Вы находитесь на странице: 1из 47

Byzantine Failures

Byzantine Failures
Faulty processor p 1 c a

p2
b a

p3

p5

p4

Different processes receive different values


2

Some messages may be lost

Faulty processor p 1

p2 p3
a

p5

p4

A Byzantine process can behave like a Crashed-failed process


3

Round

Round

Round

Round

Round Round

p1 p2
p3 p4 p5

p1 p2 p3 p4 p5

p1

p1 p2 p3 p4 p5

p1 p2 p3 p4 p5

p1 p2 p3 p4 p5

p2 p3 p4 p5

Failure

Failure

After failure the process continues Functioning in the network

Consensus with Byzantine Failures

f-resilient consensus algorithm: solves consensus for f failed processes

Example: The input and output of a 1-resilient consensus algorithm

Start 1 4

Finish 0 2 3 3 3
6

3 3

Validity condition: if all processes start with the same value then all non-faulty processes decide that value Start 1 1 1 Finish 1 1 1 1
7

1 1

Lower bound on number of rounds Theorem: Any f-resilient consensus algorithm requires at least f+1 rounds

Proof: follows from the crash failure lower bound


8

Upper bound on failed processes Theorem: There is no f -resilient algorithm for n processes, where

n f 3
Proof: First we prove the 3 process case, and then the general case
9

The 3 processes case Lemma: There is no 1-resilient algorithm for 3 processes

Proof: Assume for contradiction that there is a 1-resilient algorithm for 3 processes
10

A(0) Local algorithm

p0 p1 p2
C(0)

B(1)

Initial value
11

p0 p1
1

p2
1

Decision value
12

A(0)

C(1)

p3
B(0) p4

p2
B(1) p1

C(0) A(1) p0 p5

Assume processes are in a ring Processes think they are in a triangle


13

A(0)

C(1)

p3
B(0) p4

p2
B(1) p1 B(1) p1 A(1) p0
C(1) C(0)

C(0) A(1) p0 p5

p2
faulty

14

A(0)

C(1)

p3
B(0) p4

p2
B(1) p1 1 p1 1

C(0) A(1) p0 p5

p0

p2
faulty

(validity condition)
15

A(0)

C(1)

p3
B(0) p4 B(0) p1
A(0)

p2
B(1) p1

p0
faulty

A(1)

C(0) p2

C(0) A(1) p0 p5 1

p0

16

A(0)

C(1)

p3
B(0) p4 0 p1

p2
B(1) p1

C(0) A(1) p0 p5 0 p2 1

p0
faulty

p0

(validity condition)
17

A(0)

C(1)

p3
B(0) p4

p2
B(1) p1

C(0) A(1) p0 p5 0 p2 1 C(0) A(1) p0 p2


B(0) B(1)

p0

p1 faulty

18

A(0)

C(1)

p3
B(0) p4

p2
B(1) p1

C(0) A(1) p0 p5 0 p2 1 0 1 p0

p0

p2

p1 faulty

19

Impossible!!! since the algorithm is 1-resilient 0 1 p0

p2

p1 faulty

20

Therefore: There is no algorithm that solves consensus for 3 processes in which 1 is a byzantine process

21

The n processes case Assume for contradiction that there is an f -resilient algorithm A for n processes, where f n

We will use algorithm A to solve consensus for 3 processes and 1 failure (contradiction)
22

algorithm A start 0 1 1 2 1 0 2 0 1 0 1 pn failures

p1 p2

finish 1

1 1 pn
23

p1 p2

q1
q3
p 2 n K pn
3 +1

p1 K pn
3

q2

pn K p2n
3 +1 3

Each process

q simulates algorithm A
24

n on of p processes 3

q1
q3
p 2 n K pn
3 +1

p1 K pn
3

q2
fails

pn K p2n
3 +1 3

When a

q fails

n then of p processes fail too 3

25

Finish of algorithm A

q1
kk k k k k k

p1 K pn
3

k k k k k k

all decide k
pn K p2n
3 +1 3

q3
p 2 n K pn
3 +1

q2
fails

n failures algorithm A tolerates 3


26

Final decision

q1

q3
k

q2
fails

We reached consensus with 1 failure Impossible!!!


27

Therefore: There is no f -resilient algorithm for n processes, where

n f 3

28

A Consensus Algorithm
The King algorithm solves consensus with n processes and f failures, where f <

n 4

29

The King algorithm There are

f + 1 phases

Each phase has two rounds In each phase there is a different king

30

Example: 12 processes, 2 faults, 3 kings initial values 0 1 1 2 1 0 2 0 1 0 1 0

Faulty

31

Example: 12 processes, 2 faults, 3 kings initial values 0 1 1 2 1 0 2 0 1 0 1 0

King 1

King 2

King 3

Remark: There is a king that is not faulty


32

The King algorithm Each processor

pi has a preferred value vi

In the beginning, the preferred value is set to the initial value

33

The King algorithm Round 1, processor

Phase k

pi : vi

Broadcast preferred value Set vi to the majority of values received

34

The King algorithm Round 2, king

Phase k

pk :

Broadcast new preferred value vk Round 2, process

pi :

If vi had majority that is not greater than n + f then set vi to vk

35

The King algorithm End of Phase f+1: Each process decides on preferred value

36

Example: 6 processes, 1 fault 0 0 1 1 1 2


king 2

king 1

Faulty

37

Phase 1, Round 1
2,1,1,1,0,0 2,1,1,0,0,0

0
2,1,1,0,0,0

1 1 0 1 2 0
2,1,1,0,0,0

0 1 1

2,1,1,1,0,0

king 1

Everybody broadcasts
38

Phase 1, Round 1 Chose the majority 1 0 1 1


king 1

0 0

n Each majority population was 3 + f = 4 2


On round 2, everybody will chose the kings value
39

Phase 1, Round 2 1 0 0 0 1 1 1 0 1 0 2

king 1

The king broadcasts


40

Phase 1, Round 2 0 0 1 1
king 1

1 2

Everybody chooses the kings value


41

Phase 2, Round 1
2,1,1,1,0,0 2,1,1,0,0,0

0
2,1,1,0,0,0

1 1 0 1 2 0
2,1,1,0,0,0
king 2

0 1 1

2,1,1,1,0,0

Everybody broadcasts
42

Phase 2, Round 1 Chose the majority 1 0 1 1 0 0


king 2

2,1,1,1,0,0

Each majority population is

n 3 + f = 4 2
43

On round 2, everybody will chose the kings value

Phase 2, Round 2 1 0 0 0 1 0 1 0

0 0
king 2

The king broadcasts


44

Phase 2, Round 2 0 0 0 1 0 0
king 2

Everybody chooses the kings value Final decision


45

In general: In the round where the the king is non-faulty, everybody will chose the kings value v After that round, the majority will remain value v with majority population at least

n n f > + f 2

46

Consensus in Asynchronous Systems


There is no algorithm that solves consensus for n processes even with 1 crash failure

Intuition behind claim: We cannot tell if a process is faulty or slow


47