On expected constant-round protocols for Byzantine agreement
Journal of Computer and System Sciences
On the number of synchronous rounds sufficient for authenticated byzantine agreement
DISC'09 Proceedings of the 23rd international conference on Distributed computing
| Hi-index | 0.00 |
Broadcast among n parties in the presence of t \geqslant n/3 malicious parties is possible only with some additional setup. The most common setup considered is the existence of a PKI and secure digital signatures, where so-called authenticated broadcast is achievable for any t \le n. It is known that t + 1 rounds are necessary and sufficient for deterministic protocols achieving authenticated broadcast. Recently, however, randomized protocols running in expected constant rounds have been shown for the case of t \le n/2. It has remained open whether randomization can improve the round complexity when an honest majority is not present. We address this question and show upper/ lower bounds on how much randomization can help: For t \leqslant n/2 + k, we show a randomized broadcast protocol that runs in expected O(k^2 ) rounds. In particular, we obtain expected constant-round protocols for t = n/2 + O(1). On the negative side, we show that even randomized protocols require \Omega (2n/(n - t)) rounds. This in particular rules out expected constant-round protocols when the fraction of honest parties is sub-constant.