350 likes | 498 Vues
Multidimensional Approximate agreement in byzantine asynchornous systems. Hammurabi Mendes, Maurice Herlihy Presented By: Gil Einziger. Model And assumptions:. A synchronous message passing t – processes that may crush or fail, and even be byzantine. Messages are passed in FIFO order.
E N D
Multidimensional Approximate agreement in byzantine asynchornous systems Hammurabi Mendes, Maurice Herlihy Presented By: Gil Einziger
Model And assumptions: • Asynchronousmessage passing • t – processes that may crush or fail, and even be byzantine. • Messages are passed in FIFO order. • Reliable delivery and reliable sender identification.
ε –approximate agreement For arbitrary, ε > 0, each process starts with an input value in R. We require all non faulty process to choose outputs: • All outputs are within ε of each other. • The chosen value must be within the range of the non faulty processes. ε ε
ε – vector approximate agreement For arbitrary, ε > 0 and m ≥ 1, each process starts with an input value in Rm. We require all non faulty process to choose outputs: 1. All outputs are within ε of each other. 2. All outputs lie in the convex hull of the inputs of the non faulty processes. ε ε ε 2ε
ε – approximate agreement Multi Dimensional Approximate agreement is different than single dimension. What happens if we simply go over the dimensions one at a time with a regular (single dimension) approximate agreement protocol? Approximate Agree for X! Approximate Agree for Y! ε ε
Template Algorithm ‘Instant recipe for an approximate agreement algorithm. Repeat until converged: • Broadcast* • Trim range of values. • Value Middle(Range) Another asynchronous algorithm. Remove byzantine influence Converge What is the multi dimension analogue of Trimming the range? We also want to converge to a point in the convex hull of the non faulty processes
Reliable Broadcast prevents byzantine processes from sending different messages to different processes. 0 0 0 p1 p2 (0,0,0,1) middle= 0 0 Single Byzantine process 1 p0 p3 (0,1,1,1) middle = 1 1 1 p4
Witness Technique deals with byzantine processes that are only contacting some of the good processes 0 0 middle= 0 p1 p2 middle= 0 Single Byzantine process p0 p3 middle = 1 1 1
Result of broadcast technique Running both algorithms assures the follows: broadcastp(round r, message m) acceptq(process p, round r, message m) If p and q are nonfaulty processes, then Nonfaulty correctness:q performs acceptq(p, r, m) if and only if p performed broadcastp(r, m) earlier Uniqueness:If q performs acceptq(z, r, m1) and p performs acceptp(z, r, m2), then m1 = m2 Every two processes accept N-t common messages.
Trimming the range In 1 dimension, remove t highest and lowest items. What's the analogue for higher dimension? Let X be a group of points, What is the multi dimensional analogue?
I don’t know who the byzantine is… but the intersection, of all convex hulls is also in the convex hull of all the good processes. Trimming off the range Motivation:
Trimming off the range Other processes may consider me bad… What happens if I also consider myself “bad”? Motivation:
Trimming off the range • More formally we define:
Is there always a safe Zone ? My initial starting point, is the only point I can guarantee is in the convex hull of the good processes. 3 points, 1 byzantine – no safe zone. (d=2)
Conditions for non empty safe zone Let X be a set of messages of the form: For simplicity, we can treat X as a set of points, using the notation C(X). Lemma: Proof: Notice that C contains a restriction of X. The safe zone is the conjunction of all restrictions of X. Process id: Round number: Value
Conditions for non empty safe zone 2 dimensions, x =3, every three intersect. 2 dimensions, x =3, every two intersect. Theorem requires that every 3 intersect. 1 dimension, x =3, every two intersect.
Conditions for non empty safe zone Every m+1 restrictions intersects Poly of every m+1 restrictions intersects Polly of all restrictions intersects Helly’s Theorem
Conditions for non empty safe zone Every m+1 restrictions intersects Poly of every m+1 restrictions Intersects Helly’s theorem ensures that all restrictions intersects.
Concrete Algorithm For every coordinate d Repeat until converged: • Broadcast* • Trim (Safe Zone). • Value Middle(Safe Zone) – (projected to coordinate d)
Correctness proof • We proved that initially if |X|>t(m+1) the safe zone is not empty. • However, every process receives a slight different set of messages, and calculates the safe zone on these messages. My Safe zone, was calculated on different values than yours I Really hope they intersect… V6 V7 V1 V1 V2 V2 V3 V3 V4 V4 V5 V5
Correctness proof V1 V6 V7 V5’ V2 V5 This is my safe zone And this is mine… V3 V4 V6 V7 V1 V1 V2 V2 V3 V3 V4 V4 V5 V5
Correctness proof For process Pj, and coordinate d: Sj(d) is the projection of the safe zone of Pj, in coordinate d. Loj(d) is the smallest point of the safe zone of j, in coordinate d. Hij(d) is the biggest point of the safe zone of j, in coordinate d. vj(d) is the value of process Pj in the current round. For all processes: Max(d) is the maximal value any of the processes have for the safe zone on coordinate d. Min(d) is the minimal value any of the processes have for the safe zone on coordinate d
Correctness proof Lemma 4.9: After each round, the distance between each two processes shrinks to (max(d)-min(d))/2. Consider two processes Pi, Pj, and assume without loss of generality that Pi has a bigger value on coordinate d: vi(d) > vj(d) . and therefore there exist a value :
Lower bound • If there is no safe zone ~ no protocol can be correct. • Example: 3 points, 2 dimensions, 1 byzantine process… Let’s assume that you have a correct algorithm. Where does it converges? I will not expose myself as byzantine, I play nice. I am a good process ! How about here?
Lower bound • If there is no safe zone ~ no protocol can be correct. • Example: 3 points, 2 dimensions, 1 byzantine process… Let’s assume that you have a correct algorithm. Where does it converges? I will not expose myself as byzantine, I play nice. I am a good process ! How about here?
Lower Bound • If the ‘Byzantine’ nature of a process have no manifestation in the protocol it is impossible to distinguish from a good process. Lets call such a byzantine “Silent”. • For every convergence point the algorithm picks when there are no byzantine processes. I can place silent byzantine processes that render the convergence points outside of the convex hull of the good processes.
Lower bound • It is therefore enough to show constructions without safe zones. • Using simplicial structures, we can build for any dimension a group of (m+1) points with no safe zone for a single byzantine. 0
Summary • Multi dimension approximate agreement is different than single dimension. • We can only solve the multi dimension problem when |X|>(m+1)t • The problem cannot be solved for |X|=(m+1)t or smaller. • The safe zone concept captures the nature of the problem, existence of a safe zone ensures convergence. • When there is no safe zone, the problem cannot be solved.
Thank you! Now all the Autobots can converge even when theDeceptions interfere! Thank you humans, we will never forget it!