The Byzantine Generals Problems

LESLIE LAMPORT, ROBERT SHOSTAK, and MARSHALL PEASE

!
Present by: Nguyen Thi Mai & Nguyen Van Luong
 Motivation
A reliable computer system must be able to cope
with a failure of one or more of its components

A failed computer behaviour in this case:

Sending conflicting messages to different

parts of the system

Not sending some of the messages

 Motivation
All generals must agree
upon a common battle
plan

Communicate only be
messenger

Some of generals are

traitors who try to confuse
the others
 Outline

Motivation

Oral Messages algorithm

Signed Messages algorithm

Conclusion
 Formally
1. All loyal lieutenants obey the same order

2. If the commander is loyal, then every loyal

lieutenant obeys the order he sends
Oral Message algorithm

Assumptions:

Every message that is sent is delivered

correctly

A receiver of a message knows who sent it

The absence of a message can be detected

 Oral Message algorithm
A recursive definition, with a base case for m=0, and a recursive step for m > 0:

Algorithm OM(0) :

1.The commander sends his value to every lieutenant.

2.Each lieutenant uses the value he receives from the commander.

Algorithm OM(m), m > 0

1.The commander sends his value to each lieutenant.

2.For each i, let vi be the value lieutenant i receives from the commander. Lieutenant
i acts as the commander in Algorithm OM(m-1) to send the value vi to each of the
n-2 other lieutenants.

3.For each i, and each j ≠ i, let vi be the value lieutenant i received from lieutenant j in
step 2 (using Algorithm OM(m-1)). Lieutenant i uses the value Majority(v1, v2, …
vn).
Oral Message algorithm
Lemma 1:

For any m and k, Algorithm OM(m) satisfies (2)

if there are more than 2k+m generals and at
most k traitors

Theorem 1:

For any m, algorithm OM(m) satisfies conditions

1 and 2 if there are more than 3m generals, and
at most m traitors.
Oral Message algorithm
Example: Bad Lieutenant
Scenario: m=1, n=4, traitor = L3
C
A A
OM(1): A
L1 L2 L3

OM(0):???
L1 A L2 L3
R
A
R
Decision?? L1 = m (A, A, R); L2 = m (A, A, R); Both attack!
Oral Message algorithm
Example: Bad Commander
Scenario: m=1, n=4, traitor = C
C
A A
OM(1): R
L1 L2 L3

A
OM(0):???
L1 A L2 R L3
A
R
A
Decision?? L1=m(A, R, A); L2=m(A, R, A); L3=m(A,R,A); Attack!
Signed Message algorithm
More assumptions:

A loyal general’s signature cannot be forged, and any

alteration of the contents of his signed message can be
detected

Anyone can verify the authenticity of a general’s

signature

=> There exists an algorithm that copes with m traitors

for any number of generals (n≥m+2)
Signed Message algorithm
1. Commander signs v and sends to all as (v:0)
2. Each lieutenant i:
A) If receive (v:0) and no other order
1) Vi = v
2) send (V:0:i) to all
B) If receive (v:0:j:...:k) and v not in Vi
1) Add v to Vi
2) if (k<m) send (v:0:j:...:k:i) to all not in j...k
3. When no more msgs, obey order of choice(Vi)
Signed Message algorithm

choice(V):
• If V={v} then choice(V)= v
• choice(Empty)=Default
Signed Message algorithm
SM(1) Example: Bad Commander
Scenario: m=1, n=m+2=3, bad commander
C
A:0 R:0

L1 L2

What next? A:0:L1

L1 L2

R:0:L2
V1={A,R} V2={R,A}

Both L1 and L2 can trust orders are from C

Both apply same decision to {A,R}
Signed Message algorithm
SM(2): Bad Commander+
Scenario: m=2, n=m+2=4, bad commander and L3
C Goal? L1 and L2
A:0 x
A:0 must make same
decision
L1 L2 L3

A:0:L1 R:0:L3:L1
L1 A:0:L2 L2 A:0:L3 L3
L1 L2

R:0:L3

V1 = V2 = {A,R} ==> Same decision

 Conclusion
Problem: To implement a fault-tolerant service with coordinated replicas, must
agree on inputs

Byzantine failures make agreement challenging: Produce arbitrary output, can’t

detect, collude

User different agreement protocol depending on assumptions:

Oral messages:

Need 3f+1 nodes to tolerate f failures

Difficult because traitors can lie about what others said

Signed messages:

Need f+2 nodes

Easier because traitors can only lie about other traitors

“Question???”