Easy impossibility proofs for distributed consensus problems
Distributed Computing
STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
Completeness theorems for non-cryptographic fault-tolerant distributed computation
STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
Multiparty unconditionally secure protocols
STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
On the Composition of Zero-Knowledge Proof Systems
SIAM Journal on Computing
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Reaching Agreement in the Presence of Faults
Journal of the ACM (JACM)
From partial consistency to global broadcast
STOC '00 Proceedings of the thirty-second annual ACM symposium on Theory of computing
The Byzantine Generals Problem
ACM Transactions on Programming Languages and Systems (TOPLAS)
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Black-box concurrent zero-knowledge requires \tilde {Ω} (logn) rounds
STOC '01 Proceedings of the thirty-third annual ACM symposium on Theory of computing
Concurrent zero-knowledge with timing, revisited
STOC '02 Proceedings of the thiry-fourth annual ACM symposium on Theory of computing
Detectable byzantine agreement secure against faulty majorities
Proceedings of the twenty-first annual symposium on Principles of distributed computing
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
FOCS '00 Proceedings of the 41st Annual Symposium on Foundations of Computer Science
How to Go Beyond the Black-Box Simulation Barrier
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
Universally Composable Security: A New Paradigm for Cryptographic Protocols
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
Cryptography and cryptographic protocols
Distributed Computing - Papers in celebration of the 20th anniversary of PODC
Foundations of Cryptography: Volume 2, Basic Applications
Foundations of Cryptography: Volume 2, Basic Applications
On the concurrent composition of zero-knowledge proofs
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Legally-enforceable fairness in secure two-party computation
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Can end-to-end verifiable e-voting be explained easily?
Proceedings of the 11th International Conference on Information Integration and Web-based Applications & Services
| Hi-index | 0.02 |
A fundamental problem of distributed computing is that of simulating a secure broadcast channel, within the setting of a point-to-point network. This problem is known as Byzantine Agreement (or Generals) and has been the focus of much research. Lamport et al. [1982] showed that in order to achieve Byzantine Agreement in the plain model, more than two thirds of the participating parties must be honest. They further showed that by augmenting the network with a public-key infrastructure for digital signatures, it is possible to obtain protocols that are secure for any number of corrupted parties. The problem in this augmented model is called “authenticated Byzantine Agreement”.In this article, we consider the question of concurrent, parallel and sequential composition of authenticated Byzantine Agreement protocols with a single common setup. We present surprising impossibility results showing that:(1) Authenticated Byzantine Agreement protocols that remain secure under parallel or concurrent composition (even for just two executions) and tolerate a third or more corrupted parties, do not exist.(2) Deterministic authenticated Byzantine Agreement protocols that run for r rounds and tolerate a third or more corrupted parties, can remain secure for at most 2r − 1 sequential executions.In contrast, we present randomized protocols for authenticated Byzantine Agreement that remain secure under sequential composition, for any polynomial number of executions. We exhibit two such protocols. In the first protocol, an honest majority is required. In the second protocol, any number of parties may be corrupted; however, the complexity of the protocol is in the order of 2n · n! for n parties. In order to have this polynomial in the security parameter k (used for the signature scheme in the protocol), this requires the overall number of parties to be limited to O(log k/log log k). The above results are achieved due to a new protocol for authenticated Byzantine Generals for three parties that can tolerate any number of faulty parties and composes sequentially.Finally, we show that when the model is further augmented so that in each session, all the participating parties receive a common session identifier that is unique to that session, then any polynomial number of authenticated Byzantine agreement protocols can be concurrently executed, while tolerating any number of corrupted parties.