Jian Liu,Wenting Li,Ghassan O. Karame,N. Asokan

DOI: https://doi.org/10.1109/tc.2018.2860009

IF: 3.183

2019-01-01

IEEE Transactions on Computers

Abstract:The surging interest in blockchain technology has revitalized the search for effective Byzantine consensus schemes. In particular, the blockchain community has been looking for ways to effectively integrate traditional Byzantine fault-tolerant (BFT) protocols into a blockchain consensus layer allowing various financial institutions to securely agree on the order of transactions. However, existing BFT protocols can only scale to tens of nodes due to their $O(n^2)$ message complexity. In this paper, we propose FastBFT, a fast and scalable BFT protocol. At the heart of FastBFT is a novel message aggregation technique that combines hardware-based trusted execution environments (TEEs) with lightweight secret sharing. Combining this technique with several other optimizations (i.e., optimistic execution, tree topology and failure detection), FastBFT achieves low latency and high throughput even for large scale networks. Via systematic analysis and experiments, we demonstrate that FastBFT has better scalability and performance than previous BFT protocols.

Dahlia Malkhi,Kartik Nayak,Ling Ren

DOI: https://doi.org/10.48550/arXiv.1904.10067

2019-05-31

Abstract:This paper introduces Flexible BFT, a new approach for BFT consensus solution design revolving around two pillars, stronger resilience and diversity. The first pillar, stronger resilience, involves a new fault model called alive-but-corrupt faults. Alive-but-corrupt replicas may arbitrarily deviate from the protocol in an attempt to break safety of the protocol. However, if they cannot break safety, they will not try to prevent liveness of the protocol. Combining alive-but-corrupt faults into the model, Flexible BFT is resilient to higher corruption levels than possible in a pure Byzantine fault model. The second pillar, diversity, designs consensus solutions whose protocol transcript is used to draw different commit decisions under diverse beliefs. With this separation, the same Flexible BFT solution supports synchronous and asynchronous beliefs, as well as varying resilience threshold combinations of Byzantine and alive-but-corrupt faults. At a technical level, Flexible BFT achieves the above results using two new ideas. First, it introduces a synchronous BFT protocol in which only the commit step requires to know the network delay bound and thus replicas execute the protocol without any synchrony assumption. Second, it introduces a notion called Flexible Byzantine Quorums by dissecting the roles of different quorums in existing consensus protocols.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Miguel Castro,Barbara Liskov

DOI: https://doi.org/10.1145/571637.571640

2002-11-01

ACM Transactions on Computer Systems

Abstract:Our growing reliance on online services accessible on the Internet demands highly available systems that provide correct service without interruptions. Software bugs, operator mistakes, and malicious attacks are a major cause of service interruptions and they can cause arbitrary behavior, that is, Byzantine faults. This article describes a new replication algorithm, BFT, that can be used to build highly available systems that tolerate Byzantine faults. BFT can be used in practice to implement real services: it performs well, it is safe in asynchronous environments such as the Internet, it incorporates mechanisms to defend against Byzantine-faulty clients, and it recovers replicas proactively. The recovery mechanism allows the algorithm to tolerate any number of faults over the lifetime of the system provided fewer than 1/3 of the replicas become faulty within a small window of vulnerability. BFT has been implemented as a generic program library with a simple interface. We used the library to implement the first Byzantine-fault-tolerant NFS file system, BFS. The BFT library and BFS perform well because the library incorporates several important optimizations, the most important of which is the use of symmetric cryptography to authenticate messages. The performance results show that BFS performs 2% faster to 24% slower than production implementations of the NFS protocol that are not replicated. This supports our claim that the BFT library can be used to build practical systems that tolerate Byzantine faults.

computer science, theory & methods

Ines Messadi,Markus Horst Becker,Kai Bleeke,Leander Jehl,Sonia Ben Mokhtar,Rüdiger Kapitza

DOI: https://doi.org/10.48550/arXiv.2205.08938

2022-05-25

Abstract:Byzantine fault-tolerant agreement (BFT) in a partially synchronous system usually requires 3f + 1 nodes to tolerate f faulty replicas. Due to their high throughput and finality property BFT algorithms build the core of recent permissioned blockchains. As a complex and resource-demanding infrastructure, multiple cloud providers have started offering Blockchain-as-a-Service. This eases the deployment of permissioned blockchains but places the cloud provider in a central controlling position, thereby questioning blockchains' fault tolerance and decentralization properties and their underlying BFT algorithm. This paper presents SplitBFT, a new way to utilize trusted execution technology (TEEs), such as Intel SGX, to harden the safety and confidentiality guarantees of BFT systems thereby strengthening the trust in could-based deployments of permissioned blockchains. Deviating from standard assumptions, SplitBFT acknowledges that code protected by trusted execution may fail. We address this by splitting and isolating the core logic of BFT protocols into multiple compartments resulting in a more resilient architecture. We apply SplitBFT to the traditional practical byzantine fault tolerance algorithm (PBFT) and evaluate it using SGX. Our results show that SplitBFT adds only a reasonable overhead compared to the non-compartmentalized variant.

Distributed, Parallel, and Cluster Computing

Xiao Sui,Sisi Duan,Haibin Zhang

DOI: https://doi.org/10.1109/tifs.2023.3318943

IF: 7.231

2024-01-01

IEEE Transactions on Information Forensics and Security

Abstract:We provide an expressive framework that allows analyzing and generating provably secure, state-of-the-art Byzantine fault-tolerant (BFT) protocols over graph of nodes, a notion formalized in the HotStuff protocol. Our framework is hierarchical, including three layers. The top layer is used to model the message pattern and abstract core functions on which BFT algorithms can be built. The intermediate layer provides the core functions with high-level properties sufficient to prove the security of the top-layer algorithms. The bottom layer presents operational realizations for the core functions. Using our framework, designing a BFT protocol is reduced to instantiating two core functions together with their specific properties. Unlike prior BFT frameworks, our framework can analyze and recast BFT protocols in an exceedingly fine-grained manner. More importantly, our framework can readily generate new BFT protocols. In this paper, we show that the framework allows us to fully specify and formally prove the security for a family of BFT protocols, including known protocols such as HotStuff, Fast-HotStuff, and SBFT. Additionally, we show that our framework can generate four new protocols outperforming existing ones, including 1) two protocols with $5f+1$ replicas achieving optimal message complexity; 2) the first BFT protocol achieving optimal message complexity with $4f+1$ replicas; and 3) a two-phase protocol with $3f+1$ replicas achieving linear authenticator complexity in the fast path.

Ittai Abraham,Kartik Nayak,Ling Ren,Zhuolun Xiang

DOI: https://doi.org/10.48550/arXiv.2102.07932

2022-04-30

Abstract:Byzantine fault-tolerant (BFT) state machine replication (SMR) has been studied for over 30 years. Recently it has received more attention due to its application in permissioned blockchain systems. A sequence of research efforts focuses on improving the commit latency of the SMR protocol in the common good case, including PBFT with $3$-round latency and $n\geq 3f+1$ and FaB with $2$-round latency and $n\geq 5f+1$. In this paper, we propose an authenticated protocol that solves $2$-round BFT SMR with only $n\geq 5f-1$ replicas, which refutes the optimal resiliency claim made in FaB for needing $n \geq 5f+1$ for $2$-round PBFT-style BFT protocols. For the special case when $f=1$, our protocol needs only $4$ replicas, and strictly improves PBFT by reducing the latency by one round (even when one backup is faulty).

Distributed, Parallel, and Cluster Computing,Cryptography and Security

Yongge Wang

DOI: https://doi.org/10.1145/3538227

2022-09-09

Abstract:The problem of Byzantine Fault Tolerance (BFT) has received a lot of attention in the last 30 years. Due to the popularity of Proof of Stake (PoS) blockchains in recent years, several BFT protocols have been deployed in the large scale of Internet environment. We analyze several popular BFT protocols such as Capser FFG/CBC-FBC for Ethereum 2.0 and GRANDPA for Polkadot. Our analysis shows that the security models for these BFT protocols are slightly different from the models commonly accepted in the academic literature. For example, we show that, if the adversary has a full control of the message delivery order in the underlying network, then none of the BFT protocols for Ethereum blockchain 2.0 and Polkadot blockchain could achieve liveness even in a synchronized network. Though it is not clear whether a practical adversary could

James R. Clavin,Yue Huang,Xin Wang,Pradeep M. Prakash,Sisi Duan,Jianwu Wang,Sean Peisert

DOI: https://doi.org/10.1109/icpads53394.2021.00030

2021-01-01

Abstract:We present a framework for evaluating the performance of Byzantine fault-tolerant (BFT) protocols theoretically. Our motivation is to identify protocols suitable for a particular power grid application. In this application, replicas are located in a LAN network where latency is the priority. To fully understand the performance of BFT, we provide a generic approach that quantifies the performance o...

Nikos Chondros,Konstantinos Kokordelis,Mema Roussopoulos

DOI: https://doi.org/10.48550/arXiv.1110.4854

2011-10-22

Abstract:Byzantine Fault Tolerant (BFT) systems are considered by the systems research community to be state of the art with regards to providing reliability in distributed systems. BFT systems provide safety and liveness guarantees with reasonable assumptions, amongst a set of nodes where at most f nodes display arbitrarily incorrect behaviors, known as Byzantine faults. Despite this, BFT systems are still rarely used in practice. In this paper we describe our experience, from an application developer's perspective, trying to leverage the publicly available and highly-tuned PBFT middleware (by Castro and Liskov), to provide provable reliability guarantees for an electronic voting application with high security and robustness needs. We describe several obstacles we encountered and drawbacks we identified in the PBFT approach. These include some that we tackled, such as lack of support for dynamic client management and leaving state management completely up to the application. Others still remaining include the lack of robust handling of non-determinism, lack of support for web-based applications, lack of support for stronger cryptographic primitives, and others. We find that, while many of the obstacles could be overcome with a revised BFT middleware implementation that is tuned specifically for the needs of the particular application, they require significant engineering effort and time and their performance implications for the end-application are unclear. An application developer is thus unlikely to be willing to invest the time and effort to do so to leverage the BFT approach. We conclude that the research community needs to focus on the usability of BFT algorithms for real world applications, from the end-developer perspective, in addition to continuing to improve the BFT middleware performance, robustness and deployment layouts.

Distributed, Parallel, and Cluster Computing

Balaji Arun,Binoy Ravindran

DOI: https://doi.org/10.48550/arXiv.2202.13408

2022-02-28

Abstract:Byzantine consensus is a critical component in many permissioned Blockchains and distributed ledgers. We propose a new paradigm for designing BFT protocols called DQBFT that addresses three major performance and scalability challenges that plague past protocols: (i) high communication costs to reach geo-distributed agreement, (ii) uneven resource utilization hampering performance, and (iii) performance degradation under varying node and network conditions and high-contention workloads. Specifically, DQBFT divides consensus into two parts: 1) durable command replication without a global order, and 2) consistent global ordering of commands across all replicas. DQBFT achieves this by decentralizing the heavy task of replicating commands while centralizing the ordering process. Under the new paradigm, we develop a new protocol, Destiny that uses a combination of three techniques to achieve high performance and scalability: using a trusted subsystem to decrease consensus's quorum size, using threshold signatures to attain linear communication costs, reducing client communication. Our evaluations on 300-replica geo-distributed deployment reveal that DQBFT protocols achieve significant performance gains over prior art: $\approx$3x better throughput and $\approx$50\% better latency.

Distributed, Parallel, and Cluster Computing,Databases

Diogo S. Antunes,Afonso N. Oliveira,André Breda,Matheus Guilherme Franco,Henrique Moniz,Rodrigo Rodrigues

2024-07-14

Abstract:Traditional Byzantine Fault Tolerance (BFT) state machine replication protocols assume a partial synchrony model, leading to a design where a leader replica drives the protocol and is replaced after a timeout. Recently, we witnessed a surge of asynchronous BFT protocols, which use randomization to remove the need for bounds on message delivery times, making them more resilient to adverse network conditions. However, existing research proposals still fall short of gaining practical adoption, plausibly because they are not able to combine good performance with a simple design that can be readily understood and adopted. In this paper, we present Alea-BFT, a simple and highly efficient asynchronous BFT protocol, which is gaining practical adoption, namely in Ethereum distributed validators. Alea-BFT brings the key design insight from classical protocols of concentrating part of the work on a single designated replica and incorporates this principle in a simple two-stage pipelined design, with an efficient broadcast led by the designated replica, followed by an inexpensive binary agreement. The evaluation of our research prototype implementation and two real-world integrations in cryptocurrency ecosystems shows excellent performance, improving on the fastest protocol (Dumbo-NG) in terms of latency and displaying good performance under faults.

Distributed, Parallel, and Cluster Computing

Dongxu Zhu,Yepeng Guan

DOI: https://doi.org/10.1016/j.eswa.2024.125102

IF: 8.5

2024-08-19

Expert Systems with Applications

Abstract:With the substantial increase in permissioned blockchain applications, various application scenarios for Byzantine Fault Tolerance (BFT) protocols are emerging. However, due to the inherent complexity of BFT, the performance improvement of BFT protocols in one aspect generally comes at the expense of degradation in others. The contradiction between the diverse requirements and the inherent characteristics of BFT makes it challenging for traditional BFT protocols to effectively address the requirements of different scenarios in practice, and the rising number of protocols and implementations often overwhelm practitioners. To propose a solution to this dilemma and improve the adaptability and effectiveness of BFT protocols in different scenarios, a novel Modular Byzantine Fault Tolerance protocol (MBFT) has been proposed, whose core idea is to utilizes modular methods to quickly and flexibly construct satisfactory BFT protocols that meet the requirements of specific scenarios. MBFT deconstructs the single-layer leader-based BFT protocol into three independent phases and provides two typical modules with different characteristics for each phase. By combining different modules, BFT protocols with different characteristics and guarantee safety, liveness and even Byzantine democracy can be obtained. The safety, liveness and Byzantine democracy of MBFT are theoretically proved, the fault resistance capability of MBFT and the relationship between the level of cluster clock synchronization and Byzantine democracy are analyzed. Extensive experimental results highlight that MBFT has high adaptability and excellent performance compared with some state-of-the-art protocols.

computer science, artificial intelligence,engineering, electrical & electronic,operations research & management science

Sisi Duan,Hein Meling,Sean Peisert,Haibin Zhang

DOI: https://doi.org/10.1007/978-3-319-14472-6_7

2014-01-01

Abstract:In this paper, we describe the design and implementation of BChain, a Byzantine fault-tolerant state machine replication protocol, which performs comparably to other modern protocols in fault-free cases, but in the face of failures can also quickly recover its steady state performance. Building on chain replication, BChain achieves high throughput and low latency under high client load. At the core of BChain is an efficient Byzantine failure detection mechanism called re-chaining, where faulty replicas are placed out of harm’s way at the end of the chain, until they can be replaced. Our experimental evaluation confirms our performance expectations for both fault-free and failure scenarios. We also use BChain to implement an NFS service, and show that its performance overhead, with and without failures, is low, both compared to unreplicated NFS and other BFT implementations.

Sisi Duan,Karl Levitt,Hein Meling,Sean Peisert,Haibin Zhang

DOI: https://doi.org/10.1109/srds.2014.28

2014-01-01

Abstract:Building robust network services that can withstand a wide range of failure types is a fundamental problem in distributed systems. The most general approach, called Byzantine fault tolerance, can mask arbitrary failures. Yet it is often considered too costly to deploy in practice, and many solutions are not resilient to performance attacks. To address this concern we leverage two key technologies already widely deployed in cloud computing infrastructures: replicated state machines and intrusion detection systems. First, we have designed a general framework for constructing Byzantine failure detectors based on an intrusion detection system. Based on such a failure detector, we have designed and built a practical Byzantine fault-tolerant protocol, which has costs comparable to crash-resilient protocols like Paxos. More importantly, our protocol is particularly robust against several key attacks such as flooding attacks, timing attacks, and fairness attacks, that are typically not handled well by Byzantine fault masking procedures.

Kai Lei,Qichao Zhang,Limei Xu,Zhuyun Qi

DOI: https://doi.org/10.1109/padsw.2018.8644933

2018-01-01

Abstract:The Practical Byzantine Fault Tolerance algorithm (PBFT)has been highly applied in consortium blockchain systems, however, this kind of consensus algorithm can hardly identify and remove faulty nodes in time, and also vulnerable to many attacks against the primary node of PBFT. The equality of consortium members' discourse rights is inapplicable to some real scenarios where dominating members are likely to have a larger discourse rights in the voting process. To address these problems, this paper presents Reputation-based Byzantine Fault Tolerance (RBFT)algorithm that incorporates a reputation model to evaluate the operations of each node in the consensus process. The faulty nodes will get lower discourse rights in the voting process if any malicious behavior is detected, with their reputation decreased. Furthermore, this paper presents an innovative reputation-based primary change scheme. The node with higher reputation obtains greater opportunities to be a primary to generate new valid blocks, which reduces the security risk of the primary. The experimental results demonstrate that RBFT gains better performance and ensures system security and reliability. Compared with PBFT, it increases the average throughput by 15% and reduces delay by 10%, and the faulty node rate of the system can continue to decrease over time.

Xiuqun Wang,Honglun Hou,Yueting Zhuang

DOI: https://doi.org/10.1109/IMSCCS.2006.264

2006-01-01

Abstract:LDAP is a set of protocols for accessing information directories which provides data integrity and authentication. It takes attacks on clients, Internet and benign attacks on servers into account. But the malicious attacks on servers and software errors are rarely involved. In this paper, a secure aware Byzantine fault tolerant LDAP system is proposed, which can tolerate malicious faults occurred in the servers. By using a new Byzantine-fault-tolerant algorithm, the proposed LDAP system guarantees safety and liveness properties assuming no more than f replicas are faulty while it consists of 3f+1 tightly coupled servers. For the series of optimization, the system not only provides a much higher degree of security and reliability but also is practical

Neil Giridharan,Florian Suri-Payer,Ittai Abraham,Lorenzo Alvisi,Natacha Crooks

2024-10-23

Abstract:Today's practical, high performance Byzantine Fault Tolerant (BFT) consensus protocols operate in the partial synchrony model. However, existing protocols are inefficient when deployments are indeed partially synchronous. They deliver either low latency during fault-free, synchronous periods (good intervals) or robust recovery from events that interrupt progress (blips). At one end, traditional, view-based BFT protocols optimize for latency during good intervals, but, when blips occur, can suffer from performance degradation (hangovers) that can last beyond the return of a good interval. At the other end, modern DAG-based BFT protocols recover more gracefully from blips, but exhibit lackluster latency during good intervals. To close the gap, this work presents Autobahn, a novel high-throughput BFT protocol that offers both low latency and seamless recovery from blips. By combining a highly parallel asynchronous data dissemination layer with a low-latency, partially synchronous consensus mechanism, Autobahn (i) avoids the hangovers incurred by traditional BFT protocols and (ii) matches the throughput of state of the art DAG-based BFT protocols while cutting their latency in half, matching the latency of traditional BFT protocols.

Distributed, Parallel, and Cluster Computing

Manu Drijvers,Tim Gretler,Yotam Harchol,Tobias Klenze,Ognjen Maric,Stefan Neamtu,Yvonne-Anne Pignolet,Rostislav Rumenov,Daniel Sharifi,Victor Shoup

2024-10-31

Abstract:Byzantine fault tolerant (BFT) protocol descriptions often assume application-layer networking primitives, such as best-effort and reliable broadcast, which are impossible to implement in practice in a Byzantine environment as they require either unbounded buffering of messages or giving up liveness, under certain circumstances. However, many of these protocols do not (or can be modified to not) need such strong networking primitives. In this paper, we define a new, slightly weaker networking primitive that we call abortable broadcast. We describe an implementation of this new primitive and show that it (1) still provides strong delivery guarantees, even in the case of network congestion, link or peer failure, and backpressure, (2) preserves bandwidth, and (3) enforces all data structures to be bounded even in the presence of malicious peers. The latter prevents out-of-memory DoS attacks by malicious peers, an issue often overlooked in the literature. The new primitive and its implementation are not just theoretical. We use them to implement the BFT protocols in the IC (Internet Computer), a publicly available blockchain network that enables replicated execution of general-purpose computation, serving hundreds of thousands of applications and their users.

Networking and Internet Architecture,Distributed, Parallel, and Cluster Computing

Jianhong Li,Qi Chen,Jin Li,Zihan Jiang,Guoyu Yang,Teng Huang,Hongyang Yan,Duncan S. Wong

DOI: https://doi.org/10.1016/j.csi.2024.103855

IF: 3.721

2024-03-24

Computer Standards & Interfaces

Abstract:With the development of blockchain technology, Byzantine Fault Tolerance (BFT) is becoming an important research topic. The rPBFT consensus algorithm was introduced to address a range of shortcomings in the PBFT consensus algorithm, including high communication complexity, limited scalability, and a significant decline in performance when the system reaches approximately 100 nodes. Although rPBFT has been widely applied in the FISCO consortium chain, existing methods fail to ensure fairness in the power distribution among consensus member nodes and fine-grained node classification in rPBFT consensus. This work proposes a rPBFT consensus mechanism based on reputation value evaluation and supervision of consensus members. By implementing hierarchical management of nodes based on their reputation values, malicious nodes are eliminated, and supervision of consensus members is realized. The simulation experiment simulates the decision process of a variety of different nodes and consensus member jury with different proportions of 60%, 80% and 100% judges. The results show that the proposed scheme can dynamically update the node reputation value and classify various nodes. On the premise that the jury judges cast no less than 50% of the verdict votes, the malicious nodes in the consensus members can also be eliminated from the group of consensus member nodes. The scheme proposed in this paper effectively improves the fault tolerance of the rPBFT consensus mechanism, maintains the stability of the consortium chain network and ensures the security of the system.

computer science, software engineering, hardware & architecture

Sisi Duan,Sean Peisert,Karl N. Levitt

DOI: https://doi.org/10.1109/TDSC.2014.2312331

2015-01-01

Abstract:We present hBFT, a hybrid, Byzantine fault-tolerant, replicated state machine protocol with optimal resilience. Under normal circumstances, hBFT uses speculation, i.e., replicas directly adopt the order from the primary and send replies to the clients. As in prior work such as Zyzzyva, when replicas are out of order, clients can detect the inconsistency and help replicas converge on the total ordering. However, we take a different approach than previous work that has four distinct benefits: it requires many fewer cryptographic operations, it moves critical jobs to the clients with no additional costs, faulty clients can be detected and identified, and performance in the presence of client participation will not degrade as long as the primary is correct. The correctness is guaranteed by a three-phase checkpoint subprotocol similar to PBFT, which is tailored to our needs. The protocol is triggered by the primary when a certain number of requests are executed or by clients when they detect an inconsistency.