Abstract
In order to tolerate servers’ Byzantine failures, a distributed storage service of self-verifying data (e.g., certificates) needs to make three security properties be Byzantine fault tolerant (BFT): data consistency, data availability, and confidentiality of the (signing service’s) private key. Building such systems demands the integration of Byzantine quorum systems (BQS), which only make data consistency and availability be BFT, and threshold signature schemes (TSS), which only make confidentiality of the private key be BFT. Two families of correct or valid TSS-BQS systems (of which the server protocols carry all the design options) have been proposed in the literature. Motivated by the failures in finding a third family of valid server protocols, we study the reverse problem and formally prove that it is impossible to find any third family of valid TSS-BQS systems. To obtain this proof, we develop a validity theory on server protocols of TSS-BQS systems. It is shown that the only two families of valid server protocols, “predicted” (or deduced) by the validity theory, precisely match the existing protocols.
Jingqiang Lin, Jiwu Jing and Qiongxiao Wang were supported by National Natural Science Foundation of China grant 70890084/G021102 and National Science & Technology Pillar Program of China grant 2008BAH22B01. Peng Liu was supported by AFOSR FA9550-07-1-0527 (MURI), ARO W911NF-09-1-0525 (MURI), NSF CNS-0905131, NSF CNS-0916469 and AFRL FA8750-08-C-0137.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Alvisi, L., Dahlin, M., et al.: Dynamic Byzantine quorum systems. In: Int’l. Conf. Dependable Systems and Networks, pp. 283–292 (2000)
Amir, Y., Coan, B., et al.: Customizable fault tolerance for wide-area replication. In: IEEE Symp. Reliable Distributed Systems, pp. 65–82 (2007)
Amir, Y., Danilov, C., et al.: Scaling Byzantine fault-tolerant replication to wide area networks. In: Int’l. Conf. Dependable Systems and Networks, pp. 105–114 (2006)
Bazzi, R.: Synchronous Byzantine quorum systems. Distributed Computing 13(1), 45–52 (2000)
Castro, M., Liskov, B.: Practical Byzantine fault tolerance and proactive recovery. ACM Trans. Computer Systems 20(4), 398–461 (2002)
Desmedt, Y.: Society and group oriented cryptography: A new concept. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 120–127. Springer, Heidelberg (1988)
Goodson, G., Wylie, J., et al.: Efficient Byzantine-tolerant erasure-coded storage. In: Int’l. Conf. Dependable Systems and Networks, pp. 135–144 (2004)
Herzberg, A., Jakobsson, M., et al.: Proactive public key and signature systems. In: ACM Conf. Computer Communications Security, pp. 100–110 (1997)
Iyengar, A., Cahn, R., et al.: Design and implementation of a secure distributed data repository. In: IFIP Int’l. Information Security Conference, pp. 123–135 (1998)
Jing, J., Wang, J., et al.: Research on server protocols of Byzantine quorum systems implemented utilizing threshold signature schemes (accepted to appear). Chinese Journal of Software
Kong, L., Subbiah, A., et al.: A reconfigurable Byzantine quorum approach for the Agile Store. In: IEEE Symp. Reliable Distributed Systems, pp. 219–228 (2003)
Lamport, L., Shostak, R., et al.: The Byzantine generals problem. ACM Trans. Programming Languages and Systems 4(3), 382–401 (1982)
Malkhi, D., Reiter, M.: Byzantine quorum systems. Distributed Computing 11(4), 203–213 (1998)
Malkhi, D., Reiter, M.: Secure and scalable replication in Phalanx. In: IEEE Symp. Reliable Distributed Systems, pp. 51–60 (1998)
Marsh, M., Schneider, F.: CODEX: A robust and secure secret distribution system. IEEE Trans. Dependable and Secure Computing 1(1), 34–47 (2004)
Martin, J.-P., Alvisi, L.: A framework for dynamic Byzantine storage. In: Int’l. Conf. Dependable Systems and Networks, pp. 325–334 (2004)
Martin, J.-P., Alvisi, L., et al.: Small Byzantine quorum systems. In: Int’l. Conf. Dependable Systems and Networks, pp. 374–383 (2002)
Naor, M., Wool, A.: Access control and signatures via quorum secret sharing. IEEE Trans. Parallel and Distributed Systems 9(9), 909–922 (1998)
Ostrovsky, R., Yung, M.: How to withstand mobile virus attacks. In: ACM Symp. Principles of Distributed Computing, pp. 51–59 (1991)
Reiter, M., Birman, K.: How to securely replicate services. ACM Trans. Programming Languages and Systems 16(3), 986–1009 (1994)
Reiter, M., Franklin, M., et al.: The Ω key management service. In: ACM Conf. Computer and Communications Security, pp. 38–47 (1996)
Rhea, S., Eaton, P., et al.: Pond: the OceanStore prototype. In: USENIX Conf. File and Storage Technologies, pp. 1–14 (2003)
Subbiah, A., Ahamad, M., et al.: Using Byzantine quorum systems to manage confidential data. Technical Report GIT-CERCS-04-13, Georgia Institute of Technology (2004)
Subbiah, A., Blough, D.: An approach for fault tolerant and secure data storage in collaborative work environments. In: ACM Workshop on Storage Security and Survivability, pp. 84–93 (2005)
Wylie, J., Bigrigg, M., et al.: Survivable information storage systems. IEEE Computer 33(8), 61–68 (2000)
Zhou, L., Schneider, F., et al.: COCA: A secure on-line certification authority. ACM Trans. Computer Systems 20(4), 329–368 (2002)
Zhou, L., Schneider, F., et al.: APSS: Proactive secret sharing in asynchronous systems. ACM Trans. Information and System Security 8(3), 259–286 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Lin, J., Liu, P., Jing, J., Wang, Q. (2010). Impossibility of Finding Any Third Family of Server Protocols Integrating Byzantine Quorum Systems with Threshold Signature Schemes. In: Jajodia, S., Zhou, J. (eds) Security and Privacy in Communication Networks. SecureComm 2010. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 50. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16161-2_18
Download citation
DOI: https://doi.org/10.1007/978-3-642-16161-2_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16160-5
Online ISBN: 978-3-642-16161-2
eBook Packages: Computer ScienceComputer Science (R0)