TY - GEN
T1 - Asynchronous reconfiguration with byzantine failures
AU - Kuznetsov, Petr
AU - Tonkikh, Andrei
N1 - Publisher Copyright:
© Petr Kuznetsov and Andrei Tonkikh; licensed under Creative Commons License CC-BY 34th International Symposium on Distributed Computing (DISC 2020).
PY - 2020/10/1
Y1 - 2020/10/1
N2 - Replicated services are inherently vulnerable to failures and security breaches. In a long-running system, it is, therefore, indispensable to maintain a reconfiguration mechanism that would replace faulty replicas with correct ones. An important challenge is to enable reconfiguration without affecting the availability and consistency of the replicated data: the clients should be able to get correct service even when the set of service replicas is being updated. In this paper, we address the problem of reconfiguration in the presence of Byzantine failures: faulty replicas or clients may arbitrarily deviate from their expected behavior. We describe a generic technique for building asynchronous and Byzantine fault-tolerant reconfigurable objects: clients can manipulate the object data and issue reconfiguration calls without reaching consensus on the current configuration. With the help of forward-secure digital signatures, our solution makes sure that superseded and possibly compromised configurations are harmless, that slow clients cannot be fooled into reading stale data, and that Byzantine clients cannot cause a denial of service by flooding the system with reconfiguration requests. Our approach is modular and based on dynamic lattice agreement abstraction, and we discuss how to extend it to enable Byzantine fault-tolerant implementations of a large class of reconfigurable replicated services.
AB - Replicated services are inherently vulnerable to failures and security breaches. In a long-running system, it is, therefore, indispensable to maintain a reconfiguration mechanism that would replace faulty replicas with correct ones. An important challenge is to enable reconfiguration without affecting the availability and consistency of the replicated data: the clients should be able to get correct service even when the set of service replicas is being updated. In this paper, we address the problem of reconfiguration in the presence of Byzantine failures: faulty replicas or clients may arbitrarily deviate from their expected behavior. We describe a generic technique for building asynchronous and Byzantine fault-tolerant reconfigurable objects: clients can manipulate the object data and issue reconfiguration calls without reaching consensus on the current configuration. With the help of forward-secure digital signatures, our solution makes sure that superseded and possibly compromised configurations are harmless, that slow clients cannot be fooled into reading stale data, and that Byzantine clients cannot cause a denial of service by flooding the system with reconfiguration requests. Our approach is modular and based on dynamic lattice agreement abstraction, and we discuss how to extend it to enable Byzantine fault-tolerant implementations of a large class of reconfigurable replicated services.
KW - Asynchronous models
KW - Byzantine faults
KW - Reconfiguration
U2 - 10.4230/LIPIcs.DISC.2020.27
DO - 10.4230/LIPIcs.DISC.2020.27
M3 - Conference contribution
AN - SCOPUS:85109497521
T3 - Leibniz International Proceedings in Informatics, LIPIcs
BT - 34th International Symposium on Distributed Computing, DISC 2020
A2 - Attiya, Hagit
PB - Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing
T2 - 34th International Symposium on Distributed Computing, DISC 2020
Y2 - 12 October 2020 through 16 October 2020
ER -