Practical byzantine fault tolerance and proactive recovery
ACM Transactions on Computer Systems (TOCS)
Distributing Trust on the Internet
DSN '01 Proceedings of the 2001 International Conference on Dependable Systems and Networks (formerly: FTCS)
Separating agreement from execution for byzantine fault tolerant services
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
DSN '04 Proceedings of the 2004 International Conference on Dependable Systems and Networks
High Throughput Byzantine Fault Tolerance
DSN '04 Proceedings of the 2004 International Conference on Dependable Systems and Networks
How to Tolerate Half Less One Byzantine Nodes in Practical Distributed Systems
SRDS '04 Proceedings of the 23rd IEEE International Symposium on Reliable Distributed Systems
Implementing Trustworthy Services Using Replicated State Machines
IEEE Security and Privacy
vTPM: virtualizing the trusted platform module
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
PeerReview: practical accountability for distributed systems
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Attested append-only memory: making adversaries stick to their word
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Hypervisor-Based Efficient Proactive Recovery
SRDS '07 Proceedings of the 26th IEEE International Symposium on Reliable Distributed Systems
Reconfigurable trusted computing in hardware
Proceedings of the 2007 ACM workshop on Scalable trusted computing
A Software-Based Trusted Platform Module Emulator
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
LADIS '08 Proceedings of the 2nd Workshop on Large-Scale Distributed Systems and Middleware
TrInc: small trusted hardware for large distributed systems
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Making Byzantine fault tolerant systems tolerate Byzantine faults
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Spin One's Wheels? Byzantine Fault Tolerance with a Spinning Primary
SRDS '09 Proceedings of the 2009 28th IEEE International Symposium on Reliable Distributed Systems
Zyzzyva: Speculative Byzantine fault tolerance
ACM Transactions on Computer Systems (TOCS)
NOVA: a microhypervisor-based secure virtualization architecture
Proceedings of the 5th European conference on Computer systems
Proceedings of the 5th European conference on Computer systems
ZooKeeper: wait-free coordination for internet-scale systems
USENIXATC'10 Proceedings of the 2010 USENIX conference on USENIX annual technical conference
Venus: verification for untrusted cloud storage
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
EBAWA: Efficient Byzantine Agreement for Wide-Area Networks
HASE '10 Proceedings of the 2010 IEEE 12th International Symposium on High-Assurance Systems Engineering
SPORC: group collaboration using untrusted cloud resources
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Increasing performance in byzantine fault-tolerant systems with on-demand replica consistency
Proceedings of the sixth conference on Computer systems
ZZ and the art of practical BFT execution
Proceedings of the sixth conference on Computer systems
Efficient Byzantine Fault-Tolerance
IEEE Transactions on Computers
A look to the old-world_sky: EU-funded dependability cloud computing research
ACM SIGOPS Operating Systems Review
On the price of equivocation in byzantine agreement
PODC '12 Proceedings of the 2012 ACM symposium on Principles of distributed computing
Iwazaru: the byzantine sequencer
ARCS'13 Proceedings of the 26th international conference on Architecture of Computing Systems
Towards secure and dependable software-defined networks
Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking
The TClouds platform: concept, architecture and instantiations
Proceedings of the 2nd International Workshop on Dependability Issues in Cloud Computing
On the efficiency of durable state machine replication
USENIX ATC'13 Proceedings of the 2013 USENIX conference on Annual Technical Conference
Scalable and leaderless Byzantine consensus in cloud computing environments
Information Systems Frontiers
Hi-index | 0.00 |
One of the main reasons why Byzantine fault-tolerant (BFT) systems are not widely used lies in their high resource consumption: 3f+1 replicas are necessary to tolerate only f faults. Recent works have been able to reduce the minimum number of replicas to 2f+1 by relying on a trusted subsystem that prevents a replica from making conflicting statements to other replicas without being detected. Nevertheless, having been designed with the focus on fault handling, these systems still employ a majority of replicas during normal-case operation for seemingly redundant work. Furthermore, the trusted subsystems available trade off performance for security; that is, they either achieve high throughput or they come with a small trusted computing base. This paper presents CheapBFT, a BFT system that, for the first time, tolerates that all but one of the replicas active in normal-case operation become faulty. CheapBFT runs a composite agreement protocol and exploits passive replication to save resources; in the absence of faults, it requires that only f+1 replicas actively agree on client requests and execute them. In case of suspected faulty behavior, CheapBFT triggers a transition protocol that activates f extra passive replicas and brings all non-faulty replicas into a consistent state again. This approach, for example, allows the system to safely switch to another, more resilient agreement protocol. CheapBFT relies on an FPGA-based trusted subsystem for the authentication of protocol messages that provides high performance and comprises a small trusted computing base.