1 / 34

Multidimensional Approximate agreement in byzantine asynchornous systems

Multidimensional Approximate agreement in byzantine asynchornous systems. Hammurabi Mendes, Maurice Herlihy Presented By: Gil Einziger. Model And assumptions:. A synchronous message passing t – processes that may crush or fail, and even be byzantine. Messages are passed in FIFO order.

hal
Download Presentation

Multidimensional Approximate agreement in byzantine asynchornous systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Multidimensional Approximate agreement in byzantine asynchornous systems Hammurabi Mendes, Maurice Herlihy Presented By: Gil Einziger

  2. Model And assumptions: • Asynchronousmessage passing • t – processes that may crush or fail, and even be byzantine. • Messages are passed in FIFO order. • Reliable delivery and reliable sender identification.

  3. ε –approximate agreement For arbitrary, ε > 0, each process starts with an input value in R. We require all non faulty process to choose outputs: • All outputs are within ε of each other. • The chosen value must be within the range of the non faulty processes. ε ε

  4. ε – vector approximate agreement For arbitrary, ε > 0 and m ≥ 1, each process starts with an input value in Rm. We require all non faulty process to choose outputs: 1. All outputs are within ε of each other. 2. All outputs lie in the convex hull of the inputs of the non faulty processes. ε ε ε 2ε

  5. ε – approximate agreement Multi Dimensional Approximate agreement is different than single dimension. What happens if we simply go over the dimensions one at a time with a regular (single dimension) approximate agreement protocol? Approximate Agree for X! Approximate Agree for Y! ε ε

  6. Template Algorithm ‘Instant recipe for an approximate agreement algorithm. Repeat until converged: • Broadcast* • Trim range of values. • Value  Middle(Range) Another asynchronous algorithm. Remove byzantine influence Converge What is the multi dimension analogue of Trimming the range? We also want to converge to a point in the convex hull of the non faulty processes

  7. Reliable Broadcast prevents byzantine processes from sending different messages to different processes. 0 0 0 p1 p2 (0,0,0,1) middle= 0 0 Single Byzantine process 1 p0 p3 (0,1,1,1) middle = 1 1 1 p4

  8. Witness Technique deals with byzantine processes that are only contacting some of the good processes 0 0 middle= 0 p1 p2 middle= 0 Single Byzantine process p0 p3 middle = 1 1 1

  9. Result of broadcast technique Running both algorithms assures the follows: broadcastp(round r, message m) acceptq(process p, round r, message m) If p and q are nonfaulty processes, then Nonfaulty correctness:q performs acceptq(p, r, m) if and only if p performed broadcastp(r, m) earlier Uniqueness:If q performs acceptq(z, r, m1) and p performs acceptp(z, r, m2), then m1 = m2 Every two processes accept N-t common messages.

  10. Trimming the range In 1 dimension, remove t highest and lowest items. What's the analogue for higher dimension? Let X be a group of points, What is the multi dimensional analogue?

  11. I don’t know who the byzantine is… but the intersection, of all convex hulls is also in the convex hull of all the good processes. Trimming off the range Motivation:

  12. Trimming off the range Other processes may consider me bad… What happens if I also consider myself “bad”? Motivation:

  13. Trimming off the range • More formally we define:

  14. Is there always a safe Zone ? My initial starting point, is the only point I can guarantee is in the convex hull of the good processes. 3 points, 1 byzantine – no safe zone. (d=2)

  15. Conditions for non empty safe zone Let X be a set of messages of the form: For simplicity, we can treat X as a set of points, using the notation C(X). Lemma: Proof: Notice that C contains a restriction of X. The safe zone is the conjunction of all restrictions of X. Process id: Round number: Value

  16. Conditions for non empty safe zone 2 dimensions, x =3, every three intersect. 2 dimensions, x =3, every two intersect. Theorem requires that every 3 intersect. 1 dimension, x =3, every two intersect.

  17. Conditions for non empty safe zone

  18. Conditions for non empty safe zone

  19. Conditions for non empty safe zone Every m+1 restrictions intersects Poly of every m+1 restrictions intersects Polly of all restrictions intersects Helly’s Theorem

  20. Conditions for non empty safe zone Every m+1 restrictions intersects Poly of every m+1 restrictions Intersects Helly’s theorem ensures that all restrictions intersects.

  21. Concrete Algorithm For every coordinate d Repeat until converged: • Broadcast* • Trim (Safe Zone). • Value  Middle(Safe Zone) – (projected to coordinate d)

  22. Correctness proof • We proved that initially if |X|>t(m+1) the safe zone is not empty. • However, every process receives a slight different set of messages, and calculates the safe zone on these messages. My Safe zone, was calculated on different values than yours I Really hope they intersect… V6 V7 V1 V1 V2 V2 V3 V3 V4 V4 V5 V5

  23. Correctness proof V1 V6 V7 V5’ V2 V5 This is my safe zone And this is mine… V3 V4 V6 V7 V1 V1 V2 V2 V3 V3 V4 V4 V5 V5

  24. Correctness proof

  25. Correctness proof

  26. Correctness proof

  27. Correctness proof For process Pj, and coordinate d: Sj(d) is the projection of the safe zone of Pj, in coordinate d. Loj(d) is the smallest point of the safe zone of j, in coordinate d. Hij(d) is the biggest point of the safe zone of j, in coordinate d. vj(d) is the value of process Pj in the current round. For all processes: Max(d) is the maximal value any of the processes have for the safe zone on coordinate d. Min(d) is the minimal value any of the processes have for the safe zone on coordinate d

  28. Correctness proof Lemma 4.9: After each round, the distance between each two processes shrinks to (max(d)-min(d))/2. Consider two processes Pi, Pj, and assume without loss of generality that Pi has a bigger value on coordinate d: vi(d) > vj(d) . and therefore there exist a value :

  29. Lower bound • If there is no safe zone ~ no protocol can be correct. • Example: 3 points, 2 dimensions, 1 byzantine process… Let’s assume that you have a correct algorithm. Where does it converges? I will not expose myself as byzantine, I play nice. I am a good process ! How about here?

  30. Lower bound • If there is no safe zone ~ no protocol can be correct. • Example: 3 points, 2 dimensions, 1 byzantine process… Let’s assume that you have a correct algorithm. Where does it converges? I will not expose myself as byzantine, I play nice. I am a good process ! How about here?

  31. Lower Bound • If the ‘Byzantine’ nature of a process have no manifestation in the protocol it is impossible to distinguish from a good process. Lets call such a byzantine “Silent”. • For every convergence point the algorithm picks when there are no byzantine processes. I can place silent byzantine processes that render the convergence points outside of the convex hull of the good processes.

  32. Lower bound • It is therefore enough to show constructions without safe zones. • Using simplicial structures, we can build for any dimension a group of (m+1) points with no safe zone for a single byzantine. 0

  33. Summary • Multi dimension approximate agreement is different than single dimension. • We can only solve the multi dimension problem when |X|>(m+1)t • The problem cannot be solved for |X|=(m+1)t or smaller. • The safe zone concept captures the nature of the problem, existence of a safe zone ensures convergence. • When there is no safe zone, the problem cannot be solved.

  34. Thank you! Now all the Autobots can converge even when theDeceptions interfere! Thank you humans, we will never forget it!

More Related