instead prove such obligations. We demonstrate how they smoothly compose with existing Cogent theorems, and result in a correctness theorem of the overall Cogent-C system. The Cogent FFI constraints ensure that key invariants of Cogent's type system are maintained even when calling C code. We verify reusable higher-order and polymorphic functions including a generic loop combinator and array iterators and demonstrate their application to several examples including binary search and the BilbyFs file system. We demonstrate the feasibility of verification of mixed Cogent-C systems, and provide some insight into verification of software comprised of code in multiple languages with differing levels of static guarantees.

Programming Languages

Sepideh Avizheh,Mahmudun Nabi,Reihaneh Safavi-Naini

DOI: https://doi.org/10.1109/tdsc.2024.3372848

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Outsourcing computation enables a weak client to expand its computational power as the need arises. A basic requirement of outsourcing computation is the guarantee that the computation result is correct. Cryptographic solutions that provide verifiability for the computation result when the computation is outsourced to a single server, are complex and fragile. We consider the intuitive approach of verifiable computation, called verifiable computation by replication, when the computation is replicated on multiple servers, and a referee decides the result of the final computation using the outputs of all servers. We consider the case when a smart contact is used as the referee. We propose a security model in the Universal Composability (UC) framework of Canetti, and design a 2-server and an n-server protocol with proved security in our model. Our protocols build on the Refereed Delegation of Computation (RDoC) framework of Canetti, Riva, and Rothblum, underline the challenges of using a smart contract as a referee, and address those challenges in the designed protocols. We give the efficiency analysis of the protocols, provide a proof of concept implementation for our protocols using Ethereum smart contact, and give concrete cost values for an example computation.

computer science, information systems, software engineering, hardware & architecture

Lingling Xu,Shaohua Tang

DOI: https://doi.org/10.1007/s11227-013-1039-z

IF: 3.3

2013-01-01

The Journal of Supercomputing

Abstract:With the tremendous growth of cloud computing, verifiable computation has been firstly formalized by Gennaro et al. and then studied widely to provide integrity guarantees in the outsourced computation. However, existing verifiable computation protocols either work in the secret key setting or in the public key setting, namely, work either for single client or for all clients, which rules out some practical applications with access control policies. In this paper, we introduce and formalize the notion of verifiable computation with access control (AC-VC), in which only the computationally weak clients with necessary access control permissions can be allowed by a trusted source to apply the outsourced computation of a function to a server. We present a formal security definition and a proved secure black-box construction for AC-VC. This construction is built based on any verifiable computation in the secret key model and ciphertext-policy attribute-based encryption (CP-ABE). The access control policies that our AC-VC can realize depend on that realized in the based CP-ABE.

Sang-Min Choi,Jiho Park,Quan Nguyen,Andre Cronje,Kiyoung Jang,Hyunjoon Cheon,Yo-Sub Han,Byung-Ik Ahn

DOI: https://doi.org/10.48550/arXiv.1810.02186

2018-10-04

Abstract:This paper introduces a new family of consensus protocols, namely \emph{Lachesis-class} denoted by $\mathcal{L}$, for distributed networks with guaranteed Byzantine fault tolerance. Each Lachesis protocol $L$ in $\mathcal{L}$ has complete asynchrony, is leaderless, has no round robin, no proof-of-work, and has eventual consensus. The core concept of our technology is the \emph{OPERA chain}, generated by the Lachesis protocol. In the most general form, each node in Lachesis has a set of $k$ neighbours of most preference. When receiving transactions a node creates and shares an event block with all neighbours. Each event block is signed by the hashes of the creating node and its $k$ peers. The OPERA chain of the event blocks is a Directed Acyclic Graph (DAG); it guarantees practical Byzantine fault tolerance (pBFT). Our framework is then presented using Lamport timestamps and concurrent common knowledge. Further, we present an example of Lachesis consensus protocol $L_0$ of our framework. Our $L_0$ protocol can reach consensus upon 2/3 of all participants' agreement to an event block without any additional communication overhead. $L_0$ protocol relies on a cost function to identify $k$ peers and to generate the DAG-based OPERA chain. By creating a binary flag table that stores connection information and share information between blocks, Lachesis achieves consensus in fewer steps than pBFT protocol for consensus.

Distributed, Parallel, and Cluster Computing

Masato Takeichi

2024-09-16

Abstract:We introduce Coordination-free Collaborative Replication (CCR), a new method for maintaining consistency across replicas in distributed systems without requiring explicit coordination messages. CCR automates conflict resolution, contrasting with traditional Data-sharing systems that typically involve centralized update management or predefined consistency rules. Operational Transformation (OT), commonly used in collaborative editing, ensures consistency by transforming operations while maintaining document integrity across replicas. However, OT assumes server-based coordination, which is unsuitable for modern, decentralized Peer-to-Peer (P2P) systems. Conflict-free Replicated Data Type (CRDT), like Two-Phase Sets (2P-Sets), guarantees eventual consistency by allowing commutative and associative operations but often result in counterintuitive behaviors, such as failing to re-add an item to a shopping cart once removed. In contrast, CCR employs a more intuitive approach to replication. It allows for straightforward updates and conflict resolution based on the current data state, enhancing clarity and usability compared to CRDTs. Furthermore, CCR addresses inefficiencies in messaging by developing a versatile protocol based on data stream confluence, thus providing a more efficient and practical solution for collaborative data sharing in distributed systems.

Distributed, Parallel, and Cluster Computing,Programming Languages

Xiaokun Luan,Meng Sun

DOI: https://doi.org/10.1109/qrs-c55045.2021.00100

2021-01-01

Abstract:Blockchain has been prospering for the last decade. Despite the tremendous success of block chain, it is still vulnerable due to the complexity of distributed execution environment. Malicious attacks that exploit these vulnerabilities can lead to serious losses. Common Knowledge Base (CKB) is a public permissionless blockchain and the base layer of N ervos Network, which is gaining popularity in recent years. It adopts a novel con-sensus protocol to overcome two shortcomings of Bitcoin: the low transaction processing throughput and the vulnerability to selfish mining attacks. Considering the high-security requirements in CKB application scenarios, it is essential to provide formalization and verification of the safety and security properties of the CKB blockchain. In this paper, we provide a formal model of CKB consensus protocol in the theorem prover Coq. Fundamental components of the protocol are implemented, including the block structure, the two-step transaction confirmation mechanism, and the peer-to-peer asynchronous network. We also use Coq to establish the quiescent consistency property of the consensus protocol, which is a kind of eventual consensus that all the participants agree on the same ledger when there are no inflight messages.

Antonio Fernández Anta,Chryssis Georgiou,Nicolas Nicolaou,Antonio Russo

DOI: https://doi.org/10.48550/arXiv.2205.13448

2022-05-26

Abstract:Guaranteeing the validity of concurrent operations on distributed objects is a key property for ensuring reliability and consistency in distributed systems. Usually, the methods for validating these operations, if present, are wired in the object implementation. In this work, we formalize the notion of a {\em validated object}, decoupling the object operations and properties from the validation procedure. We consider two types of objects, satisfying different levels of consistency: the validated {\em totally-ordered} object, offering a total ordering of its operations, and its weaker variant, the validated {\em regular} object. We provide conditions under which it is possible to implement these objects. In particular, we show that crash-tolerant implementations of validated regular objects are always possible in an asynchronous system with a majority of correct processes. However, for validated totally-ordered objects, consensus is always required if a property of the object we introduce in this work, {\em persistent validity,} does not hold. Persistent validity combined with another new property, {\em persistent execution}, allows consensus-free crash-tolerant implementations of validated totally-ordered objects. We demonstrate the utility of validated objects by considering several applications conforming to our formalism.

Distributed, Parallel, and Cluster Computing

Kevin De Porre,Carla Ferreira,Elisa Gonzalez Boix

DOI: https://doi.org/10.48550/arXiv.2207.02502

2022-07-06

Abstract:Distributed systems adopt weak consistency to ensure high availability and low latency, but state convergence is hard to guarantee due to conflicts. Experts carefully design replicated data types (RDTs) that resemble sequential data types and embed conflict resolution mechanisms that ensure convergence. Designing RDTs is challenging as their correctness depends on subtleties such as the ordering of concurrent operations. Currently, researchers manually verify RDTs, either by paper proofs or using proof assistants. Unfortunately, paper proofs are subject to reasoning flaws and mechanized proofs verify a formalisation instead of a real-world implementation. Furthermore, writing mechanized proofs is reserved to verification experts and is extremely time consuming. To simplify the design, implementation, and verification of RDTs, we propose VeriFx, a high-level programming language with automated proof capabilities. VeriFx lets programmers implement RDTs atop functional collections and express correctness properties that are verified automatically. Verified RDTs can be transpiled to mainstream languages (currently Scala or JavaScript). VeriFx also provides libraries for implementing and verifying Conflict-free Replicated Data Types (CRDTs) and Operational Transformation (OT) functions. These libraries implement the general execution model of those approaches and define their correctness properties. We use the libraries to implement and verify an extensive portfolio of 35 CRDTs and reproduce a study on the correctness of OT functions.

Programming Languages,Distributed, Parallel, and Cluster Computing

Armando Castañeda,Gilde Valeria Rodríguez

DOI: https://doi.org/10.48550/arXiv.2301.02638

2023-05-02

Abstract:This paper studies the problem of verifying linearizability at runtime, where one seeks for a concurrent algorithm for verifying that the current execution of a given concurrent shared object implementation is linearizable. It shows that it is impossible to runtime verify linearizability for some common sequential objects, regardless of the consensus power of base objects. Then, it argues that actually a stronger version of the problem can be solved, if linearizability is verified indirectly. Namely, it shows that (1) linearizability of a class of concurrent implementations can be strongly verified using only read/write base objects (i.e. without the need of consensus), and (2) any implementation can be transformed to its counterpart in the class (which implements the same object) using only read/write objects too. As far as we know, this is the first runtime verification algorithm for any correctness condition that is fully asynchronous and fault-tolerant. As a by-product, a simple and generic methodology for deriving self-enforced linearizable implementations is obtained. This type implementations produce outputs that are guaranteed linearizable, and are able to produce a certificate of it, which allows the design of concurrent systems in a modular manner with accountable and forensic guarantees. These results hold not only for linearizability but for a correctness condition that includes generalizations of it such as set-linearizability and interval-linearizability.

Distributed, Parallel, and Cluster Computing

Hiu Long Lee,Man Ho Allen Au,Shi-Feng Sun

DOI: https://doi.org/10.1109/Blockchain60715.2023.00045

2023-01-01

Abstract:Outsourcing computation has emerged as a highly appealing service for companies seeking cost-effective alternative to perform on-premises expensive computational tasks. However, the conventional payment protocols employed by service providers and clients exhibit certain drawbacks, including inherent unfairness and reliance on a trusted third party. Furthermore, these protocols often assume the service providers are honest and will return valid results, which may not be a realistic assumption in practice. Additionally, conventional outsourcing computation fails to adequately address data confidentiality concerns, thereby giving rise to privacy issues. To address these challenges, this paper proposes a trustless fair payment protocol for verifiable confidential outsourced computation by leveraging blockchain technology and cryptography. It then provides an instantiation with efficiency optimizations. Lastly, it highlights limitations of the protocol and suggests potential directions for future work. The proposed protocol can remove the need of trusts between outsourcing computation service providers and their clients and achieve fairness. It provides assurance that results were computed correctly in a privacy -preserving manner, instilling confidence in clients.