ABSTRACT
We present BEAT, a set of practical Byzantine fault-tolerant (BFT) protocols for completely asynchronous environments. BEAT is flexible, versatile, and extensible, consisting of five asynchronous BFT protocols that are designed to meet different goals (e.g., different performance metrics, different application scenarios). Due to modularity in its design, features of these protocols can be mixed to achieve even more meaningful trade-offs between functionality and performance for various applications. Through a 92-instance, five-continent deployment of BEAT on Amazon EC2, we show that BEAT is efficient: roughly, all our BEAT instances significantly outperform, in terms of both latency and throughput, HoneyBadgerBFT, the most efficient asynchronous BFT known.
Supplemental Material
- M. Abd-El-Malek, G. Ganger, G. Goodson, M. K. Reiter, and J. Wylie. Fault-scalable Byzantine fault-tolerant services. SOSP 2005. Google ScholarDigital Library
- J. A. Akinyele, et al. Charm: a framework for rapidly prototyping cryptosystems. Journal of Cryptographic Engineering, 3(2):111--128, 2013.Google ScholarCross Ref
- Amazon Web Services (AWS). https://aws.amazon.com/Google Scholar
- Y. Amir, B. Coan, J. Kirsch, and J. Lane. Prime: Byzantine replication under attack. IEEE TDSC, 8(4):564--577, 2011. Google ScholarDigital Library
- Hyperledger Whitepaper: An introduction to Hyperledger. https://www.hyperledger.org/wp-content/uploads/2018/08/HL_Whitepaper_IntroductiontoHyperledger.pdfGoogle Scholar
- E. Androulaki, C. Cachin, D. Dobre, and M. Vukolic. Erasure-coded Byzantine storage with separate metadata. OPODIS 2014, pp. 76--90, 2014.Google ScholarCross Ref
- E. Androulaki et al. Hyperledger Fabric: a distributed operating system for permissioned blockchains. EuroSys 2018. Google ScholarDigital Library
- P-L. Aublin, R. Guerraoui, N. Knezevic, V. Quema, and M. Vukolic. The next 700 BFT protocols. TOCS, vol. 32, issue 4, January 2015. Google ScholarDigital Library
- P-L. Aublin, S. Mokhtar, and V. Quema. RBFT: Redundant Byzantine fault tolerance. ICDCS 2013. Google ScholarDigital Library
- J. Baek and Y. Zheng. Simple and efficient threshold cryptosystem from the gap Diffie-Hellman group. GLOBECOM '03, pp. 1491--1495, 2003.Google Scholar
- S. Behnel, et al. Cython: The best of both worlds. Computing in Science & Engineering, 13(2:31--39, 2011. Google ScholarDigital Library
- M. Bellare, R. Canetti, and H. Krawczyk. Keying hash functions for message authentication. CRYPTO 1996. Google ScholarDigital Library
- M. Bellare and P. Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. CCS 93, 1993. Google ScholarDigital Library
- M. Ben-Or, B. Kelmer, and T. Rabin. Asynchronous secure computations with optimal resilience. PODC 94. Google ScholarDigital Library
- A. Bessani, E. Alchieri, M. Correia, and J. Fraga. DepSpace: A Byzantine fault-tolerant coordination service. EuroSys '08. Google ScholarDigital Library
- A. Bessani, J. Sousa, and E. Alchieri. State machine replication for the masses with BFT-SMART. DSN '14. Google ScholarDigital Library
- A. Boldyreva. Efficient threshold signature, multisignature and blind signature schemes based on the gap-Diffie-Hellman-group signature scheme. PKC 2003. Google ScholarDigital Library
- D. Boneh, X. Boyen, and S. Halevi. Chosen ciphertext secure public key threshold encryption without random oracles. CT-RSA, 2006. Google ScholarDigital Library
- G. Bracha. Asynchronous Byzantine agreement protocols. Information and Computation 75, pp. 130--143, 1987. Google ScholarDigital Library
- M. Burrows. The Chubby lock service for loosely-coupled distributed systems. OSDI, 2006. Google ScholarDigital Library
- C. Cachin, K. Kursawe, F. Petzold, and V. Shoup. Secure and efficient asynchronous broadcast protocols (extended abstract). CRYPTO 2001. Google ScholarDigital Library
- C. Cachin, K. Kursawe, and V. Shoup. Random oracles in Constantinople: Practical asynchronous Byzantine agreement using cryptography. Journal of Cryptology 18(3), 219--246. Google ScholarDigital Library
- C. Cachin and J. Poritz. Secure Intrusion-tolerant replication on the Internet. DSN 2002, pp. 167--176, 2002. Google ScholarDigital Library
- C. Cachin and S. Tessaro. Asynchronous verifiable information dispersal. SRDS 2005. Google ScholarDigital Library
- C. Cachin and S. Tessaro. Optimal resilience for erasure-coded Byzantine distributed storage. DSN-DCCS 2006, pp. 115--124, 2006. Google ScholarDigital Library
- B. Calder et al. Windows Azure Storage: A highly available cloud storage service with strong consistency. ACM SOSP, 2011. Google ScholarDigital Library
- M. Castro and B. Liskov. Practical Byzantine fault tolerance and proactive recovery. ACM Trans. Comput. Syst, 20(4): 398--461, 2002. Google ScholarDigital Library
- A. Clement, E. Wong, L. Alvisi, M. Dahlin, and M. Marchetti. Making Byzantine fault tolerant systems tolerate Byzantine faults. NSDI 2009. Google ScholarDigital Library
- J. Corbett et al. Spanner: Google's globally-distributed database. OSDI, 2012. Google ScholarDigital Library
- Corda. https://github.com/corda/cordaGoogle Scholar
- J. Cowling et al. HQ replication: A hybrid quorum protocol for Byzantine fault tolerance. OSDI 2006. Google ScholarDigital Library
- D. Dobre, G. Karame, W. Li, M. Majuntke, N. Suri, and M. Vukolic. PoWerStore: Proofs of writing for efficient and robust storage. ACM CCS, 2013. Google ScholarDigital Library
- S. Duan, H. Meling, S. Peisert, and H. Zhang. BChain: Byzantine replication with high throughput and embedded reconfiguration. OPODIS 2014.Google ScholarCross Ref
- Sisi Duan, Sean Peisert, and Karl Levitt. hBFT: Speculative Byzantine fault tolerance with minimum cost. IEEE Transaction on Dependable and Secure Computing, 12(1): 58--70, 2015.Google ScholarDigital Library
- S. Duan, M. K. Reiter, and H. Zhang. Secure causal atomic broadcast, revisited. DSN 2017.Google ScholarCross Ref
- S. Duan and H. Zhang. Practical state machine replication with confidentiality. SRDS, 2016.Google ScholarCross Ref
- C. Dwork, N. Lynch, and L. Stockmeyer. Consensus in the presence of partial synchrony. J. ACM 35(2): 288--323, 1988. Google ScholarDigital Library
- M. Fischer, N. Lynch, and M. Paterson. Impossibility of distributed consensus with one faulty process. J. ACM 32(2): 374--382, 1985. Google ScholarDigital Library
- R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. Secure distributed key generation for discrete-log based cryptosystems. J. Cryptology 20(1): 51--83 (2007) Google ScholarDigital Library
- L. Gong. Securely replicating authentication services. ICDCS, pp. 85--91, IEEE Computer Society, 1989.Google ScholarCross Ref
- G. R. Goodson, J. J. Wylie, G. R. Ganger, and M. K. Reiter. Efficient Byzantine-tolerant erasure-coded storage. DSN-DCCS 2004, pp. 135--144, 2004. Google ScholarDigital Library
- K. M. Greenan, X. Li, and J. J. Wylie. Flat XOR-based erasure codes in storage systems: Constructions, efficient recovery, and tradeoffs. IEEE Mass Storage Systems and Technologies, 2010. Google ScholarDigital Library
- J. L. Hafner. Weaver codes: Highly fault tolerant erasure codes for storage systems. USENIX FAST, 2005. Google ScholarDigital Library
- J. L. Hafner. HoVer erasure codes for disk arrays. DSN, 2006. Google ScholarDigital Library
- J. Hendricks, G. R. Ganger, and M. K. Reiter. Verifying distributed erasure-coded data. PODC 2007, pp. 139--146, 2007. Google ScholarDigital Library
- J. Hendricks, G. R. Ganger, and M. K. Reiter. Low-overhead Byzantine fault-tolerant storage. SOSP 2007, 2007. Google ScholarDigital Library
- M. Herlihy. Wait-free synchronization. ACM Transactions on Programming Languages and Systems, 13(1):124--149, 1991. Google ScholarDigital Library
- M. Herlihy and J. Wing. Linearizability: a correctness condition for concurrent objects. ACM Transactions on Programming Languages and Systems, 12(3):463--492, 1990. Google ScholarDigital Library
- M. Herlihy, V. Luchangco, and M. Moir. Obstruction-free synchronization: Double-ended queues as an example. Proceedings of the 23rd International Conference on Distributed Computing Systems, pp. 522--529, IEEE Computer Society, 2003. Google ScholarDigital Library
- Y. Hu, H. Chen, P. Lee, and Y. Tang. NCCloud: Applying network coding for the storage repair in a Cloud-of-Clouds. USENIX FAST, 2012. Google ScholarDigital Library
- C. Huang, M. Chen, and J. Li. Pyramid codes: Flexible schemes to trade space for access efficiency in reliable data storage systems. ACM Transactions on Storage (TOS), Volume 9 Issue 1, March 2013. Earlier version in NCA 2007. Google ScholarDigital Library
- C. Huang, H. Simitci, Y. Xu, A. Ogus, B. Calder, P. Gopalan, J. Li, and S. Yekhanin. Erasure coding in Windows Azure Storage. USENIX ATC'12, 2012. Google ScholarDigital Library
- P. Hunt, M. Konar, F. P. Junqueira, and B. Reed. ZooKeeper: Wait-free coordination for Internet-scale systems. USENIX ATC 2010. Google ScholarDigital Library
- IBM Watson Health Announces Collaboration to Study the Use of Blockchain Technology for Secure Exchange of Healthcare Data. https://www-03.ibm.com/press/us/en/pressrelease/51394.wssGoogle Scholar
- IBM Announces Major Blockchain Solution to Speed Global Payments. https://www-03.ibm.com/press/us/en/pressrelease/53290.wssGoogle Scholar
- Iroha. https://github.com/hyperledger/irohaGoogle Scholar
- A. Kate, Y. Huang, and I. Goldberg. Distributed key generation in the wild. IACR Cryptology ePrint Archive 2012: 377 (2012).Google Scholar
- O. Khan, R. Burns, J. Plank, W. Pierce, and C. Huang. Rethinking erasure codes for cloud file systems: Minimizing I/O for recovery and degraded reads. USENIX FAST, 2012. Google ScholarDigital Library
- R. Kotla, L. Alvisi, M. Dahlin, A. Clement, and E. Wong. Zyzzyva: Speculative Byzantine fault tolerance. SOSP 2007. Google ScholarDigital Library
- H. Krawczyk. Distributed fingerprints and secure information dispersal. Proceedings of the 12th ACM Symposium on Principles of Distributed Computing, pp. 207--218, ACM Press, 1993. Google ScholarDigital Library
- Liberasurecode. https://github.com/openstack/liberasurecodeGoogle Scholar
- L. Lamport. Concurrent reading and writing. Communications of the ACM 11(20), 806--811, 1977. Google ScholarDigital Library
- L. Lamport. Time, clocks, and the ordering of events in a distributed system. Comm. ACM 21, 7 (July), 558--565, 1978. Google ScholarDigital Library
- L. Lamport. Using time instead of timeout for fault-tolerant distributed systems. Trans. Prog. Lang. and Systems 6(2):254--280, 1984. Google ScholarDigital Library
- L. Lamport. On interprocess communication. Part I: Basic formalism. Distrib. Comput. 1, 2, 77--85, 1986.Google ScholarCross Ref
- L. Lamport. On interprocess communication. Part II: Algorithms. Distrib. Comput. 1, 2, 86--101, 1986.Google ScholarCross Ref
- L. Lamport, R. Shostak, and M. Pease. The Byzantine generals problem. ACM Trans. on Programming Languages and Systems 4(3): 382--401, 1982. Google ScholarDigital Library
- Q. Lian, W. Chen, and Z. Zhang. On the impact of replica placement to the reliability of distributed brick storage systems. ICDCS 2005, pp. 187--196, 2005. Google ScholarDigital Library
- F. J. MacWilliams and N. J. A. Sloane. The Theory of Error Correcting Codes. Amsterdam, North-Holland, 1977.Google Scholar
- A. Miller, Y. Xia, K. Croman, E. Shi, and D. Song. The honey badger of BFT protocols. ACM CCS 16, 2016. Google ScholarDigital Library
- D. Moody, R. Peralta, R. Perlner, A. Regenscheid, A. Roginsky, and L. Chen. Report on pairing-based cryptography. Journal of Research of the National Institute of Standards and Technology, 2015.Google ScholarCross Ref
- A. Mostefaoui, H. Moumen, and M. Raynal. Signature-free asynchronous Byzantine consensus with t < n/3 and O(n2) messages. PODC 2014. Google ScholarDigital Library
- J. Plank and K. Greenan. Jerasure 2.0. http://jerasure.org/jerasure-2.0/Google Scholar
- J. Plank, K. Greenan, and E. Miller. Screaming fast Galois field arithmetic using Intel SIMD instructions. FAST 2013, 2013. Latest version: http://lab.jerasure.org/jerasure/gf-complete Google ScholarDigital Library
- J. Plank and L. Xu. Optimizing Cauchy Reed-Solomon codes for fault-tolerant network storage applications. NCA 2006. Google ScholarDigital Library
- PyECLib. https://pypi.python.org/pypi/PyECLibGoogle Scholar
- M. O. Rabin. Efficient dispersal of information for security, load balancing, and fault tolerance. Journal of the ACM, 36(2):335--348, 1989. Google ScholarDigital Library
- I. S. Reed and G. Solomon. Polynomial codes over certain finite fields. J. Soc. Industrial Appl. Math, 1960.Google ScholarCross Ref
- M. K. Reiter and K. Birman. How to securely replicate services. ACM TOPLAS, vol. 16 issue 3, pp. 986--1009, ACM, 1994. Google ScholarDigital Library
- M. Sathiamoorthy. et al. XORing elephants: novel erasure codes for big data. Journal Proceedings of the VLDB Endowment volume 6, issue 5, pp. 325--336, 2013. Google ScholarDigital Library
- F. Schneider. Implementing fault-tolerant services using the state machine approach: A tutorial. ACM Comput. Surveys 22(4): 299--319, 1990. Google ScholarDigital Library
- V. Shoup. On fast and provably secure message authentication based on universal hashing. CRYPTO '96, pages 313--328, 1996. Google ScholarDigital Library
- V. Shoup. Practical threshold signatures. EUROCRYPT 2000. Google ScholarDigital Library
- V. Shoup. NTL: A library for doing number theory. http://shoup.net/ntlGoogle Scholar
- V. Shoup and R. Gennaro. Securing threshold cryptosystems against chosen ciphertext attack. EUROCRYPT '98.Google Scholar
- SingularityNET. https://singularitynet.io/Google Scholar
- J. Sousa, A. Bessani, and M. Vukolic. A Byzantine fault-tolerant ordering service for the Hyperledger Fabric blockchain platform. DSN 2018.Google ScholarCross Ref
- Tendermint core. https://github.com/tendermint/tendermintGoogle Scholar
- H. Turki, F. Salgado, J. M. Camacho. HoneyLedgerBFT: Enabling Byzantine fault tolerance for the Hyperledger platform. Available: https://www.semanticscholar.org/Google Scholar
- R. van Renesse, C. Ho, and N. Schiper. Byzantine chain replication. OPODIS 2012.Google ScholarCross Ref
- G. S. Veronese, M. Correia, A. N. Bessani, and L. C. Lung. Spin one's wheels? Byzantine fault tolerance with a spinning primary. SRDS 2009. Google ScholarDigital Library
- Walmart, JD.com, IBM and Tsinghua University Launch a Blockchain Food Safety Alliance in China. https://www-03.ibm.com/press/us/en/pressrelease/53487.wssGoogle Scholar
- Z. Wilcox-O'Hearn. Zfec 1.5.2. https://pypi.python.org/pypi/zfecGoogle Scholar
- L. Zhou, F. B. Schneider, R. van Renesse. APSS: proactive secret sharing in asynchronous systems. ACM Trans. Inf. Syst. Secur. 8(3): 259--286 (2005) Google ScholarDigital Library
Index Terms
- BEAT: Asynchronous BFT Made Practical
Recommendations
Multi-Threshold Byzantine Fault Tolerance
CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications SecurityClassic Byzantine fault tolerant (BFT) protocols are designed for a specific timing model, most often one of the following: synchronous, asynchronous or partially synchronous. It is well known that the timing model and fault tolerance threshold present ...
Byzantine Fault Tolerance in the Age of Blockchains and Cloud Computing
CCSW'22: Proceedings of the 2022 on Cloud Computing Security WorkshopBFT is a generic technique used for ordering transactions on a distributed system even if a fraction of the processes are controlled by a malicious adversary. BFT is widely known as the model for permissioned blockchains, and is increasingly used in ...
Independent faults in the cloud
LADIS '10: Proceedings of the 4th International Workshop on Large Scale Distributed Systems and MiddlewareByzantine fault tolerant (BFT) protocols are replication-based solutions to the problem of tolerating the arbitrary failures of software and hardware components. The essential assumption for replication is independence of failures. In this paper, we ...
Comments