Efficient Byzantine agreement secure against general adversaries
This paper presents protocols for Byzantine agreement, i.e. for reliable broadcast, among a set of n players, some of which may be controlled by an adversary. It is well-known that Byzantine agreement is possible if and only if the number of cheaters is less than n/3. In this paper we consider a general adversary that is specified by a set of subsets of the player set (the adversary structure), and any one of these subsets may be corrupted by the adversary. The only condition we need is that no three of these subsets cover the full player set. A result of Hirt and Maurer implies that this condition is necessary and sufficient for the existence of a Byzantine agreement protocol, but the complexity of their protocols is generally exponential in the number of players. The purpose of this paper is to present the first protocol with polynomial message and computation complexity for any (even exponentially large) specification of the adversary structure. This closes a gap in a recent result of Cramer, Damgård and Maurer on applying span programs to secure multi-party computation.
Key wordsBroadcast Byzantine agreement general adversary multi-party computation fault detection
Unable to display preview. Download preview PDF.
- [BDDS87]A. Bar-Noy, D. Dolev, C. Dwork, and H. R. Strong. Shifting gears: Changing algorithms on the fly to expedite Byzantine agreement. In Proceedings of the Sixth Annual ACM Symposium on Principles of Distributed Computing, pages 42–51, 1987.Google Scholar
- [BGP89]P. Berman, J. A. Garay, and K. J. Perry. Towards optimal distributed consensus (extended abstract). In 30th Annual Symposium on Foundations of Computer Science, pages 410–415. IEEE, 1989.Google Scholar
- [BGW88]M. Ben-Or, S. Goldwasser, and A. Wigderson. Completeness theorems for non-cryptographic fault-tolerant distributed computation. In Proc. 20th ACM Symposium on the Theory of Computing (STOC), pages 1–10, 1988.Google Scholar
- [CCD88]D. Chaum, C. Crépeau, and I. Damgård. Multiparty unconditionally secure protocols (extended abstract). In Proc. 20th ACM Symposium on the Theory of Computing (STOC), pages 11–19, 1988.Google Scholar
- [CDM98]R. Cramer, I. Damgård, and U. Maurer. Span programs and general secure multi-party computation, Manuscript, 1998.Google Scholar
- [FM88]P. Feldman and S. Micali. Optimal algorithms for Byzantine agreement. In Proc. 20th ACM Symposium on the Theory of Computing (STOC), pages 148–161, 1988.Google Scholar
- [GM93]J. A. Garay and Y. Moses. Fully polynomial Byzantine agreement in t + 1 rounds (extended abstract). In Proceedings of the Twenty-Fifth Annual ACM Symposium on Theory of Computing, pages 31–41, 1993.Google Scholar
- [HM97]M. Hirt and U. Maurer. Complete characterization of adversaries tolerable in secure multi-party computation. In Proc. 16th ACM Symposium on Principles of Distributed Computing (PODC), pages 25–34, August 1997.Google Scholar
- [MR97]D. Malkhi and M. Reiter. Byzantine quorum systems. In Proceedings of the Twenty-Ninth Annual ACM Symposium on Theory of Computing, pages 569–578, 1997.Google Scholar