Byzantine Clients Rendered Harmless
The original work on quorum systems assumed that servers fail benignly, by crashing or omitting some steps. More recently, researchers have developed techniques that enable quorum systems to provide data availability in the presence of arbitrary (Byzantine) faults . Earlier work provides correct semantics despite server (i.e., replica) failures and also handles some of the problems of Byzantine clients [1,2,4,6, 9].
This paper describes the first protocols to handle all problems caused by Byzantine clients. Our protocols ensure that bad clients cannot interfere with good clients. Bad clients cannot prevent good clients from completing reads and writes, nor can they cause good clients to see inconsistencies. In addition bad clients that have been removed from operation can leave behind at most a bounded number of “lurking” writes that could be done on their behalf by a colluder.
Unable to display preview. Download preview PDF.
- 2.Cachin, C., Tessaro, S.: Optimal resilience for erasure-coded byzantine distributed storage. Technical Report RZ 3575, IBM Research (February 2005)Google Scholar
- 3.Castro, M., Liskov, B.: Practical Byzantine Fault Tolerance. In: Proc. 3rd OSDI (February 1999)Google Scholar
- 4.Goodson, G., Wylie, J., Ganger, G., Reiter, M.: Efficient byzantine-tolerant erasure-coded storage. In: Proc. of the International Conference on Dependable Systems and Networks (June 2004)Google Scholar
- 5.Liskov, B., Rodrigues, R.: Byzantine clients rendered harmless. Technical Report MIT-LCS-TR-994 and INESC-ID TR-10- (July 2005)Google Scholar
- 7.Malkhi, D., Reiter, M.: Secure and scalable replication in phalanx. In: Proc. 17th SRDS (October 1998)Google Scholar
- 8.Malkhi, D., Reiter, M., Lynch, N.: A Correctness Condition for Memory Shared by Byzantine Processes (September 1998) (unpublished manuscript)Google Scholar
- 9.Martin, J., Alvisi, L., Dahlin, M.: Minimal Byzantine storage. Technical Report TR-02-38, University of Texas at Austin, Department of Computer Sciences (August 2002)Google Scholar