Abstract
The celebrated result of Fischer, Lynch and Paterson is the fundamental lower bound for asynchronous fault tolerant computation: any 1-crash resilient asynchronous agreement protocol must have some (possibly measure zero) probability of not terminating. In 1994, Ben-Or, Kelmer and Rabin published a proof-sketch of a lesser known lower bound for asynchronous fault tolerant computation with optimal resilience in face of a Byzantine adversary: if \(n\le 4t\) then any t-resilient asynchronous verifiable secret sharing protocol must have some non-zero probability of not terminating. Our main contribution is to revisit this lower bound and provide a rigorous and more general proof. Our second contribution is to show how to avoid this lower bound. We provide a protocol with optimal resilience that is almost surely terminating for a strong common coin functionality. Using this new primitive we provide an almost surely terminating protocol with optimal resilience for asynchronous Byzantine agreement that has a new fair validity property. To the best of our knowledge this is the first asynchronous Byzantine agreement with fair validity in the information theoretic setting.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Notes
BCG [6]: “our protocol, as well as the verifiable secret sharing protocol of [CR93], have the following annoying property: the exponentially small error probability includes an exponentially small non-zero probability of not terminating. This should be contrasted with the asynchronous Byzantine Agreement problem where the randomized protocol terminates with probability 1”.
S is the protocol for sharing a secret and R is the protocol for reconstructing it.
In order to avoid extreme cases of unending computation, a maximal number of computation steps can be imposed on each party in each round.
In order to prove the general case, the dealer can simulate the entire run for parties A, B, D round-by-round twice, once sharing the value 0 and once sharing the value 1. The dealer will only accept pairs of runs in which the messages exchanged between parties A and B are the same. Proving that there must exist such a pair of runs requires proving a lemma similar to the following lemma without conditioning upon the event \(\overline{long}\). Note that since the rounds almost-surely terminate, the sampling process will also terminate with probability 1. This will result in slight differences in the attacks and proofs, but with very similar techniques and ideas. The main difference is that all of the sampled probabilities will not be conditioned upon the event \(\overline{long}\).
References
Abraham, I., Dolev, D., Gonen, R., Halpern, J.: Distributed computing meets game theory: robust mechanisms for rational secret sharing and multiparty computation. In: Proceedings of the Twenty-Fifth Annual ACM Symposium on Principles of Distributed Computing, PODC’06, Association for Computing Machinery, New York, pp. 53–62 (2006)
Abraham, I., Dolev, D., Halpern, J.Y.: An almost-surely terminating polynomial protocol for asynchronous byzantine agreement with optimal resilience. In: Proceedings of the Twenty-Seventh ACM Symposium on Principles of Distributed Computing, PODC’08, Association for Computing Machinery, New York, pp. 405–414 (2008)
Abraham, I., Malkhi, D., Spiegelman, A.: Validated asynchronous byzantine agreement with optimal resilience and asymptotically optimal time and word communication (2018)
Backes, M., Datta, A., Kate, A.: Asynchronous computational VSS with reduced communication complexity. In: Cryptographers’ Track at the RSA Conference, Springer, pp. 259–276 (2013)
Ben-Or, M.: Another advantage of free choice (extended abstract): completely asynchronous agreement protocols. In: Proceedings of the Second Annual ACM Symposium on Principles of Distributed Computing, PODC ’83 (1983)
Ben-Or, M., Canetti, R., Goldreich, O.: Asynchronous secure computation. In: Proceedings of the Twenty-Fifth Annual ACM Symposium on Theory of Computing, STOC’93, Association for Computing Machinery, New York, pp. 52–61 (1993)
Ben-Or, M., Kelmer, B., Rabin, T.: Asynchronous secure computations with optimal resilience (extended abstract). In: Proceedings of the Thirteenth Annual ACM Symposium on Principles of Distributed Computing, PODC’94, Association for Computing Machinery, New York, pp. 183–192 (1994)
Bracha, G.: Asynchronous byzantine agreement protocols. Inf. Comput. 75(2), 130–143 (1987)
Canetti, R., Rabin, T.: Fast asynchronous byzantine agreement with optimal resilience. In: Proceedings of the Twenty-Fifth Annual ACM Symposium on Theory of Computing, STOC ’93, ACM, New York, pp. 42–51 (1993)
Dwork, C., Lynch, N., Stockmeyer, L.: Consensus in the presence of partial synchrony. J. ACM 35(2), 288–323 (1988)
Fischer, M.J., Lynch, N.A., Merritt, M.: Easy impossibility proofs for distributed consensus problems. In: Proceedings of the Fourth Annual ACM Symposium on Principles of Distributed Computing, PODC’85, Association for Computing Machinery, New York, pp. 59–70 (1985)
Fischer, M.J., Lynch, N.A., Paterson, M.S.: Impossibility of distributed consensus with one faulty process. J. ACM 32(2), 374–382 (1985)
Kuo, P.-C., Chung, H., Chao, T.-W., Cheng, C.-M.: Fair byzantine agreements for blockchains. IEEE Access 8, 70746–70761 (2020)
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Abraham, I., Dolev, D. & Stern, G. Revisiting asynchronous fault tolerant computation with optimal resilience. Distrib. Comput. 35, 333–355 (2022). https://doi.org/10.1007/s00446-021-00416-4
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00446-021-00416-4