Skip to main content
Springer Nature Link
Log in

Scalable Agreement Protocols with Optimal Optimistic Efficiency

  • Conference paper
  • First Online:
Security and Cryptography for Networks (SCN 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14973))

Included in the following conference series:

  • 194 Accesses

Abstract

Designing efficient distributed protocols for various agreement tasks such as Byzantine Agreement, Broadcast, and Committee Election is a fundamental goal with many applications, including most secure multiparty computation (MPC) protocols. Motivated by modern large-scale settings, we are interested in scalable protocols for these tasks, where each (honest) party communicates a number of bits which is sub-linear in n, the number of parties. The state of the art protocols require each party to send \(\tilde{O}(\sqrt{n})\) bits (We use the notation \(\tilde{O}(\cdot ),\tilde{\varOmega }(\cdot )\) to hide poly-logarithmic factors in n) throughout \(\tilde{O}(1)\) rounds. Despite significant efforts, getting protocols with \(o(\sqrt{n})\) communication per party has been a major challenge for several decades.

We propose a new framework for designing efficient agreement protocols. Specifically, we design \(\tilde{O}(1)\)-round protocols for all of the above tasks (assuming constant \(<1/3\) fraction of static corruptions) with the following guarantees:

  • Optimistic complexity: In an honest execution, (honest) parties send only \(\tilde{O}(1)\) bits.

  • Pessimistic complexity: In any other case, (honest) parties send \(\tilde{O}(\sqrt{n})\) bits.

Thus, all an adversary can gain from deviating from the honest execution is that honest parties will need to work harder (i.e., transmit more bits) to reach agreement and terminate. We use our new framework to get a scalable MPC protocol with optimistic and pessimistic complexities.

Technically, we identify a relaxation of Byzantine Agreement (of independent interest) that allows us to fall-back to a pessimistic execution in a coordinated way by all parties. We implement this relaxation with \(\tilde{O}(1)\) communication bits per party and within \(\tilde{O}(1)\) rounds.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    Static corruptions means that the set of corrupted parties is chosen by the adversary after the protocol is specified but before an execution begins.

  2. 2.

    Interestingly, in BGW it was already observed that their protocol has an optimistic/pessimistic flavor where in the former the polynomial in n is slightly better than in the pessimistic case.

  3. 3.

    The min-entropy of a random variable is the negative logarithm of the probability of the most likely outcome. We say that the min-entropy is high enough if the probability of the most likely outcome is \(\textsf{negl}(n)\).

  4. 4.

    Flooding attacks (or “denial of service”) are a threat because we put a constraint on the honest parties’ communication complexity. Specifically, the adversary (controlling a constant fraction of parties) can send a poll request (in the name of each controlled party) to every honest party. Since the honest nodes need to reply to all of these poll requests, then (if per-party communication is limited to o(n) bits) there is no budget to reply to any honest poll requests.

  5. 5.

    The claim is obvious for parties that know \(\textsf{str}\) and detect a failure (e.g., because their poll fails or because they are flooded). Otherwise, if the poll of a party that knows \(\textsf{str}\) fails, then (w.h.p) at least one honest party that knows \(\textsf{str}\) does not respond to its poll request (recall that we are guaranteed that most parties know \(\textsf{str}\)). The latter honest party must have been flooded! So, we are back to the case that an honest party knows \(\textsf{str}\) and detects a failure.

  6. 6.

    Also known as an adversary that can cause crash failures.

  7. 7.

    The original almost-everywhere protocol provided by King et al. [38] is described as a leader election protocol. However, a simple modification gives an almost-everywhere agreement protocol where the output of all but o(1)-fraction of parties is a poly-logarithmically long string with poly-logarithmic min-entropy.

References

  1. Abraham, I., et al.: Communication complexity of Byzantine agreement, revisited. In: Proceedings of the 2019 ACM Symposium on Principles of Distributed Computing, PODC, pp. 317–326 (2019)

    Google Scholar 

  2. Beerliová-Trubíniová, Z., Hirt, M.: Perfectly-secure MPC with linear communication complexity. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 213–230. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78524-8_13

    Chapter  Google Scholar 

  3. Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract). In: Proceedings of the 20th Annual ACM Symposium on Theory of Computing, STOC, pp. 1–10 (1988)

    Google Scholar 

  4. Borderding, M.: Levels of authentication in distributed agreement. In: 10th International Workshop Distributed Algorithms, WDAG, pp. 40–55 (1996)

    Google Scholar 

  5. Boyle, E., Cohen, R., Data, D., Hubáček, P.: Must the communication graph of MPC protocols be an expander? In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10993, pp. 243–272. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96878-0_9

    Chapter  Google Scholar 

  6. Boyle, E., Cohen, R., Goel, A.: Breaking the O(\(\sqrt{n}\))-bit barrier: Byzantine agreement with polylog bits per party. In: ACM Symposium on Principles of Distributed Computing, PODC, pp. 319–330 (2021)

    Google Scholar 

  7. Braud-Santoni, N., Guerraoui, R., Huc, F.: Fast Byzantine agreement. In: ACM Symposium on Principles of Distributed Computing, PODC, pp. 57–64 (2013)

    Google Scholar 

  8. Canetti, R.: Security and composition of multiparty cryptographic protocols. J. Cryptol. 13(1), 143–202 (2000)

    Article  MathSciNet  Google Scholar 

  9. Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: 42nd Annual Symposium on Foundations of Computer Science, FOCS, pp. 136–145. IEEE Computer Society (2001)

    Google Scholar 

  10. Cascudo, I., Cramer, R., Xing, C., Yuan, C.: Amortized complexity of information-theoretically secure MPC revisited. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10993, pp. 395–426. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96878-0_14

    Chapter  Google Scholar 

  11. Castro, M., Liskov, B.: Practical byzantine fault tolerance. In: Proceedings of the Third USENIX Symposium on Operating Systems Design and Implementation (OSDI), pp. 173–186 (1999)

    Google Scholar 

  12. Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols (abstract). In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 462–462. Springer, Heidelberg (1988). https://doi.org/10.1007/3-540-48184-2_43

    Chapter  Google Scholar 

  13. Chida, K., et al.: Fast large-scale honest-majority MPC for malicious adversaries. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10993, pp. 34–64. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96878-0_2

    Chapter  Google Scholar 

  14. Damgård, I., Ishai, Y.: Scalable secure multiparty computation. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 501–520. Springer, Heidelberg (2006). https://doi.org/10.1007/11818175_30

    Chapter  Google Scholar 

  15. Damgård, I., Ishai, Y., Krøigaard, M.: Perfectly secure multiparty computation and the computational overhead of cryptography. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 445–465. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_23

    Chapter  Google Scholar 

  16. Damgård, I., Ishai, Y., Krøigaard, M., Nielsen, J.B., Smith, A.: Scalable multiparty computation with nearly optimal work and resilience. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 241–261. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85174-5_14

    Chapter  Google Scholar 

  17. Damgård, I., Nielsen, J.B.: Scalable and unconditionally secure multiparty computation. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 572–590. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74143-5_32

    Chapter  Google Scholar 

  18. Dani, V., King, V., Movahedi, M., Saia, J.: Breaking the O(mn) bit barrier: secure multiparty computation with a static adversary. In: 8th Student Conference, p. 64 (2012)

    Google Scholar 

  19. Dani, V., King, V., Movahedi, M., Saia, J.: Quorums quicken queries: efficient asynchronous secure multiparty computation. In: Chatterjee, M., Cao, J., Kothapalli, K., Rajsbaum, S. (eds.) ICDCN 2014. LNCS, vol. 8314, pp. 242–256. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-45249-9_16

    Chapter  Google Scholar 

  20. Dani, V., King, V., Movahedi, M., Saia, J., Zamani, M.: Secure multi-party computation in large networks. Distrib. Comput. 30, 193–229 (2017)

    Article  MathSciNet  Google Scholar 

  21. Dolev, D., Strong, H.R.: Authenticated algorithms for Byzantine agreement. SIAM J. Comput. 12(4), 656–666 (1983)

    Article  MathSciNet  Google Scholar 

  22. Dwork, C., Lynch, N.A., Stockmeyer, L.J.: Consensus in the presence of partial synchrony. J. ACM 35(2), 288–323 (1988)

    Article  MathSciNet  Google Scholar 

  23. Dwork, C., Peleg, D., Pippenger, N., Upfal, E.: Fault tolerance in networks of bounded degree. SIAM J. Comput. 17(5), 975–988 (1988)

    Article  MathSciNet  Google Scholar 

  24. Fernando, R., Gelles, Y., Komargodski, I.: Scalable distributed agreement from LWE: Byzantine agreement, broadcast, and leader election. In: ITCS, pp. 46:1–46:23 (2024)

    Google Scholar 

  25. Fischer, M.J., Lynch, N.A., Merritt, M.: Easy impossibility proofs for distributed consensus problems. Distrib. Comput. 1(1), 26–39 (1986)

    Article  Google Scholar 

  26. Gelles, Y., Komargodski, I.: Scalable agreement protocols with optimal optimistic efficiency. Cryptology ePrint Archive, Paper 2023/751 (2023). https://eprint.iacr.org/2023/751

  27. Gelles, Y., Komargodski, I.: Optimal load-balanced scalable distributed agreement. In: Proceedings of the 56th Annual ACM Symposium on Theory of Computing, pp. 411–422 (2024)

    Google Scholar 

  28. Genkin, D., Ishai, Y., Prabhakaran, M., Sahai, A., Tromer, E.: Circuits resilient to additive attacks with applications to secure computation. In: Symposium on Theory of Computing, STOC, pp. 495–504 (2014)

    Google Scholar 

  29. Goldreich, O.: The Foundations of Cryptography - Basic Applications, vol. 2. Cambridge University Press, Cambridge (2004)

    Book  Google Scholar 

  30. Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or A completeness theorem for protocols with honest majority. In: Proceedings of the 19th Annual ACM Symposium on Theory of Computing, STOC, pp. 218–229 (1987)

    Google Scholar 

  31. Hirt, M., Maurer, U.: Robustness for free in unconditional multi-party computation. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 101–118. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_6

    Chapter  Google Scholar 

  32. Holtby, D., Kapron, B.M., King, V.: Lower bound for scalable Byzantine agreement. Distrib. Comput. 21(4), 239–248 (2008)

    Article  Google Scholar 

  33. Guttman, J.D.: Security goals and protocol transformations. In: Mödersheim, S., Palamidessi, C. (eds.) TOSCA 2011. LNCS, vol. 6993, pp. 130–147. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27375-9_8

    Chapter  Google Scholar 

  34. Ishai, Y., Prabhakaran, M., Sahai, A.: Secure arithmetic computation with no honest majority. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 294–314. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00457-5_18

    Chapter  Google Scholar 

  35. King, V., Lonargan, S., Saia, J., Trehan, A.: Load balanced scalable Byzantine agreement through quorum building, with full information. In: Aguilera, M.K., Yu, H., Vaidya, N.H., Srinivasan, V., Choudhury, R.R. (eds.) ICDCN 2011. LNCS, vol. 6522, pp. 203–214. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-17679-1_18

    Chapter  Google Scholar 

  36. King, V., Saia, J.: From almost everywhere to everywhere: Byzantine agreement with \(\tilde{O}(n^{3/2})\) bits. In: Keidar, I. (ed.) DISC 2009. LNCS, vol. 5805, pp. 464–478. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04355-0_47

    Chapter  Google Scholar 

  37. King, V., Saia, J.: Breaking the O(n\( ^{\text{2}}\)) bit barrier: scalable byzantine agreement with an adaptive adversary. In: Proceedings of the 29th Annual ACM Symposium on Principles of Distributed Computing, PODC, pp. 420–429 (2010)

    Google Scholar 

  38. King, V., Saia, J., Sanwalani, V., Vee, E.: Scalable leader election. In: 17th Annual ACM-SIAM Symposium on Discrete Algorithms, SODA, pp. 990–999 (2006)

    Google Scholar 

  39. Lamport, L., Shostak, R.E., Pease, M.C.: The Byzantine generals problem. ACM Trans. Program. Lang. Syst. 4(3), 382–401 (1982)

    Article  Google Scholar 

  40. Pease, M.C., Shostak, R.E., Lamport, L.: Reaching agreement in the presence of faults. J. ACM 27(2), 228–234 (1980)

    Article  MathSciNet  Google Scholar 

Download references

Acknowledgments

Ilan Komargodski is the incumbent of the Harry & Abe Sherman Senior Lectureship at the School of Computer Science and Engineering at the Hebrew University. This research is supported in part by an Alon Young Faculty Fellowship, by a JPM Faculty Research Award, by a grant from the Israel Science Foundation (ISF Grant No. 1774/20), and by a grant from the US-Israel Binational Science Foundation and the US National Science Foundation (BSF-NSF Grant No. 2020643).

Author information

Authors and Affiliations

  1. The Hebrew University of Jerusalem, Jerusalem, Israel

    Yuval Gelles & Ilan Komargodski

  2. NTT Research, Sunnyvale, CA, USA

    Ilan Komargodski

Authors
  1. Yuval Gelles
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ilan Komargodski
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yuval Gelles .

Editor information

Editors and Affiliations

  1. Università degli Studi di Salerno, Fisciano, Italy

    Clemente Galdi

  2. Télécom Paris, Paris, France

    Duong Hieu Phan

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Gelles, Y., Komargodski, I. (2024). Scalable Agreement Protocols with Optimal Optimistic Efficiency. In: Galdi, C., Phan, D.H. (eds) Security and Cryptography for Networks. SCN 2024. Lecture Notes in Computer Science, vol 14973. Springer, Cham. https://doi.org/10.1007/978-3-031-71070-4_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-71070-4_14

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-71069-8

  • Online ISBN: 978-3-031-71070-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics