-
Colordag: An Incentive-Compatible Blockchain
Authors:
Ittai Abraham,
Danny Dolev,
Ittay Eyal,
Joseph Y. Halpern
Abstract:
We present Colordag, a blockchain protocol where following the prescribed strategy is, with high probability, a best response as long as all miners have less than 1/2 of the mining power. We prove the correctness of Colordag even if there is an extremely powerful adversary who knows future actions of the scheduler: specifically, when agents will generate blocks and when messages will arrive. The s…
▽ More
We present Colordag, a blockchain protocol where following the prescribed strategy is, with high probability, a best response as long as all miners have less than 1/2 of the mining power. We prove the correctness of Colordag even if there is an extremely powerful adversary who knows future actions of the scheduler: specifically, when agents will generate blocks and when messages will arrive. The state-of-the-art protocol, Fruitchain, is an epsilon-Nash equilibrium as long as all miners have less than 1/2 of the mining power. However, there is a simple deviation that guarantees that deviators are never worse off than they would be by following Fruitchain, and can sometimes do better. Thus, agents are motivated to deviate. Colordag implements a solution concept that we call epsilon-sure Nash equilibrium and does not suffer from this problem. Because it is an epsilon-sure Nash equilibrium, Colordag is an epsilon Nash equilibrium and with probability (1 - epsilon) is a best response.
△ Less
Submitted 22 August, 2023;
originally announced August 2023.
-
Revisiting Asynchronous Fault Tolerant Computation with Optimal Resilience
Authors:
Ittai Abraham,
Danny Dolev,
Gilad Stern
Abstract:
The celebrated result of Fischer, Lynch and Paterson is the fundamental lower bound for asynchronous fault tolerant computation: any 1-crash resilient asynchronous agreement protocol must have some (possibly measure zero) probability of not terminating. In 1994, Ben-Or, Kelmer and Rabin published a proof-sketch of a lesser known lower bound for asynchronous fault tolerant computation with optimal…
▽ More
The celebrated result of Fischer, Lynch and Paterson is the fundamental lower bound for asynchronous fault tolerant computation: any 1-crash resilient asynchronous agreement protocol must have some (possibly measure zero) probability of not terminating. In 1994, Ben-Or, Kelmer and Rabin published a proof-sketch of a lesser known lower bound for asynchronous fault tolerant computation with optimal resilience against a Byzantine adversary: if $n\le 4t$ then any t-resilient asynchronous verifiable secret sharing protocol must have some non-zero probability of not terminating.
Our main contribution is to revisit this lower bound and provide a rigorous and more general proof. Our second contribution is to show how to avoid this lower bound. We provide a protocol with optimal resilience that is almost surely terminating for a strong common coin functionality. Using this new primitive we provide an almost surely terminating protocol with optimal resilience for asynchronous Byzantine agreement that has a new fair validity property. To the best of our knowledge this is the first asynchronous Byzantine agreement with fair validity in the information theoretic setting.
△ Less
Submitted 31 July, 2020; v1 submitted 30 June, 2020;
originally announced June 2020.
-
Implementing Mediators with Asynchronous Cheap Talk
Authors:
Ittai Abraham,
Danny Dolev,
Ivan Geffner,
Joseph Y. Halpern
Abstract:
A mediator can help non-cooperative agents obtain an equilibrium that may otherwise not be possible. We study the ability of players to obtain the same equilibrium without a mediator, using only cheap talk, that is, nonbinding pre-play communication. Previous work has considered this problem in a synchronous setting. Here we consider the effect of asynchrony on the problem, and provide upper bound…
▽ More
A mediator can help non-cooperative agents obtain an equilibrium that may otherwise not be possible. We study the ability of players to obtain the same equilibrium without a mediator, using only cheap talk, that is, nonbinding pre-play communication. Previous work has considered this problem in a synchronous setting. Here we consider the effect of asynchrony on the problem, and provide upper bounds for implementing mediators. Considering asynchronous environments introduces new subtleties, including exactly what solution concept is most appropriate and determining what move is played if the cheap talk goes on forever. Different results are obtained depending on whether the move after such "infinite play" is under the control of the players or part of the description of the game.
△ Less
Submitted 4 June, 2018;
originally announced June 2018.
-
Communication Complexity of Byzantine Agreement, Revisited
Authors:
Ittai Abraham,
T-H. Hubert Chan,
Danny Dolev,
Kartik Nayak,
Rafael Pass,
Ling Ren,
Elaine Shi
Abstract:
As Byzantine Agreement (BA) protocols find application in large-scale decentralized cryptocurrencies, an increasingly important problem is to design BA protocols with improved communication complexity. A few existing works have shown how to achieve subquadratic BA under an {\it adaptive} adversary. Intriguingly, they all make a common relaxation about the adaptivity of the attacker, that is, if an…
▽ More
As Byzantine Agreement (BA) protocols find application in large-scale decentralized cryptocurrencies, an increasingly important problem is to design BA protocols with improved communication complexity. A few existing works have shown how to achieve subquadratic BA under an {\it adaptive} adversary. Intriguingly, they all make a common relaxation about the adaptivity of the attacker, that is, if an honest node sends a message and then gets corrupted in some round, the adversary {\it cannot erase the message that was already sent} --- henceforth we say that such an adversary cannot perform "after-the-fact removal". By contrast, many (super-)quadratic BA protocols in the literature can tolerate after-the-fact removal. In this paper, we first prove that disallowing after-the-fact removal is necessary for achieving subquadratic-communication BA.
Next, we show new subquadratic binary BA constructions (of course, assuming no after-the-fact removal) that achieves near-optimal resilience and expected constant rounds under standard cryptographic assumptions and a public-key infrastructure (PKI) in both synchronous and partially synchronous settings. In comparison, all known subquadratic protocols make additional strong assumptions such as random oracles or the ability of honest nodes to erase secrets from memory, and even with these strong assumptions, no prior work can achieve the above properties. Lastly, we show that some setup assumption is necessary for achieving subquadratic multicast-based BA.
△ Less
Submitted 15 February, 2020; v1 submitted 9 May, 2018;
originally announced May 2018.
-
Efficient Synchronous Byzantine Consensus
Authors:
Ittai Abraham,
Srinivas Devadas,
Danny Dolev,
Kartik Nayak,
Ling Ren
Abstract:
We present new protocols for Byzantine state machine replication and Byzantine agreement in the synchronous and authenticated setting. The celebrated PBFT state machine replication protocol tolerates $f$ Byzantine faults in an asynchronous setting using $3f+1$ replicas, and has since been studied or deployed by numerous works. In this work, we improve the Byzantine fault tolerance threshold to…
▽ More
We present new protocols for Byzantine state machine replication and Byzantine agreement in the synchronous and authenticated setting. The celebrated PBFT state machine replication protocol tolerates $f$ Byzantine faults in an asynchronous setting using $3f+1$ replicas, and has since been studied or deployed by numerous works. In this work, we improve the Byzantine fault tolerance threshold to $n=2f+1$ by utilizing a relaxed synchrony assumption. We present a synchronous state machine replication protocol that commits a decision every 3 rounds in the common case. The key challenge is to ensure quorum intersection at one honest replica. Our solution is to rely on the synchrony assumption to form a post-commit quorum of size $2f+1$, which intersects at $f+1$ replicas with any pre-commit quorums of size $f+1$. Our protocol also solves synchronous authenticated Byzantine agreement in expected 8 rounds. The best previous solution (Katz and Koo, 2006) requires expected 24 rounds. Our protocols may be applied to build Byzantine fault tolerant systems or improve cryptographic protocols such as cryptocurrencies when synchrony can be assumed.
△ Less
Submitted 12 September, 2017; v1 submitted 7 April, 2017;
originally announced April 2017.
-
Stateless Computation
Authors:
Danny Dolev,
Michael Erdmann,
Neil Lutz,
Michael Schapira,
Adva Zair
Abstract:
We present and explore a model of stateless and self-stabilizing distributed computation, inspired by real-world applications such as routing on today's Internet. Processors in our model do not have an internal state, but rather interact by repeatedly mapping incoming messages ("labels") to outgoing messages and output values. While seemingly too restrictive to be of interest, stateless computatio…
▽ More
We present and explore a model of stateless and self-stabilizing distributed computation, inspired by real-world applications such as routing on today's Internet. Processors in our model do not have an internal state, but rather interact by repeatedly mapping incoming messages ("labels") to outgoing messages and output values. While seemingly too restrictive to be of interest, stateless computation encompasses both classical game-theoretic notions of strategic interaction and a broad range of practical applications (e.g., Internet protocols, circuits, diffusion of technologies in social networks). We embark on a holistic exploration of stateless computation. We tackle two important questions: (1) Under what conditions is self-stabilization, i.e., guaranteed "convergence" to a "legitimate" global configuration, achievable for stateless computation? and (2) What is the computational power of stateless computation? Our results for self-stabilization include a general necessary condition for self-stabilization and hardness results for verifying that a stateless protocol is self-stabilizing. Our main results for the power of stateless computation show that labels of logarithmic length in the number of processors yield substantial computational power even on ring topologies. We present a separation between unidirectional and bidirectional rings (L/poly vs. P/poly), reflecting the sequential nature of computation on a unidirectional ring, as opposed to the parallelism afforded by the bidirectional ring. We leave the reader with many exciting directions for future research.
△ Less
Submitted 30 November, 2016;
originally announced November 2016.
-
Possibility and Impossibility of Reliable Broadcast in the Bounded Model
Authors:
Danny Dolev,
Meir Spielrien
Abstract:
The Reliable Broadcast concept allows an honest party to send a message to all other parties and to make sure that all honest parties receive this message. In addition, it allows an honest party that received a message to know that all other honest parties would also receive the same message. This technique is important to ensure distributed consistency when facing failures.
In the current paper…
▽ More
The Reliable Broadcast concept allows an honest party to send a message to all other parties and to make sure that all honest parties receive this message. In addition, it allows an honest party that received a message to know that all other honest parties would also receive the same message. This technique is important to ensure distributed consistency when facing failures.
In the current paper, we study the ability to use \RR to consistently transmit a sequence of input values in an asynchronous environment with a designated sender. The task can be easily achieved using counters, but cannot be achieved with a bounded memory facing failures. We weaken the problem and ask whether the receivers can at least share a common suffix. We prove that in a standard (lossless) asynchronous system no bounded memory protocol can guarantee a common suffix at all receivers for every input sequence if a single party might crash.
We further study the problem facing transient faults and prove that when limiting the problem to transmitting a stream of a single value being sent repeatedly we show a bounded memory self-stabilizing protocol that can ensure a common suffix even in the presence of transient faults and an arbitrary number of crash faults. We further prove that this last problem is not solvable in the presence of a single Byzantine fault. Thus, this problem {\bf separates} Byzantine behavior from crash faults in an asynchronous environment.
△ Less
Submitted 16 November, 2016;
originally announced November 2016.
-
Byzantine Processors and Cuckoo Birds: Confining Maliciousness to the Outset
Authors:
Danny Dolev,
Eli Gafni
Abstract:
Are there Byzantine Animals? A Fooling Behavior is exhibited by the Cuckoo bird. It sneakily replaces some of the eggs of other species with its own. Lest the Cuckoo extinct itself by destroying its host, it self-limits its power: It does not replace too large a fraction of the eggs. Here, we show that any Byzantine Behavior that does not destroy the system it attacks, i.e. allows the system to so…
▽ More
Are there Byzantine Animals? A Fooling Behavior is exhibited by the Cuckoo bird. It sneakily replaces some of the eggs of other species with its own. Lest the Cuckoo extinct itself by destroying its host, it self-limits its power: It does not replace too large a fraction of the eggs. Here, we show that any Byzantine Behavior that does not destroy the system it attacks, i.e. allows the system to solve an easy task like epsilon-agreement, then its maliciousness can be confined to be the exact replica of the Cuckoo bird behavior: Undetectably replace an input of a processor and let the processor behave correctly thereafter with respect to the new input. In doing so we reduce the study of Byzantine behavior to fail-stop (benign) behavior with the Cuckoo caveat of a fraction of the inputs replaced. We establish a complete correspondence between the Byzantine and the Benign, modulo different thresholds, and replaced inputs. This work is yet another step in a line of work unifying seemingly distinct distributed system models, dispelling the Myth that Distributed Computing is a plethora of distinct isolated models, each requiring its specialized tools and ideas in order to determine solvability of tasks. Thus, hereafter, Byzantine Computability questions can be reduced to questions in the benign failure setting. We also show that the known results about correlated faults in the asynchronous benign setting can be imported verbatim to the asynchronous Byzantine setting. Finally, as in the benign case in which we have the property that a processor can output once its faulty behavior stops for long enough, we show this can be done in a similar manner in the Byzantine case. This necessitated the generalization of Reliable Broadcast to what we term Recoverable Reliable Broadcast.
△ Less
Submitted 14 November, 2016;
originally announced November 2016.
-
Some Garbage In - Some Garbage Out: Asynchronous t-Byzantine as Asynchronous Benign t-resilient system with fixed t-Trojan-Horse Inputs
Authors:
Danny Dolev,
Eli Gafni
Abstract:
We show that asynchronous $t$ faults Byzantine system is equivalent to asynchronous $t$-resilient system, where unbeknownst to all, the private inputs of at most $t$ processors were altered and installed by a malicious oracle.
The immediate ramification is that dealing with asynchronous Byzantine systems does not call for new topological methods, as was recently employed by various researchers:…
▽ More
We show that asynchronous $t$ faults Byzantine system is equivalent to asynchronous $t$-resilient system, where unbeknownst to all, the private inputs of at most $t$ processors were altered and installed by a malicious oracle.
The immediate ramification is that dealing with asynchronous Byzantine systems does not call for new topological methods, as was recently employed by various researchers: Asynchronous Byzantine is a standard asynchronous system with an input caveat. It also shows that two recent independent investigations of vector $ε$-agreement in the Byzantine model, and then in the fail-stop model, one was superfluous - in these problems the change of $t$ inputs allowed in the Byzantine has no effect compared to the fail-stop case.
This result was motivated by the aim of casting any asynchronous system as a synchronous system where all processors are correct and it is the communication substrate in the form of message-adversary that misbehaves. Thus, in addition, we get such a characterization for the asynchronous Byzantine system.
△ Less
Submitted 3 August, 2016; v1 submitted 5 July, 2016;
originally announced July 2016.
-
Synchronous Hybrid Message-Adversary
Authors:
Danny Dolev,
Eli Gafni
Abstract:
The theory of distributed computing, lagging in its development behind practice, has been biased in its modelling by employing mechanisms within the model mimicking reality. Reality means, processors can fail. But theory is about predicting consequences of reality, hence if we capture reality by "artificial models," but those nevertheless make analysis simpler, we should pursue the artificial mode…
▽ More
The theory of distributed computing, lagging in its development behind practice, has been biased in its modelling by employing mechanisms within the model mimicking reality. Reality means, processors can fail. But theory is about predicting consequences of reality, hence if we capture reality by "artificial models," but those nevertheless make analysis simpler, we should pursue the artificial models.
Recently the idea was advocated to analyze distributed systems and view processors as infallible. It is the message delivery substrate that causes problems. This view not only can effectively emulate reality, but above all seems to allow to view any past models as \emph{synchronous} models. Synchronous models are easier to analyze than asynchronous ones. Furthermore, it gives rise to models we haven't contemplated in the past. One such model, presented here, is the Hybrid Message-Adversary. We motivate this model through the need to analyze Byzantine faults. The Hybrid model exhibits a phenomenon not seen in the past.
△ Less
Submitted 5 July, 2016; v1 submitted 8 May, 2016;
originally announced May 2016.
-
Compact Routing Messages in Self-Healing Trees
Authors:
Armando Castaneda,
Danny Dolev,
Amitabh Trehan
Abstract:
Existing compact routing schemes, e.g., Thorup and Zwick [SPAA 2001] and Chechik [PODC 2013], often have no means to tolerate failures, once the system has been setup and started. This paper presents, to our knowledge, the first self-healing compact routing scheme. Besides, our schemes are developed for low memory nodes, i.e., nodes need only $O(\log^2 n)$ memory, and are thus, compact schemes.…
▽ More
Existing compact routing schemes, e.g., Thorup and Zwick [SPAA 2001] and Chechik [PODC 2013], often have no means to tolerate failures, once the system has been setup and started. This paper presents, to our knowledge, the first self-healing compact routing scheme. Besides, our schemes are developed for low memory nodes, i.e., nodes need only $O(\log^2 n)$ memory, and are thus, compact schemes.
We introduce two algorithms of independent interest: The first is CompactFT, a novel compact version (using only $O(\log n)$ local memory) of the self-healing algorithm Forgiving Tree of Hayes et al. [PODC 2008]. The second algorithm (CompactFTZ) combines CompactFT with Thorup-Zwick's tree-based compact routing scheme [SPAA 2001] to produce a fully compact self-healing routing scheme. In the self-healing model, the adversary deletes nodes one at a time with the affected nodes self-healing locally by adding few edges. CompactFT recovers from each attack in only $O(1)$ time and $Δ$ messages, with only +3 degree increase and $O(log Δ)$ graph diameter increase, over any sequence of deletions ($Δ$ is the initial maximum degree).
Additionally, CompactFTZ guarantees delivery of a packet sent from sender s as long as the receiver t has not been deleted, with only an additional $O(y \log Δ)$ latency, where $y$ is the number of nodes that have been deleted on the path between $s$ and $t$. If $t$ has been deleted, $s$ gets informed and the packet removed from the network.
△ Less
Submitted 18 August, 2015;
originally announced August 2015.
-
Byzantine Agreement with Optimal Early Stopping, Optimal Resilience and Polynomial Complexity
Authors:
Ittai Abraham,
Danny Dolev
Abstract:
We provide the first protocol that solves Byzantine agreement with optimal early stopping ($\min\{f+2,t+1\}$ rounds) and optimal resilience ($n>3t$) using polynomial message size and computation.
All previous approaches obtained sub-optimal results and used resolve rules that looked only at the immediate children in the EIG (\emph{Exponential Information Gathering}) tree. At the heart of our sol…
▽ More
We provide the first protocol that solves Byzantine agreement with optimal early stopping ($\min\{f+2,t+1\}$ rounds) and optimal resilience ($n>3t$) using polynomial message size and computation.
All previous approaches obtained sub-optimal results and used resolve rules that looked only at the immediate children in the EIG (\emph{Exponential Information Gathering}) tree. At the heart of our solution are new resolve rules that look at multiple layers of the EIG tree.
△ Less
Submitted 14 April, 2015; v1 submitted 10 April, 2015;
originally announced April 2015.
-
Node-Initiated Byzantine Consensus Without a Common Clock
Authors:
Danny Dolev,
Christoph Lenzen
Abstract:
The majority of the literature on consensus assumes that protocols are jointly started at all nodes of the distributed system. We show how to remove this problematic assumption in semi-synchronous systems, where messages delays and relative drifts of local clocks may vary arbitrarily within known bounds. Our framework is self-stabilizing and efficient both in terms of communication and time; more…
▽ More
The majority of the literature on consensus assumes that protocols are jointly started at all nodes of the distributed system. We show how to remove this problematic assumption in semi-synchronous systems, where messages delays and relative drifts of local clocks may vary arbitrarily within known bounds. Our framework is self-stabilizing and efficient both in terms of communication and time; more concretely, compared to a synchronous start in a synchronous model of a non-self-stabilizing protocol, we achieve a constant-factor increase in the time and communicated bits to complete an instance, plus an additive communication overhead of O(n log n) broadcasted bits per time unit and node. The latter can be further reduced, at an additive increase in time complexity.
△ Less
Submitted 31 July, 2013; v1 submitted 30 July, 2013;
originally announced July 2013.
-
Synchronous Counting and Computational Algorithm Design
Authors:
Danny Dolev,
Keijo Heljanko,
Matti Järvisalo,
Janne H. Korhonen,
Christoph Lenzen,
Joel Rybicki,
Jukka Suomela,
Siert Wieringa
Abstract:
Consider a complete communication network on $n$ nodes, each of which is a state machine. In synchronous 2-counting, the nodes receive a common clock pulse and they have to agree on which pulses are "odd" and which are "even". We require that the solution is self-stabilising (reaching the correct operation from any initial state) and it tolerates $f$ Byzantine failures (nodes that send arbitrary m…
▽ More
Consider a complete communication network on $n$ nodes, each of which is a state machine. In synchronous 2-counting, the nodes receive a common clock pulse and they have to agree on which pulses are "odd" and which are "even". We require that the solution is self-stabilising (reaching the correct operation from any initial state) and it tolerates $f$ Byzantine failures (nodes that send arbitrary misinformation). Prior algorithms are expensive to implement in hardware: they require a source of random bits or a large number of states.
This work consists of two parts. In the first part, we use computational techniques (often known as synthesis) to construct very compact deterministic algorithms for the first non-trivial case of $f = 1$. While no algorithm exists for $n < 4$, we show that as few as 3 states per node are sufficient for all values $n \ge 4$. Moreover, the problem cannot be solved with only 2 states per node for $n = 4$, but there is a 2-state solution for all values $n \ge 6$.
In the second part, we develop and compare two different approaches for synthesising synchronous counting algorithms. Both approaches are based on casting the synthesis problem as a propositional satisfiability (SAT) problem and employing modern SAT-solvers. The difference lies in how to solve the SAT problem: either in a direct fashion, or incrementally within a counter-example guided abstraction refinement loop. Empirical results suggest that the former technique is more efficient if we want to synthesise time-optimal algorithms, while the latter technique discovers non-optimal algorithms more quickly.
△ Less
Submitted 5 January, 2015; v1 submitted 21 April, 2013;
originally announced April 2013.
-
FATAL+: A Self-Stabilizing Byzantine Fault-tolerant Clocking Scheme for SoCs
Authors:
Danny Dolev,
Matthias Függer,
Christoph Lenzen,
Markus Posch,
Ulrich Schmid,
Andreas Steininger
Abstract:
We present concept and implementation of a self-stabilizing Byzantine fault-tolerant distributed clock generation scheme for multi-synchronous GALS architectures in critical applications. It combines a variant of a recently introduced self-stabilizing algorithm for generating low-frequency, low-accuracy synchronized pulses with a simple non-stabilizing high-frequency, high-accuracy clock synchroni…
▽ More
We present concept and implementation of a self-stabilizing Byzantine fault-tolerant distributed clock generation scheme for multi-synchronous GALS architectures in critical applications. It combines a variant of a recently introduced self-stabilizing algorithm for generating low-frequency, low-accuracy synchronized pulses with a simple non-stabilizing high-frequency, high-accuracy clock synchronization algorithm. We provide thorough correctness proofs and a performance analysis, which use methods from fault-tolerant distributed computing research but also addresses hardware-related issues like metastability. The algorithm, which consists of several concurrent communicating asynchronous state machines, has been implemented in VHDL using Petrify in conjunction with some extensions, and synthetisized for an Altera Cyclone FPGA. An experimental validation of this prototype has been carried out to confirm the skew and clock frequency bounds predicted by the theoretical analysis, as well as the very short stabilization times (required for recovering after excessively many transient failures) achievable in practice.
△ Less
Submitted 9 February, 2012;
originally announced February 2012.
-
"Tri, Tri again": Finding Triangles and Small Subgraphs in a Distributed Setting
Authors:
Danny Dolev,
Christoph Lenzen,
Shir Peled
Abstract:
Let G = (V,E) be an n-vertex graph and M_d a d-vertex graph, for some constant d. Is M_d a subgraph of G? We consider this problem in a model where all n processes are connected to all other processes, and each message contains up to O(log n) bits. A simple deterministic algorithm that requires O(n^((d-2)/d) / log n) communication rounds is presented. For the special case that M_d is a triangle, w…
▽ More
Let G = (V,E) be an n-vertex graph and M_d a d-vertex graph, for some constant d. Is M_d a subgraph of G? We consider this problem in a model where all n processes are connected to all other processes, and each message contains up to O(log n) bits. A simple deterministic algorithm that requires O(n^((d-2)/d) / log n) communication rounds is presented. For the special case that M_d is a triangle, we present a probabilistic algorithm that requires an expected O(ceil(n^(1/3) / (t^(2/3) + 1))) rounds of communication, where t is the number of triangles in the graph, and O(min{n^(1/3) log^(2/3) n / (t^(2/3) + 1), n^(1/3)}) with high probability.
We also present deterministic algorithms specially suited for sparse graphs. In any graph of maximum degree Delta, we can test for arbitrary subgraphs of diameter D in O(ceil(Delta^(D+1) / n)) rounds. For triangles, we devise an algorithm featuring a round complexity of O(A^2 / n + log_(2+n/A^2) n), where A denotes the arboricity of G.
△ Less
Submitted 5 November, 2012; v1 submitted 31 January, 2012;
originally announced January 2012.
-
No justified complaints: On fair sharing of multiple resources
Authors:
Danny Dolev,
Dror G. Feitelson,
Joseph Y. Halpern,
Raz Kupferman,
Nati Linial
Abstract:
Fair allocation has been studied intensively in both economics and computer science, and fair sharing of resources has aroused renewed interest with the advent of virtualization and cloud computing. Prior work has typically focused on mechanisms for fair sharing of a single resource. We provide a new definition for the simultaneous fair allocation of multiple continuously-divisible resources…
▽ More
Fair allocation has been studied intensively in both economics and computer science, and fair sharing of resources has aroused renewed interest with the advent of virtualization and cloud computing. Prior work has typically focused on mechanisms for fair sharing of a single resource. We provide a new definition for the simultaneous fair allocation of multiple continuously-divisible resources. Roughly speaking, we define fairness as the situation where every user either gets all the resources he wishes for, or else gets at least his entitlement on some bottleneck resource, and therefore cannot complain about not getting more. This definition has the same desirable properties as the recently suggested dominant resource fairness, and also handles the case of multiple bottlenecks. We then prove that a fair allocation according to this definition is guaranteed to exist for any combination of user requests and entitlements (where a user's relative use of the different resources is fixed). The proof, which uses tools from the theory of ordinary differential equations, is constructive and provides a method to compute the allocations numerically.
△ Less
Submitted 14 June, 2011;
originally announced June 2011.
-
Fault-tolerant Algorithms for Tick-Generation in Asynchronous Logic: Robust Pulse Generation
Authors:
Danny Dolev,
Matthias Fuegger,
Christoph Lenzen,
Ulrich Schmid
Abstract:
Today's hardware technology presents a new challenge in designing robust systems. Deep submicron VLSI technology introduced transient and permanent faults that were never considered in low-level system designs in the past. Still, robustness of that part of the system is crucial and needs to be guaranteed for any successful product. Distributed systems, on the other hand, have been dealing with sim…
▽ More
Today's hardware technology presents a new challenge in designing robust systems. Deep submicron VLSI technology introduced transient and permanent faults that were never considered in low-level system designs in the past. Still, robustness of that part of the system is crucial and needs to be guaranteed for any successful product. Distributed systems, on the other hand, have been dealing with similar issues for decades. However, neither the basic abstractions nor the complexity of contemporary fault-tolerant distributed algorithms match the peculiarities of hardware implementations. This paper is intended to be part of an attempt striving to overcome this gap between theory and practice for the clock synchronization problem. Solving this task sufficiently well will allow to build a very robust high-precision clocking system for hardware designs like systems-on-chips in critical applications. As our first building block, we describe and prove correct a novel Byzantine fault-tolerant self-stabilizing pulse synchronization protocol, which can be implemented using standard asynchronous digital logic. Despite the strict limitations introduced by hardware designs, it offers optimal resilience and smaller complexity than all existing protocols.
△ Less
Submitted 14 October, 2011; v1 submitted 24 May, 2011;
originally announced May 2011.
-
A Fault-Resistant Asynchronous Clock Function
Authors:
Ezra N. Hoch,
Michael Ben-Or,
Danny Dolev
Abstract:
Consider an asynchronous network in a shared-memory environment consisting of n nodes. Assume that up to f of the nodes might be Byzantine (n > 12f), where the adversary is full-information and dynamic (sometimes called adaptive). In addition, the non-Byzantine nodes may undergo transient failures. Nodes advance in atomic steps, which consist of reading all registers, performing some calculation a…
▽ More
Consider an asynchronous network in a shared-memory environment consisting of n nodes. Assume that up to f of the nodes might be Byzantine (n > 12f), where the adversary is full-information and dynamic (sometimes called adaptive). In addition, the non-Byzantine nodes may undergo transient failures. Nodes advance in atomic steps, which consist of reading all registers, performing some calculation and writing to all registers.
This paper contains three main contributions. First, the clock-function problem is defined, which is a generalization of the clock synchronization problem. This generalization encapsulates previous clock synchronization problem definitions while extending them to the current paper's model. Second, a randomized asynchronous self-stabilizing Byzantine tolerant clock synchronization algorithm is presented.
In the construction of the clock synchronization algorithm, a building block that ensures different nodes advance at similar rates is developed. This feature is the third contribution of the paper. It is self-stabilizing and Byzantine tolerant and can be used as a building block for different algorithms that operate in an asynchronous self-stabilizing Byzantine model.
The convergence time of the presented algorithm is exponential. Observe that in the asynchronous setting the best known full-information dynamic Byzantine agreement also has expected exponential convergence time, even though currently there is no known reduction between the two.
△ Less
Submitted 14 July, 2010; v1 submitted 10 July, 2010;
originally announced July 2010.
-
Simple Gradecast Based Algorithms
Authors:
Michael Ben-Or,
Danny Dolev,
Ezra N. Hoch
Abstract:
Gradecast is a simple three-round algorithm presented by Feldman and Micali. The current work presents a very simple algorithm that utilized Gradecast to achieve Byzantine agreement. Two small variations of the presented algorithm lead to improved algorithms for solving the Approximate agreement problem and the Multi-consensus problem.
An optimal approximate agreement algorithm was presented by…
▽ More
Gradecast is a simple three-round algorithm presented by Feldman and Micali. The current work presents a very simple algorithm that utilized Gradecast to achieve Byzantine agreement. Two small variations of the presented algorithm lead to improved algorithms for solving the Approximate agreement problem and the Multi-consensus problem.
An optimal approximate agreement algorithm was presented by Fekete, which supports up to 1/4 n Byzantine nodes and has message complexity of O(n^k), where n is the number of nodes and k is the number of rounds.
Our solution to the approximate agreement problem is optimal, simple and reduces the message complexity to O(k * n^3), while supporting up to 1/3 n Byzantine nodes.
Multi consensus was first presented by Bar-Noy et al. It consists of consecutive executions of l Byzantine consensuses. Bar-Noy et al., show an optimal amortized solution to this problem, assuming that all nodes start each consensus instance at the same time, a property that cannot be guaranteed with early stopping. Our solution is simpler, preserves round complexity optimality, allows early stopping and does not require synchronized starts of the consensus instances.
△ Less
Submitted 29 September, 2010; v1 submitted 7 July, 2010;
originally announced July 2010.
-
An Optimal Self-Stabilizing Firing Squad
Authors:
Danny Dolev,
Ezra N. Hoch,
Yoram Moses
Abstract:
Consider a fully connected network where up to $t$ processes may crash, and all processes start in an arbitrary memory state. The self-stabilizing firing squad problem consists of eventually guaranteeing simultaneous response to an external input. This is modeled by requiring that the non-crashed processes "fire" simultaneously if some correct process received an external "GO" input, and that th…
▽ More
Consider a fully connected network where up to $t$ processes may crash, and all processes start in an arbitrary memory state. The self-stabilizing firing squad problem consists of eventually guaranteeing simultaneous response to an external input. This is modeled by requiring that the non-crashed processes "fire" simultaneously if some correct process received an external "GO" input, and that they only fire as a response to some process receiving such an input. This paper presents FireAlg, the first self-stabilizing firing squad algorithm.
The FireAlg algorithm is optimal in two respects: (a) Once the algorithm is in a safe state, it fires in response to a GO input as fast as any other algorithm does, and (b) Starting from an arbitrary state, it converges to a safe state as fast as any other algorithm does.
△ Less
Submitted 17 August, 2009;
originally announced August 2009.
-
Fault Identification via Non-parametric Belief Propagation
Authors:
Danny Bickson,
Dror Baron,
Alex T. Ihler,
Harel Avissar,
Danny Dolev
Abstract:
We consider the problem of identifying a pattern of faults from a set of noisy linear measurements. Unfortunately, maximum a posteriori probability estimation of the fault pattern is computationally intractable. To solve the fault identification problem, we propose a non-parametric belief propagation approach. We show empirically that our belief propagation solver is more accurate than recent stat…
▽ More
We consider the problem of identifying a pattern of faults from a set of noisy linear measurements. Unfortunately, maximum a posteriori probability estimation of the fault pattern is computationally intractable. To solve the fault identification problem, we propose a non-parametric belief propagation approach. We show empirically that our belief propagation solver is more accurate than recent state-of-the-art algorithms including interior point methods and semidefinite programming. Our superior performance is explained by the fact that we take into account both the binary nature of the individual faults and the sparsity of the fault pattern arising from their rarity.
△ Less
Submitted 1 February, 2011; v1 submitted 13 August, 2009;
originally announced August 2009.
-
Self-stabilizing Byzantine Agreement
Authors:
Ariel Daliot,
Danny Dolev
Abstract:
Byzantine agreement algorithms typically assume implicit initial state consistency and synchronization among the correct nodes and then operate in coordinated rounds of information exchange to reach agreement based on the input values. The implicit initial assumptions enable correct nodes to infer about the progression of the algorithm at other nodes from their local state. This paper considers…
▽ More
Byzantine agreement algorithms typically assume implicit initial state consistency and synchronization among the correct nodes and then operate in coordinated rounds of information exchange to reach agreement based on the input values. The implicit initial assumptions enable correct nodes to infer about the progression of the algorithm at other nodes from their local state. This paper considers a more severe fault model than permanent Byzantine failures, one in which the system can in addition be subject to severe transient failures that can temporarily throw the system out of its assumption boundaries. When the system eventually returns to behave according to the presumed assumptions it may be in an arbitrary state in which any synchronization among the nodes might be lost, and each node may be at an arbitrary state. We present a self-stabilizing Byzantine agreement algorithm that reaches agreement among the correct nodes in an optimal ration of faulty to correct, by using only the assumption of eventually bounded message transmission delay. In the process of solving the problem, two additional important and challenging building blocks were developed: a unique self-stabilizing protocol for assigning consistent relative times to protocol initialization and a Reliable Broadcast primitive that progresses at the speed of actual message delivery time.
△ Less
Submitted 2 August, 2009;
originally announced August 2009.
-
Distributed Sensor Selection using a Truncated Newton Method
Authors:
Danny Bickson,
Danny Dolev
Abstract:
We propose a new distributed algorithm for computing a truncated Newton method, where the main diagonal of the Hessian is computed using belief propagation. As a case study for this approach, we examine the sensor selection problem, a Boolean convex optimization problem. We form two distributed algorithms. The first algorithm is a distributed version of the interior point method by Joshi and Boy…
▽ More
We propose a new distributed algorithm for computing a truncated Newton method, where the main diagonal of the Hessian is computed using belief propagation. As a case study for this approach, we examine the sensor selection problem, a Boolean convex optimization problem. We form two distributed algorithms. The first algorithm is a distributed version of the interior point method by Joshi and Boyd, and the second algorithm is an order of magnitude faster approximation. As an example application we discuss distributed anomaly detection in networks. We demonstrate the applicability of our solution using both synthetic data and real traffic logs collected from the Abilene Internet backbone.
△ Less
Submitted 14 January, 2010; v1 submitted 6 July, 2009;
originally announced July 2009.
-
Fixing Convergence of Gaussian Belief Propagation
Authors:
Jason K. Johnson,
Danny Bickson,
Danny Dolev
Abstract:
Gaussian belief propagation (GaBP) is an iterative message-passing algorithm for inference in Gaussian graphical models. It is known that when GaBP converges it converges to the correct MAP estimate of the Gaussian random vector and simple sufficient conditions for its convergence have been established. In this paper we develop a double-loop algorithm for forcing convergence of GaBP. Our method…
▽ More
Gaussian belief propagation (GaBP) is an iterative message-passing algorithm for inference in Gaussian graphical models. It is known that when GaBP converges it converges to the correct MAP estimate of the Gaussian random vector and simple sufficient conditions for its convergence have been established. In this paper we develop a double-loop algorithm for forcing convergence of GaBP. Our method computes the correct MAP estimate even in cases where standard GaBP would not have converged. We further extend this construction to compute least-squares solutions of over-constrained linear systems. We believe that our construction has numerous applications, since the GaBP algorithm is linked to solution of linear systems of equations, which is a fundamental problem in computer science and engineering. As a case study, we discuss the linear detection problem. We show that using our new construction, we are able to force convergence of Montanari's linear detection algorithm, in cases where it would originally fail. As a consequence, we are able to increase significantly the number of users that can transmit concurrently.
△ Less
Submitted 3 July, 2009; v1 submitted 27 January, 2009;
originally announced January 2009.
-
A Low Density Lattice Decoder via Non-Parametric Belief Propagation
Authors:
Danny Bickson,
Alexander T. Ihler,
Danny Dolev
Abstract:
The recent work of Sommer, Feder and Shalvi presented a new family of codes called low density lattice codes (LDLC) that can be decoded efficiently and approach the capacity of the AWGN channel. A linear time iterative decoding scheme which is based on a message-passing formulation on a factor graph is given.
In the current work we report our theoretical findings regarding the relation between…
▽ More
The recent work of Sommer, Feder and Shalvi presented a new family of codes called low density lattice codes (LDLC) that can be decoded efficiently and approach the capacity of the AWGN channel. A linear time iterative decoding scheme which is based on a message-passing formulation on a factor graph is given.
In the current work we report our theoretical findings regarding the relation between the LDLC decoder and belief propagation. We show that the LDLC decoder is an instance of non-parametric belief propagation and further connect it to the Gaussian belief propagation algorithm. Our new results enable borrowing knowledge from the non-parametric and Gaussian belief propagation domains into the LDLC domain. Specifically, we give more general convergence conditions for convergence of the LDLC decoder (under the same assumptions of the original LDLC convergence analysis). We discuss how to extend the LDLC decoder from Latin square to full rank, non-square matrices. We propose an efficient construction of sparse generator matrix and its matching decoder. We report preliminary experimental results which show our decoder has comparable symbol to error rate compared to the original LDLC decoder.%
△ Less
Submitted 7 October, 2009; v1 submitted 21 January, 2009;
originally announced January 2009.
-
Peer-to-Peer Secure Multi-Party Numerical Computation Facing Malicious Adversaries
Authors:
Danny Bickson,
Tzachy Reinman,
Danny Dolev,
Benny Pinkas
Abstract:
We propose an efficient framework for enabling secure multi-party numerical computations in a Peer-to-Peer network. This problem arises in a range of applications such as collaborative filtering, distributed computation of trust and reputation, monitoring and other tasks, where the computing nodes is expected to preserve the privacy of their inputs while performing a joint computation of a certa…
▽ More
We propose an efficient framework for enabling secure multi-party numerical computations in a Peer-to-Peer network. This problem arises in a range of applications such as collaborative filtering, distributed computation of trust and reputation, monitoring and other tasks, where the computing nodes is expected to preserve the privacy of their inputs while performing a joint computation of a certain function. Although there is a rich literature in the field of distributed systems security concerning secure multi-party computation, in practice it is hard to deploy those methods in very large scale Peer-to-Peer networks. In this work, we try to bridge the gap between theoretical algorithms in the security domain, and a practical Peer-to-Peer deployment.
We consider two security models. The first is the semi-honest model where peers correctly follow the protocol, but try to reveal private information. We provide three possible schemes for secure multi-party numerical computation for this model and identify a single light-weight scheme which outperforms the others. Using extensive simulation results over real Internet topologies, we demonstrate that our scheme is scalable to very large networks, with up to millions of nodes. The second model we consider is the malicious peers model, where peers can behave arbitrarily, deliberately trying to affect the results of the computation as well as compromising the privacy of other peers. For this model we provide a fourth scheme to defend the execution of the computation against the malicious peers. The proposed scheme has a higher complexity relative to the semi-honest model. Overall, we provide the Peer-to-Peer network designer a set of tools to choose from, based on the desired level of security.
△ Less
Submitted 18 January, 2009;
originally announced January 2009.
-
Distributed Large Scale Network Utility Maximization
Authors:
Danny Bickson,
Yoav Tock,
Argyris Zymnis,
Stephen Boyd,
Danny Dolev
Abstract:
Recent work by Zymnis et al. proposes an efficient primal-dual interior-point method, using a truncated Newton method, for solving the network utility maximization (NUM) problem. This method has shown superior performance relative to the traditional dual-decomposition approach. Other recent work by Bickson et al. shows how to compute efficiently and distributively the Newton step, which is the m…
▽ More
Recent work by Zymnis et al. proposes an efficient primal-dual interior-point method, using a truncated Newton method, for solving the network utility maximization (NUM) problem. This method has shown superior performance relative to the traditional dual-decomposition approach. Other recent work by Bickson et al. shows how to compute efficiently and distributively the Newton step, which is the main computational bottleneck of the Newton method, utilizing the Gaussian belief propagation algorithm.
In the current work, we combine both approaches to create an efficient distributed algorithm for solving the NUM problem. Unlike the work of Zymnis, which uses a centralized approach, our new algorithm is easily distributed. Using an empirical evaluation we show that our new method outperforms previous approaches, including the truncated Newton method and dual-decomposition methods. As an additional contribution, this is the first work that evaluates the performance of the Gaussian belief propagation algorithm vs. the preconditioned conjugate gradient method, for a large scale problem.
△ Less
Submitted 9 May, 2009; v1 submitted 18 January, 2009;
originally announced January 2009.
-
Self-stabilizing Numerical Iterative Computation
Authors:
Danny Bickson,
Ezra N. Hoch,
Harel Avissar,
Danny Dolev
Abstract:
Many challenging tasks in sensor networks, including sensor calibration, ranking of nodes, monitoring, event region detection, collaborative filtering, collaborative signal processing, {\em etc.}, can be formulated as a problem of solving a linear system of equations. Several recent works propose different distributed algorithms for solving these problems, usually by using linear iterative numer…
▽ More
Many challenging tasks in sensor networks, including sensor calibration, ranking of nodes, monitoring, event region detection, collaborative filtering, collaborative signal processing, {\em etc.}, can be formulated as a problem of solving a linear system of equations. Several recent works propose different distributed algorithms for solving these problems, usually by using linear iterative numerical methods.
The main problem with previous approaches is that once the problem inputs change during the process of computation, the computation may output unexpected results. In real life settings, sensor measurements are subject to varying environmental conditions and to measurement noise.
We present a simple iterative scheme called SS-Iterative for solving systems of linear equations, and examine its properties in the self-stabilizing perspective. We analyze the behavior of the proposed scheme under changing input sequences using two different assumptions on the input: a box bound, and a probabilistic distribution.
As a case study, we discuss the sensor calibration problem and provide simulation results to support the applicability of our approach.
△ Less
Submitted 18 January, 2009;
originally announced January 2009.
-
Self-stabilizing Numerical Iterative Computation
Authors:
Ezra N. Hoch,
Danny Bickson,
Danny Dolev
Abstract:
Many challenging tasks in sensor networks, including sensor calibration, ranking of nodes, monitoring, event region detection, collaborative filtering, collaborative signal processing, {\em etc.}, can be formulated as a problem of solving a linear system of equations. Several recent works propose different distributed algorithms for solving these problems, usually by using linear iterative numer…
▽ More
Many challenging tasks in sensor networks, including sensor calibration, ranking of nodes, monitoring, event region detection, collaborative filtering, collaborative signal processing, {\em etc.}, can be formulated as a problem of solving a linear system of equations. Several recent works propose different distributed algorithms for solving these problems, usually by using linear iterative numerical methods.
In this work, we extend the settings of the above approaches, by adding another dimension to the problem. Specifically, we are interested in {\em self-stabilizing} algorithms, that continuously run and converge to a solution from any initial state. This aspect of the problem is highly important due to the dynamic nature of the network and the frequent changes in the measured environment.
In this paper, we link together algorithms from two different domains. On the one hand, we use the rich linear algebra literature of linear iterative methods for solving systems of linear equations, which are naturally distributed with rapid convergence properties. On the other hand, we are interested in self-stabilizing algorithms, where the input to the computation is constantly changing, and we would like the algorithms to converge from any initial state. We propose a simple novel method called \syncAlg as a self-stabilizing variant of the linear iterative methods. We prove that under mild conditions the self-stabilizing algorithm converges to a desired result. We further extend these results to handle the asynchronous case.
As a case study, we discuss the sensor calibration problem and provide simulation results to support the applicability of our approach.
△ Less
Submitted 19 November, 2008;
originally announced November 2008.
-
Gaussian Belief Propagation Solver for Systems of Linear Equations
Authors:
Ori Shental,
Paul H. Siegel,
Jack K. Wolf,
Danny Bickson,
Danny Dolev
Abstract:
The canonical problem of solving a system of linear equations arises in numerous contexts in information theory, communication theory, and related fields. In this contribution, we develop a solution based upon Gaussian belief propagation (GaBP) that does not involve direct matrix inversion. The iterative nature of our approach allows for a distributed message-passing implementation of the soluti…
▽ More
The canonical problem of solving a system of linear equations arises in numerous contexts in information theory, communication theory, and related fields. In this contribution, we develop a solution based upon Gaussian belief propagation (GaBP) that does not involve direct matrix inversion. The iterative nature of our approach allows for a distributed message-passing implementation of the solution algorithm. We also address some properties of the GaBP solver, including convergence, exactness, its max-product version and relation to classical solution methods. The application example of decorrelation in CDMA is used to demonstrate the faster convergence rate of the proposed solver in comparison to conventional linear-algebraic iterative solution methods.
△ Less
Submitted 9 October, 2008;
originally announced October 2008.
-
Gaussian Belief Propagation Based Multiuser Detection
Authors:
Danny Bickson,
Danny Dolev,
Ori Shental,
Paul H. Siegel,
Jack K. Wolf
Abstract:
In this work, we present a novel construction for solving the linear multiuser detection problem using the Gaussian Belief Propagation algorithm. Our algorithm yields an efficient, iterative and distributed implementation of the MMSE detector. We compare our algorithm's performance to a recent result and show an improved memory consumption, reduced computation steps and a reduction in the number…
▽ More
In this work, we present a novel construction for solving the linear multiuser detection problem using the Gaussian Belief Propagation algorithm. Our algorithm yields an efficient, iterative and distributed implementation of the MMSE detector. We compare our algorithm's performance to a recent result and show an improved memory consumption, reduced computation steps and a reduction in the number of sent messages. We prove that recent work by Montanari et al. is an instance of our general algorithm, providing new convergence results for both algorithms.
△ Less
Submitted 9 October, 2008;
originally announced October 2008.
-
A Gaussian Belief Propagation Solver for Large Scale Support Vector Machines
Authors:
Danny Bickson,
Elad Yom-Tov,
Danny Dolev
Abstract:
Support vector machines (SVMs) are an extremely successful type of classification and regression algorithms. Building an SVM entails solving a constrained convex quadratic programming problem, which is quadratic in the number of training samples. We introduce an efficient parallel implementation of an support vector regression solver, based on the Gaussian Belief Propagation algorithm (GaBP).…
▽ More
Support vector machines (SVMs) are an extremely successful type of classification and regression algorithms. Building an SVM entails solving a constrained convex quadratic programming problem, which is quadratic in the number of training samples. We introduce an efficient parallel implementation of an support vector regression solver, based on the Gaussian Belief Propagation algorithm (GaBP).
In this paper, we demonstrate that methods from the complex system domain could be utilized for performing efficient distributed computation. We compare the proposed algorithm to previously proposed distributed and single-node SVM solvers. Our comparison shows that the proposed algorithm is just as accurate as these solvers, while being significantly faster, especially for large datasets. We demonstrate scalability of the proposed algorithm to up to 1,024 computing nodes and hundreds of thousands of data points using an IBM Blue Gene supercomputer. As far as we know, our work is the largest parallel implementation of belief propagation ever done, demonstrating the applicability of this algorithm for large scale distributed computing systems.
△ Less
Submitted 9 October, 2008;
originally announced October 2008.
-
Polynomial Linear Programming with Gaussian Belief Propagation
Authors:
Danny Bickson,
Yoav Tock,
Ori Shental,
Danny Dolev
Abstract:
Interior-point methods are state-of-the-art algorithms for solving linear programming (LP) problems with polynomial complexity. Specifically, the Karmarkar algorithm typically solves LP problems in time O(n^{3.5}), where $n$ is the number of unknown variables. Karmarkar's celebrated algorithm is known to be an instance of the log-barrier method using the Newton iteration. The main computational…
▽ More
Interior-point methods are state-of-the-art algorithms for solving linear programming (LP) problems with polynomial complexity. Specifically, the Karmarkar algorithm typically solves LP problems in time O(n^{3.5}), where $n$ is the number of unknown variables. Karmarkar's celebrated algorithm is known to be an instance of the log-barrier method using the Newton iteration. The main computational overhead of this method is in inverting the Hessian matrix of the Newton iteration. In this contribution, we propose the application of the Gaussian belief propagation (GaBP) algorithm as part of an efficient and distributed LP solver that exploits the sparse and symmetric structure of the Hessian matrix and avoids the need for direct matrix inversion. This approach shifts the computation from realm of linear algebra to that of probabilistic inference on graphical models, thus applying GaBP as an efficient inference engine. Our construction is general and can be used for any interior-point algorithm which uses the Newton method, including non-linear program solvers.
△ Less
Submitted 9 October, 2008;
originally announced October 2008.
-
Distributed Kalman Filter via Gaussian Belief Propagation
Authors:
Danny Bickson,
Ori Shental,
Danny Dolev
Abstract:
Recent result shows how to compute distributively and efficiently the linear MMSE for the multiuser detection problem, using the Gaussian BP algorithm. In the current work, we extend this construction, and show that operating this algorithm twice on the matching inputs, has several interesting interpretations. First, we show equivalence to computing one iteration of the Kalman filter. Second, we…
▽ More
Recent result shows how to compute distributively and efficiently the linear MMSE for the multiuser detection problem, using the Gaussian BP algorithm. In the current work, we extend this construction, and show that operating this algorithm twice on the matching inputs, has several interesting interpretations. First, we show equivalence to computing one iteration of the Kalman filter. Second, we show that the Kalman filter is a special case of the Gaussian information bottleneck algorithm, when the weight parameter $β= 1$. Third, we discuss the relation to the Affine-scaling interior-point method and show it is a special case of Kalman filter.
Besides of the theoretical interest of this linking estimation, compression/clustering and optimization, we allow a single distributed implementation of those algorithms, which is a highly practical and important task in sensor and mobile ad-hoc networks. Application to numerous problem domains includes collaborative signal processing and distributed allocation of resources in a communication network.
△ Less
Submitted 9 October, 2008;
originally announced October 2008.
-
Peer-to-Peer Secure Multi-Party Numerical Computation
Authors:
Danny Bickson,
Genia Bezman,
Danny Dolev,
Benny Pinkas
Abstract:
We propose an efficient framework for enabling secure multi-party numerical computations in a Peer-to-Peer network. This problem arises in a range of applications such as collaborative filtering, distributed computation of trust and reputation, monitoring and numerous other tasks, where the computing nodes would like to preserve the privacy of their inputs while performing a joint computation of…
▽ More
We propose an efficient framework for enabling secure multi-party numerical computations in a Peer-to-Peer network. This problem arises in a range of applications such as collaborative filtering, distributed computation of trust and reputation, monitoring and numerous other tasks, where the computing nodes would like to preserve the privacy of their inputs while performing a joint computation of a certain function.
Although there is a rich literature in the field of distributed systems security concerning secure multi-party computation, in practice it is hard to deploy those methods in very large scale Peer-to-Peer networks. In this work, we examine several possible approaches and discuss their feasibility. Among the possible approaches, we identify a single approach which is both scalable and theoretically secure.
An additional novel contribution is that we show how to compute the neighborhood based collaborative filtering, a state-of-the-art collaborative filtering algorithm, winner of the Netflix progress prize of the year 2007. Our solution computes this algorithm in a Peer-to-Peer network, using a privacy preserving computation, without loss of accuracy.
Using extensive large scale simulations on top of real Internet topologies, we demonstrate the applicability of our approach. As far as we know, we are the first to implement such a large scale secure multi-party simulation of networks of millions of nodes and hundreds of millions of edges.
△ Less
Submitted 9 October, 2008;
originally announced October 2008.
-
Gaussian Belief Propagation for Solving Systems of Linear Equations: Theory and Application
Authors:
Ori Shental,
Danny Bickson,
Paul H. Siegel,
Jack K. Wolf,
Danny Dolev
Abstract:
The canonical problem of solving a system of linear equations arises in numerous contexts in information theory, communication theory, and related fields. In this contribution, we develop a solution based upon Gaussian belief propagation (GaBP) that does not involve direct matrix inversion. The iterative nature of our approach allows for a distributed message-passing implementation of the soluti…
▽ More
The canonical problem of solving a system of linear equations arises in numerous contexts in information theory, communication theory, and related fields. In this contribution, we develop a solution based upon Gaussian belief propagation (GaBP) that does not involve direct matrix inversion. The iterative nature of our approach allows for a distributed message-passing implementation of the solution algorithm. We address the properties of the GaBP solver, including convergence, exactness, computational complexity, message-passing efficiency and its relation to classical solution methods. We use numerical examples and applications, like linear detection, to illustrate these properties through the use of computer simulations. This empirical study demonstrates the attractiveness (e.g., faster convergence rate) of the proposed GaBP solver in comparison to conventional linear-algebraic iterative solution methods.
△ Less
Submitted 7 October, 2008;
originally announced October 2008.
-
An Almost-Surely Terminating Polynomial Protocol for Asynchronous Byzantine Agreement with Optimal Resilience
Authors:
Ittai Abraham,
Danny Dolev,
Joseph Y. Halpern
Abstract:
Consider an asynchronous system with private channels and $n$ processes, up to $t$ of which may be faulty. We settle a longstanding open question by providing a Byzantine agreement protocol that simultaneously achieves three properties:
1. (optimal) resilience: it works as long as $n>3t$
2. (almost-sure) termination: with probability one, all nonfaulty processes terminate
3. (polynomial) e…
▽ More
Consider an asynchronous system with private channels and $n$ processes, up to $t$ of which may be faulty. We settle a longstanding open question by providing a Byzantine agreement protocol that simultaneously achieves three properties:
1. (optimal) resilience: it works as long as $n>3t$
2. (almost-sure) termination: with probability one, all nonfaulty processes terminate
3. (polynomial) efficiency: the expected computation time, memory consumption, message size, and number of messages sent are all polynomial in $n$.
Earlier protocols have achieved only two of these three properties. In particular, the protocol of Bracha is not polynomially efficient, the protocol of Feldman and Micali is not optimally resilient, and the protocol of Canetti and Rabin does not have almost-sure termination. Our protocol utilizes a new primitive called shunning (asynchronous) verifiable secret sharing (SVSS), which ensures, roughly speaking, that either a secret is successfully shared or a new faulty process is ignored from this point onwards by some nonfaulty process.
△ Less
Submitted 11 August, 2008;
originally announced August 2008.
-
Self-Stabilizing Pulse Synchronization Inspired by Biological Pacemaker Networks
Authors:
Ariel Daliot,
Danny Dolev,
Hanna Parnas
Abstract:
We define the ``Pulse Synchronization'' problem that requires nodes to achieve tight synchronization of regular pulse events, in the settings of distributed computing systems. Pulse-coupled synchronization is a phenomenon displayed by a large variety of biological systems, typically overcoming a high level of noise. Inspired by such biological models, a robust and self-stabilizing Byzantine puls…
▽ More
We define the ``Pulse Synchronization'' problem that requires nodes to achieve tight synchronization of regular pulse events, in the settings of distributed computing systems. Pulse-coupled synchronization is a phenomenon displayed by a large variety of biological systems, typically overcoming a high level of noise. Inspired by such biological models, a robust and self-stabilizing Byzantine pulse synchronization algorithm for distributed computer systems is presented. The algorithm attains near optimal synchronization tightness while tolerating up to a third of the nodes exhibiting Byzantine behavior concurrently. Pulse synchronization has been previously shown to be a powerful building block for designing algorithms in this severe fault model. We have previously shown how to stabilize general Byzantine algorithms, using pulse synchronization. To the best of our knowledge there is no other scheme to do this without the use of synchronized pulses.
△ Less
Submitted 4 March, 2008; v1 submitted 3 March, 2008;
originally announced March 2008.
-
Lower Bounds on Implementing Robust and Resilient Mediators
Authors:
Ittai Abraham,
Danny Dolev,
Joseph Y. Halpern
Abstract:
We consider games that have (k,t)-robust equilibria when played with a mediator, where an equilibrium is (k,t)-robust if it tolerates deviations by coalitions of size up to k and deviations by up to $t$ players with unknown utilities. We prove lower bounds that match upper bounds on the ability to implement such mediators using cheap talk (that is, just allowing communication among the players).…
▽ More
We consider games that have (k,t)-robust equilibria when played with a mediator, where an equilibrium is (k,t)-robust if it tolerates deviations by coalitions of size up to k and deviations by up to $t$ players with unknown utilities. We prove lower bounds that match upper bounds on the ability to implement such mediators using cheap talk (that is, just allowing communication among the players). The bounds depend on (a) the relationship between k, t, and n, the total number of players in the system; (b) whether players know the exact utilities of other players; (c) whether there are broadcast channels or just point-to-point channels; (d) whether cryptography is available; and (e) whether the game has a $k+t)-punishment strategy; that is, a strategy that, if used by all but at most $k+t$ players, guarantees that every player gets a worse outcome than they do with the equilibrium strategy.
△ Less
Submitted 6 December, 2007; v1 submitted 26 April, 2007;
originally announced April 2007.
-
Linear-time Self-stabilizing Byzantine Clock Synchronization
Authors:
Ariel Daliot,
Danny Dolev,
Hanna Parnas
Abstract:
Clock synchronization is a very fundamental task in distributed system. It thus makes sense to require an underlying clock synchronization mechanism to be highly fault-tolerant. A self-stabilizing algorithm seeks to attain synchronization once lost; a Byzantine algorithm assumes synchronization is never lost and focuses on containing the influence of the permanent presence of faulty nodes. There…
▽ More
Clock synchronization is a very fundamental task in distributed system. It thus makes sense to require an underlying clock synchronization mechanism to be highly fault-tolerant. A self-stabilizing algorithm seeks to attain synchronization once lost; a Byzantine algorithm assumes synchronization is never lost and focuses on containing the influence of the permanent presence of faulty nodes. There are efficient self-stabilizing solutions for clock synchronization as well as efficient solutions that are resilient to Byzantine faults. In contrast, to the best of our knowledge there is no practical solution that is self-stabilizing while tolerating the permanent presence of Byzantine nodes. We present the first linear-time self-stabilizing Byzantine clock synchronization algorithm. Our deterministic clock synchronization algorithm is based on the observation that all clock synchronization algorithms require events for exchanging clock values and re-synchronizing the clocks to within safe bounds. These events usually need to happen synchronously at the different nodes. In classic Byzantine algorithms this is fulfilled or aided by having the clocks initially close to each other and thus the actual clock values can be used for synchronizing the events. This implies that clock values cannot differ arbitrarily, which necessarily renders these solutions to be non-stabilizing. Our scheme suggests using an underlying distributed pulse synchronization module that is uncorrelated to the clock values.
△ Less
Submitted 24 August, 2006;
originally announced August 2006.
-
Self-Stabilizing Byzantine Pulse Synchronization
Authors:
Ariel Daliot,
Danny Dolev
Abstract:
The ``Pulse Synchronization'' problem can be loosely described as targeting to invoke a recurring distributed event as simultaneously as possible at the different nodes and with a frequency that is as regular as possible. This target becomes surprisingly subtle and difficult to achieve when facing both transient and permanent failures. In this paper we present an algorithm for pulse synchronizat…
▽ More
The ``Pulse Synchronization'' problem can be loosely described as targeting to invoke a recurring distributed event as simultaneously as possible at the different nodes and with a frequency that is as regular as possible. This target becomes surprisingly subtle and difficult to achieve when facing both transient and permanent failures. In this paper we present an algorithm for pulse synchronization that self-stabilizes while at the same time tolerating a permanent presence of Byzantine faults. The Byzantine nodes might incessantly try to de-synchronize the correct nodes. Transient failures might throw the system into an arbitrary state in which correct nodes have no common notion what-so-ever, such as time or round numbers, and can thus not infer anything from their own local states upon the state of other correct nodes. The presented algorithm grants nodes the ability to infer that eventually all correct nodes will invoke their pulses within a very short time interval of each other and will do so regularly.
Pulse synchronization has previously been shown to be a powerful tool for designing general self-stabilizing Byzantine algorithms and is hitherto the only method that provides for the general design of efficient practical protocols in the confluence of these two fault models. The difficulty, in general, to design any algorithm in this fault model may be indicated by the remarkably few algorithms resilient to both fault models. The few published self-stabilizing Byzantine algorithms are typically complicated and sometimes converge from an arbitrary initial state only after exponential or super exponential time.
△ Less
Submitted 24 August, 2006; v1 submitted 24 August, 2006;
originally announced August 2006.
-
Search in Complex Networks : a New Method of Naming
Authors:
Shai Carmi,
Reuven Cohen,
Danny Dolev
Abstract:
We suggest a method for routing when the source does not posses full information about the shortest path to the destination. The method is particularly useful for scale-free networks, and exploits its unique characteristics. By assigning new (short) names to nodes (aka labelling) we are able to reduce significantly the memory requirement at the routers, yet we succeed in routing with high probab…
▽ More
We suggest a method for routing when the source does not posses full information about the shortest path to the destination. The method is particularly useful for scale-free networks, and exploits its unique characteristics. By assigning new (short) names to nodes (aka labelling) we are able to reduce significantly the memory requirement at the routers, yet we succeed in routing with high probability through paths very close in distance to the shortest ones.
△ Less
Submitted 18 January, 2006;
originally announced January 2006.
-
On the Tomography of Networks and Multicast Trees
Authors:
R. Cohen,
D. Dolev,
S. Havlin,
T. Kalisky,
O. Mokryn,
Y. Shavitt
Abstract:
In this paper we model the tomography of scale free networks by studying the structure of layers around an arbitrary network node. We find, both analytically and empirically, that the distance distribution of all nodes from a specific network node consists of two regimes. The first is characterized by rapid growth, and the second decays exponentially. We also show that the nodes degree distribut…
▽ More
In this paper we model the tomography of scale free networks by studying the structure of layers around an arbitrary network node. We find, both analytically and empirically, that the distance distribution of all nodes from a specific network node consists of two regimes. The first is characterized by rapid growth, and the second decays exponentially. We also show that the nodes degree distribution at each layer is a power law with an exponential cut-off. We obtain similar results for the layers surrounding the root of multicast trees cut from such networks, as well as the Internet. All of our results were obtained both analytically and on empirical Interenet data.
△ Less
Submitted 25 May, 2003;
originally announced May 2003.
