Abstract
We present commensal cuckoo,* a secure group partitioning scheme for large-scale systems that maintains the correctness of many small groups, despite a Byzantine adversary that controls a constant (global) fraction of all nodes. In particular, the adversary is allowed to repeatedly rejoin faulty nodes to the system in an arbitrary adaptive manner, e.g., to collocate them in the same group. Commensal cuckoo addresses serious practical limitations of the state-ofthe- art scheme, the cuckoo rule of Awerbuch and Scheideler, tolerating 32x--41x more faulty nodes with groups as small as 64 nodes (as compared to the hundreds required by the cuckoo rule). Secure group partitioning is a key component of highly-scalable, reliable systems such as Byzantine faulttolerant distributed hash tables (DHTs).
- A. Adya, W. J. Bolosky, M. Castro, G. Cermak, R. Chaiken, J. R. Douceur, J. Howell, J. R. Lorch, M. Theimer, and R. Wattenhofer. FARSITE: Federated, available, and reliable storage for an incompletely trusted environment. In OSDI, 2002. Google ScholarDigital Library
- B. Awerbuch and C. Scheideler. Group spreading: A protocol for provably secure distributed name service. In ICALP, 2004.Google ScholarCross Ref
- B. Awerbuch and C. Scheideler. Towards a scalable and robust DHT. In SPAA, 2006. Google ScholarDigital Library
- B. Awerbuch and C. Scheideler. Towards scalable and robust overlay networks. In IPTPS, 2007.Google Scholar
- B. Awerbuch and C. Scheideler. Robust random number generation for peer-to-peer systems. Theor. Comput. Sci., 410:453--466, 2009. Google ScholarDigital Library
- M. Castro. Practical Byzantine Fault-Tolerance. PhD thesis, M.I.T., 2000.Google Scholar
- M. Castro, P. Druschel, A. J. Ganesh, A. Rowstron, and D. S. Wallach. Secure routing for structured peer-to-peer overlay networks. In OSDI, 2002. Google ScholarDigital Library
- B.-G. Chun, P. Maniatis, S. Shenker, and J. Kubiatowicz. Attested append-only memory: Making adversaries stick to their word. In SOSP, 2007. Google ScholarDigital Library
- A. Clement, M. Kapritsos, S. Lee, Y. Wang, L. Alvisi, M. Dahlin, and T. Riche. Upright cluster services. In SOSP, 2009. Google ScholarDigital Library
- J. Cowling, D. R. K. Ports, B. Liskov, R. A. Popa, and A. Gaikwad. Census: Location-aware membership management for large-scale distributed systems. In USENIX ATC, 2009. Google ScholarDigital Library
- S. A. Crosby and D. S. Wallach. Denial of service via algorithmic complexity attacks. In USENIX Security, 2003. Google ScholarDigital Library
- J. R. Douceur. The Sybil attack. In IPTPS, 2002. Google ScholarDigital Library
- A. Fiat, J. Saia, and M. Young. Making Chord robust to Byzantine attacks. In ESA, 2005. Google ScholarDigital Library
- I. Gupta, K. P. Birman, P. Linga, A. J. Demers, and R. van Renesse. Kelips: Building an efficient and stable P2P DHT through increased memory and background overhead. In IPTPS, 2003.Google ScholarCross Ref
- K. Hildrum and J. Kubiatowicz. Asymptotically efficient approaches to fault-tolerance in peer-to-peer networks. In DISC, 2003.Google ScholarCross Ref
- A. Jaffe, T. Moscibroda, and S. Sen. The price of equivocation: Characterizing Byzantine agreement via hypergraph coloring. Manuscript, 2011.Google Scholar
- H. Johansen, A. Allavena, and R. van Renesse. Fireflies: Scalable support for intrusion-tolerant network overlays. In EuroSys, 2006. Google ScholarDigital Library
- A. Kapadia and N. Triandopoulos. Halo: High-assurance locate for distributed hash tables. In NDSS, 2008.Google Scholar
- D. Karger, E. Lehman, F. Leighton, M. Levine, D. Lewin, and R. Panigrahy. Consistent hashing and random trees: Distributed caching protocols for relieving hot spots on the World Wide Web. In STOC, 1997. Google ScholarDigital Library
- A. Kate and I. Goldberg. Distributed key generation for the internet. In ICDCS, 2009. Google ScholarDigital Library
- K. P. Kihlstrom, L. E. Moser, and P. M. Melliar-Smith. The SecureRing protocols for securing group communication. In HICSS, 1998. Google ScholarDigital Library
- R. Kotla, L. Alvisi, M. Dahlin, A. Clement, and E. Wong. Zyzzyva: Speculative Byzantine fault tolerance. In SOSP, 2007. Google ScholarDigital Library
- J. Kubiatowicz, D. Bindel, Y. Chen, P. Eaton, D. Geels, R. Gummadi, S. Rhea, H. Weatherspoon, W. Weimer, C. Wells, and B. Zhao. Oceanstore: An architecture for global-scale persistent storage. In ASPLOS, 2000. Google ScholarDigital Library
- L. Lamport. Lower bounds for asynchronous consensus. In FuDiCo, 2003. Google ScholarDigital Library
- D. Levin, J. R. Douceur, J. R. Lorch, and T. Moscibroda. TrInc: Small trusted hardware for large distributed systems. In NSDI, 2009. Google ScholarDigital Library
- H. C. Li, A. Clement, M. Marchetti, M. Kapritsos, L. Robison, L. Alvisi, and M. Dahlin. Flightpath: Obedience vs. choice in cooperative services. In OSDI, 2008. Google ScholarDigital Library
- P. Mittal and N. Borisov. Shadowwalker: Peer-to-peer anonymous communication using redundant structured topologies. In CSS, 2009. Google ScholarDigital Library
- A. Nambiar and M. Wright. Salsa: A structured approach to large-scale anonymity. In CSS, 2006. Google ScholarDigital Library
- M. Naor and U. Wieder. Novel architectures for P2P applications: The continuous-discrete approach. ACM Trans. Algorithms, 3(3), 2007. Google ScholarDigital Library
- T. Rabin and M. Ben-Or. Verifiable secret sharing and multiparty protocols with honest majority. In STOC, 1989. Google ScholarDigital Library
- M. K. Reiter. The Rampart toolkit for building high-integrity services. In Workshop on Theory and Practice in Distributed Systems. 1995. Google ScholarDigital Library
- R. Rodrigues. Robust Services in Dynamic Systems. PhD thesis, M.I.T., 2005. Google ScholarDigital Library
- R. Rodrigues, P. Kouznetsov, and B. Bhattacharjee. Large-scale Byzantine fault tolerance: Safe but not always live. In HotDep, 2007. Google ScholarDigital Library
- R. Rodrigues and B. Liskov. Rosebud: A scalable Byzantine-fault-tolerant storage architecture. Technical Report TR-2003-035, M.I.T., CSAIL, 2003.Google Scholar
- R. Rodrigues, B. Liskov, and L. Shrira. The design of a robust peer-to-peer system. In SIGOPS European workshop, 2002. Google ScholarDigital Library
- J. Saia and M. Young. Reducing communication costs in robust peer-to-peer networks. Inf. Process. Lett., 106:152--158, 2008. Google ScholarDigital Library
- C. Scheideler. How to spread adversarial nodes?: rotate! In STOC, 2005. Google ScholarDigital Library
- F. B. Schneider. Implementing fault-tolerant services using the state machine approach: a tutorial. ACM Comput. Surv., 22(4), 1990. Google ScholarDigital Library
- V. Shoup. Practical threshold signatures. In EUROCRYPT, 2000. Google ScholarDigital Library
- A. Singh, T.-W. Ngan, P. Druschel, and D. S. Wallach. Eclipse attacks on overlay networks: Threats and defenses. In INFOCOM, 2006.Google ScholarCross Ref
- M. Srivatsa and L. Liu. Vulnerabilities and security threats in structured overlay networks: A quantitative analysis. In ACSAC, 2004. Google ScholarDigital Library
- Vuze. http://www.vuze.com/.Google Scholar
- P. Wang, I. Osipkov, N. Hopper, and Y. Kim. Myrmic: Provably secure and efficient DHT routing. Technical Report 2006/20, Univ. Minnesota, DTC, 2006.Google Scholar
- S. Wolchok, O. S. Hofmann, N. Heninger, E. W. Felten, J. A. Halderman, C. J. Rossbach, B.Waters, and E. Witchel. Defeating Vanish with low-cost Sybil attacks against large DHTs. In NDSS, 2010.Google Scholar
- J. Yin, J.-P. Martin, A. Venkataramani, L. Alvisi, and M. Dahlin. Separating agreement from execution for Byzantine fault tolerant services. In SOSP, 2003. Google ScholarDigital Library
- M. Young, A. Kate, I. Goldberg, and M. Karsten. Practical robust communication in dhts tolerating a Byzantine adversary. In ICDCS, 2010. Google ScholarDigital Library
Recommendations
De-amortized Cuckoo Hashing: Provable Worst-Case Performance and Experimental Results
ICALP '09: Proceedings of the 36th International Colloquium on Automata, Languages and Programming: Part ICuckoo hashing is a highly practical dynamic dictionary: it provides amortized constant insertion time, worst case constant deletion time and lookup time, and good memory utilization. However, with a noticeable probability during the insertion of n ...
Nearest neighbour cuckoo search algorithm with probabilistic mutation
Graphical abstractDisplay Omitted HighlightsWe extend a cuckoo search algorithm with the nearest neighbour and probabilistic mutation strategies.A suite of 20 functions are adopted to illustrate the improvement in effectiveness and efficiency of the ...
Snap-drift cuckoo search
Display Omitted We propose a novel cuckoo optimization algorithm called snap-drift cuckoo search (SDCS).The proposed SDCS employs reinforcement learning principles and improved search operators to achieve a more rapid and robust algorithm.The improved ...
Comments