Random Oracles in Constantinople: Practical Asynchronous Byzantine Agreement Using Cryptography

@article{Cachin2005RandomOI,
  title={Random Oracles in Constantinople: Practical Asynchronous Byzantine Agreement Using Cryptography},
  author={Christian Cachin and Klaus Kursawe and Victor Shoup},
  journal={Journal of Cryptology},
  year={2005},
  volume={18},
  pages={219-246}
}
AbstractByzantine agreement requires a set of parties in a distributed system to agree on a value even if some parties are maliciously misbehaving. A new protocol for Byzantine agreement in a completely asynchronous network is presented that makes use of new cryptographic protocols, specifically protocols for threshold signatures and coin-tossing. These cryptographic protocols have practical and provably secure implementations in the random oracle model. In particular, a coin-tossing… 

Round-Efficient Byzantine Agreement and Multi-Party Computation with Asynchronous Fallback

TLDR
Round-efficient constructions for both primitives with optimal resilience are provided: fixed-round and expected constant-round BA protocols, and an MPC protocol whose round complexity is independent of the circuit depth.

Efficient Asynchronous Byzantine Agreement without Private Setups

TLDR
This work presents a systematic treatment of reasonably fair common randomness protocols in the asynchronous network, and gives a reasonably fair random leader election protocol with expected O ( λn 3 ) communication and expected constant rounds.

Round-Optimal Byzantine Agreement

TLDR
This work presents a protocol that matches the lower bound up to constant factors, and is the first protocol that decreases the failure probability (overall) by a super-constant factor per round.

Practical Asynchronous Distributed Key Generation

TLDR
This paper presents a simple and concretely efficient asynchronous DKG (ADKG) protocol, which produces a field element as the secret and is thus compatible with off-the-shelf threshold cryptosystems.

Distributed Key Generation in the Wild

TLDR
This work proposes a practical system model for the Internet and defines an efficient verifiable secret sharing (VSS) scheme in it and designs a provably secure DKG protocol, which is implemented and establishes its efficiency and reliability by extensively testing it on the PlanetLab platform.

On the Number of Synchronous Rounds Sufficient for Authenticated Byzantine Agreement

TLDR
This paper shows that, in the model with a public-key infrastructure and signatures (aka authenticated Byzantine agreement), d + O(1) deterministic synchronous rounds are sufficient where d is the minimal integer such that n - d > 3(t - d).

Almost-Asynchronous MPC under Honest Majority, Revisited

TLDR
The novel computation framework that is introduced for (iii), revolves around players denoted as “kings”, which, in contrast to Podc’10, are now replaceable after every elementary step of the computation.

Combining Asynchronous and Synchronous Byzantine Agreement: The Best of Both Worlds

  • J. LossT. Moran
  • Computer Science, Mathematics
    IACR Cryptol. ePrint Arch.
  • 2018
TLDR
The first generic compilers that combine BA protocols under different network and synchrony assumptions and preserve both the efficiency and robustness of their building blocks are given, giving the first efficient protocol for (binary) asynchronous byzantine agreement (ABA) which tolerates adaptive corruptions and matches the communication complexity of the best protocols in the static case.

Asynchronous Byzantine Agreement with Subquadratic Communication

TLDR
This work shows asynchronous BA protocols with (expected) subquadratic communication complexity tolerating an adaptive adversary who can corrupt f ≤ (1− )n/3 of the parties (for any > 0) and shows a secure-computation protocol in the same threat model that has o(n) communication when computing no-input functionalities with short output.

Specification of Dependable Trusted Third Parties

TLDR
An architecture for secure service replication in an asynchronous network like the Internet, where a malicious adversary may corrupt some servers and control the network is described, and a randomized asynchronous atomic broadcast protocol is presented that maintains liveness and safety at the same time.
...

References

SHOWING 1-10 OF 68 REFERENCES

An Optimal Probabilistic Protocol for Synchronous Byzantine Agreement

TLDR
This paper exhibits a protocol that, in probabilistic polynomial time and without relying on any external trusted party, reaches Byzantine agreement in an expected constant number of rounds and in the worst natural fault model.

Optimistic Asynchronous Byzantine Agreement

TLDR
The optimistic approach to the Byzantine agreement problem is proposed, combining the eÆciency of fully synchronous protocols with the robustness of asynchronous ones, giving a maximum of security while being more e Æcient than most (less secure) protocols.

An asynchronous protocol for distributed computation of RSA inverses and its applications

  • C. Cachin
  • Computer Science, Mathematics
    PODC '03
  • 2003
TLDR
An efficient asynchronous protocol to compute RSA inverses with respect to a public RSA modulus N whose factorization is secret and shared among a group of parties, without the use of random oracles is presented.

Optimistic Byzantine agreement

  • K. Kursawe
  • Computer Science
    21st IEEE Symposium on Reliable Distributed Systems, 2002. Proceedings.
  • 2002
TLDR
An optimized version of the randomized Byzantine agreement protocol of Cachin et al. (2000) is presented, which is computationally less expensive and not only tolerates malicious parties, but also some loss of messages; it might therefore be of independent interest.

Secure INtrusion-Tolerant Replication on the Internet

  • C. CachinJ. Poritz
  • Computer Science
    Proceedings International Conference on Dependable Systems and Networks
  • 2002
TLDR
The implementation of SINTRA in Java is described and timing measurements are given for a test-bed of servers distributed over three continents, showing that extensive use of public-key cryptography does not impose a large overhead for secure coordination in wide-area networks.

Authenticated Algorithms for Byzantine Agreement

TLDR
This paper presents algorithms for reaching agreement based on authentication that require a total number of messages sent by correctly operating processors that is polynomial in both t and the number of processors, n.

Provably secure session key distribution: the three party case

TLDR
This paper provides the first treatment of session key distribution in the three-party setting of Needham and Schroeder in the complexity-theoretic framework of modern cryptography, assuming the (minimal) assumption of a pseudorandom function.

An Efficient Threshold Public Key Cryptosystem Secure Against Adaptive Chosen Ciphertext Attack

This paper proposes a simple threshold Public-Key Cryptosystem (PKC) which is secure against adaptive chosen ciphertext attack, under the Decisional Diffie-Hellman (DDH) intractability assumption.

Random oracles are practical: a paradigm for designing efficient protocols

TLDR
It is argued that the random oracles model—where all parties have access to a public random oracle—provides a bridge between cryptographic theory and cryptographic practice, and yields protocols much more efficient than standard ones while retaining many of the advantages of provable security.

Randomized distributed agreement revisited

  • P. BermanJ. Garay
  • Computer Science
    FTCS-23 The Twenty-Third International Symposium on Fault-Tolerant Computing
  • 1993
TLDR
The authors present a succint and efficient randomized distributed agreement protocol for asynchronous networks that works for n > 5t processors, where n is the size of the network and the protocol has low communication complexity and does not require any cryptographic assumption.
...