the byzantine generals problem
DESCRIPTION
The Byzantine Generals Problem. prepared by Ilya Kolchinsky. Problem description. n generals, communicating through messengers some of the generals (up to m ) might be traitors all loyal generals should decide on the same plan of action - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/1.jpg)
The Byzantine Generals Problem
prepared by Ilya Kolchinsky
![Page 2: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/2.jpg)
n generals, communicating through messengers some of the generals (up to m) might be traitors all loyal generals should decide on the same
plan of action a small number of traitors cannot cause the
loyal generals to adopt a bad plan every general sends v(i)
◦ every loyal general must obtain exactly same v(i)’s◦ if the i-th general is loyal, the value that he sends
must be used by all loyal generals as v(i)
Problem description
![Page 3: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/3.jpg)
synchronous network (why?) for now: every general can directly
communicate with any other general (fully-connected network)
reduction to the problem of a single general and multiple lieutenants◦ why is it sufficient?
Problem assumptions
![Page 4: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/4.jpg)
A commanding general must send an order to his n-1 lieutenant generals such that interactive consistency holds in presence of at most m traitors:◦ IC1: all loyal lieutenants obey the same order◦ IC2: if the commanding general is loyal, then all
loyal lieutenants obey the order he sends If the commander is loyal, IC2 is enough
Byzantine Generals Problem definition
![Page 5: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/5.jpg)
Examine a case of three generals, one traitor
The only possible messages are “attack” and “retreat”
Sounds simple?
Is it at all possible?
![Page 6: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/6.jpg)
Three generals, single traitor
Commander
Lieutenant
Lieutenant
attack attack
he said “retreat”
if ((X received from C) and (Y received from L)): execute X
Commander
Lieutenant
attackretreat
he said “attack”
he said “retreat”
if ((X received from C) and (Y received from L)): execute X
Retreat!
Attack!
![Page 7: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/7.jpg)
No solution with fewer than 3m+1 generals can cope with more than m traitors
Proof: by contradiction and reduction to 3-generals problem◦ assume that a solution exists for 3m generals or
fewer◦ make each of the 3 generals simulate approximately
one third of 3m generals◦ since at most one general can be a traitor, there are
at most m traitors among 3m generals◦ reduction solves the problem of 3 generals, a
contradiction.
Impossibility Results
![Page 8: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/8.jpg)
All generals execute the same algorithm◦ sending messages◦ receiving messages◦ performing local computations
Assumptions◦ every message that is sent is delivered correctly◦ the receiver of the message knows who sent it◦ the absence of the message can be detected
A solution with oral messages
![Page 9: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/9.jpg)
majority function, capable of selecting a majority value from a set of multiple values◦
a default value to assume in case of a traitor which chooses not to send messages◦ must be consistently returned by majority if no
majority value exists
OM(m) - requirements
vvvvmajority n ,,, 21
![Page 10: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/10.jpg)
OM(0):1. the commander sends its value to every lieutenant2. each lieutenant uses the value he receives from the
commander, or the default value if no value is received OM(m), m > 0:
1. the commander sends its value to every lieutenant2. for each i, lieutenant i sends the previously obtained
value to n-2 other lieutenants using OM(m-1)3. For each i, and each j≠i, let Vj be the value lieutenant i
received from lieutenant j in previous step (using OM(m-1)). Lieutenant i uses the value
OM(m)
nvvmajority ,,1
![Page 11: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/11.jpg)
ExampleC
L
L
LL
L
L attack
attack
attack
attack
attack
attack
retreatattack
attackretreat
attackattackretreatattackattackretreatattack
attackretreatattackattackretreatattack
attackretreatattackattackretreatattack
attackretreatattackattackretreatattackattack
attack attack
attack
retreatretreatretreatretreatretreatretreat
retreatretreatretreatretreatretreatretreat
retreatretreatretreatretreatretreatretreat
retreatretreatretreatretreatretreatretreatretreat
retreat retreat
retreat
attackretreatattackattackretreatattack
attackretreatattackattackretreatattack
attackretreatattackattackretreatattack
attackretreatattackattackretreatattackattack
attack attack
attack
attackretreatattackattackretreatattack
attackretreatattackattackretreatattack
attackretreatattackattackretreatattack
attackretreatattackattackretreatattackattack
attack attack
attack
retreatretreatretreatretreatretreatretreat
retreatretreatretreatretreatretreatretreat
retreatretreatretreatretreatretreatretreat
retreatretreatretreatretreatretreatretreatretreat
retreat retreat
retreat
attackretreatattackattackretreatattack
attackretreatattackattackretreatattack
attackretreatattackattackretreatattack
attackretreatattackattackretreatattackattack
attack attack
attack
attack
attack attack
attack
m= 21010101010102
![Page 12: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/12.jpg)
Why would this example fail if there were 3 traitors?
Why is a single iteration insufficient and two are required?
Example - questions
![Page 13: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/13.jpg)
Lemma: For any m and k, OM(m) satisfies IC2 if there are more than 2k+m generals and at most k traitors
Proof: by induction on m◦ m=0: OM(0) works if the commander is loyal◦ assume the claim holds for m-1,m>0◦ in step (2), each lieutenant i receives value v and applies
OM(m-1) with n-1 generals n > 2k + m ⇒ n-1 > (2k + m) – 1 = 2k + (m-1) by induction hypothesis, each loyal lieutenant gets the value v
◦ there are at most k traitors and n-1 > 2k + (m-1)≥ 2k, majority of the lieutenants are loyal
OM(m) correctness
vvvmajority n ,,1
![Page 14: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/14.jpg)
Theorem: For any m, Algorithm OM(m) satisfies conditions IC1 and IC2 if there are more than 3m generals and at most m traitors.
Proof: by induction on m◦ m=0: no traitors, hence OM(0) satisfies IC1 and IC2◦ assume the claim holds for m-1,m>0◦ if the commander is loyal, conditions hold by the Lemma◦ if the commander is a traitor
there are more than 3m-1 lieutenants, at most m-1 are traitors
by induction hypothesis, OM(m-1) satisfies IC1 and IC2 any two loyal lieutenants get the same vector of values by determinism of majority function, any two loyal
lieutenants obtain the same value v
OM(m) correctness
![Page 15: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/15.jpg)
Number of messages?◦ (n-1)(n-2)…(n-m-1)
Time required?◦ m+1
OM(m) complexity
![Page 16: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/16.jpg)
Introducing new assumptions:◦ a loyal general's signature cannot be forged, and
any alteration of the contents of his signed messages can be detected
◦ anyone can verify the authenticity of a general's signature
A solution with signed messages
![Page 17: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/17.jpg)
The algorithm requires a choice function which receives a set of values and satisfies the following properties:◦ if the set consists of a single element v, choice
returns v◦ if the set is empty, choice returns the default
value
SM(m) requirements
![Page 18: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/18.jpg)
1. For each i: 2. The commander signs and sends his value to
every lieutenant3. For each lieutenant i:
A. If a message of the form v:0 received from the commander and no order has been received yet, then1. 2. Send v:0:i to every other lieutenant
B. If a message of the form and , then1. 2. if k < m, send the message to every
lieutenant other than4. When lieutenant i will receive no more messages,
he obeys the order
SM(m)iV
vVi
kjjv :::0: 1 iVv
vVV ii ijjv k ::::0: 1
kjj ,,1
iVchoice
![Page 19: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/19.jpg)
ExampleC
L1
L2
L3
attack : 0
attack : 0
retreat : 0
attack : 0 : 1
attack : 0 : 2attack : 0 : 2
retreat : 0 : 3
retreat : 0 : 3
retreat : 0 : 3 : 2
attack : 0 : 2 : 3
V2}{=
V3}{=
V2={attack}
V3={retreat}V3={retreat,attack}
V3={attack,retreat}
Order = CHOICE(attack,retreat)
![Page 20: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/20.jpg)
Theorem: For any m, Algorithm SM(m) solves the Byzantine Generals problem if there are at most m traitors.
IC2:◦ each loyal lieutenant receives commander’s order◦ no additional order can be received by any loyal
lieutenant◦ hence, for each lieutenant the set will consist
of a single order, which he will obey by property of choice function
SM(m) correctness
iV
![Page 21: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/21.jpg)
IC1 follows from IC2 if the commander is loyal
Assume the commander is a traitor Lemma (see proof below): if lieutenant i
puts an order v into , then lieutenant j must put an order v into .
For each two loyal lieutenants i,j, the sets are the same
Each two loyal lieutenants i,j obey the same order, which completes the proof
SM(m) correctness (contd.)
iVjV
ji VV ,
![Page 22: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/22.jpg)
Case 1: i receives the order v:0 in step 3a◦ in this case, i sends it to j in step 3a(2), hence j receives it
• Case 2: i receives the order in step 3b, and j is one of the◦ in this case, j must already have received the order v
• Case 3: i receives the order in step 3b, j is not one of the and k<m◦ in this case, i sends the message to j, so j must
receive the order v• Case 4: i receives the order in step 3b, j is not one of
the and k=m◦ since the commander is a traitor, at most m-1 of the lieutenants
are traitors◦ hence, at least one of the lieutenants is loyal◦ this loyal lieutenant must have sent j the value v when he first
received it, so j must therefore receive that value
SM(m) correctness – proof of the lemma
kjjv :::0: 1 rj
kjjv :::0: 1 rj
ijjv k ::::0: 1
kjjv :::0: 1 rj
kjj ,,1
![Page 23: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/23.jpg)
removing an assumption regarding the fully-connected network
what is the new upper bound on number of traitors?
General Network Topology
![Page 24: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/24.jpg)
every processor knows the topology of the network every message includes the route through which it
is supposed to be delivered a reliable processor validates the route
◦ drops a message if received from a wrong neighbor◦ forwards a message to a neighbor only if it appears next
to itself in the route Definition: t-connected graph is a graph in which
there exist at least t disjoint paths between every pair of nodes
Claim: if t >= 2m+1 and there are more than 3m processors, the problem is solvable
Assumptions for BGP in general networks
![Page 25: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/25.jpg)
Definition: Let be the set of copies of the commander’s order received by the lieutenant i. Let be a set of lieutenants. A set is called a set of suspicious lieutenants determined by i if every message that did not pass through lieutenants in carries the same value.
Algorithm 1. If a set of up to m suspicious lieutenants exists, then
the purified value is the value of the messages that did not pass through . If no message is left, the default value is returned.
2. If there is no set of cardinality up to m, then the default value is returned.
The Algorithm raa ,1
iU
iU
ia
iU
iaaPurifying r ;,1 iU
iU
iU
![Page 26: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/26.jpg)
BG(0):1. the commander sends its value to every lieutenant via
2m+1 disjoint paths2. each lieutenant applies the purifying algorithm on the
received values to find the value the commander intended to deliver
BG(k), k > 0:1. the commander sends its value to every lieutenant via
2m+1 disjoint paths2. each lieutenant applies the purifying algorithm on the
received values to find the value the commander intended to deliver
3. for each i, lieutenant i sends the previously obtained value to n-2 other lieutenants using BG(k-1)
4. For each i, and each j≠i, let Vj be the value lieutenant i received from lieutenant j in previous step (using BG(k-1)). Lieutenant i uses the value
The Algorithm (contd.)
nvvmajority ,,1
![Page 27: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/27.jpg)
Example
CL1
L2
L3
L4
attack
attack
attack
attack
retreat
retreat
attackattack
attackattack
attackattack
attack
attack
attack
CL1
attack
attack
attack
attackretreat
retreat
attackL2
attackretreat
attack attack
attack
attack attack
attack
attack
attack
attack
L4retreat
retreat
retreatL3attack
attack
attackattack
![Page 28: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/28.jpg)
Lemma: by use of Purifying algorithm every lieutenant can obtain the order sent by a loyal commander in presence of m traitors, if the connectivity of the network is at least 2m+1
Proof:◦ let be the set of all the copies of the commander’s
order that lieutenant i receives◦ there are at most m faulty lieutenants, therefore at most m
copies might be lost. This implies that the number of received copies, r, is at least m+1, a majority
◦ at least m+1 of the messages are relayed through routes which contain only reliable lieutenants
◦ hence, at least m+1 of the received copies carry the original order
◦ by definition of the Purifying Algorithm, only up to m independent copies can be eliminated, there are m+1 of independent copies of the correct value, hence they cannot be eliminated, which completes the proof.
Proof of correctness
raa ,,1
![Page 29: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/29.jpg)
The rest of the proof is identical to the proof of correctness for OM(m), with an additional usage of the above lemma
Proof of correctness (contd.)
![Page 30: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/30.jpg)
Solutions exist for Byzantine Generals Problem under various hypotheses
These solutions are expensive◦ in amount of time◦ in amount of messages required
The main reason is the requirement of achieving reliability in presence of arbitrary malfunctioning
Assumptions can be changed and agreements can be relaxed
Conclusions
![Page 31: The Byzantine Generals Problem](https://reader035.vdocument.in/reader035/viewer/2022062501/568162a3550346895dd31f92/html5/thumbnails/31.jpg)
L. Lamport, R. Shostak, M. Pease, “The Byzantine Generals Problem”, TPLS 4(3), 1982.
Dolev, D. “The Byzantine generals strike again” J. Algorithms 3, 1 (Jan. 1982).
References