/
TexPoint fonts used in EMF. TexPoint fonts used in EMF.

TexPoint fonts used in EMF. - PowerPoint Presentation

bikersnomercy
bikersnomercy . @bikersnomercy
Follow
343 views
Uploaded On 2020-08-06

TexPoint fonts used in EMF. - PPT Presentation

Read the TexPoint manual before you delete this box A A A A Distributed Asymmetric Verification in Computational Grids Michael Kuhn Stefan Schmid Roger Wattenhofer IPDPS 2008 Miami Florida USA ID: 800307

ipdps michael zurich kuhn michael ipdps kuhn zurich eth checking cheaters clients verification results result problem computing work attacks

Share:

Link:

Embed:

Download Presentation from below link

Download The PPT/PDF document "TexPoint fonts used in EMF." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.


Presentation Transcript

Slide1

TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: AAAA

Distributed Asymmetric Verification in Computational Grids

Michael Kuhn

Stefan Schmid

Roger Wattenhofer

IPDPS 2008

Miami, Florida, USA

Slide2

Michael Kuhn, ETH Zurich @ IPDPS 20082

Grid Computing

Goal: Use idle computing resources worldwide

Examples: seti@home, folding@home, ...

Slide3

Michael Kuhn, ETH Zurich @ IPDPS 20083Model

Server

Clients (Participants)

#clients: 10

4

-10

6

Sends work-units (WU)

Returns result

Slide4

Michael Kuhn, ETH Zurich @ IPDPS 20084Why should people participate?Incentives: honour („user of the day“), money, ...But: Incentives attract cheaters!

The Problem of Cheaters

Slide5

Michael Kuhn, ETH Zurich @ IPDPS 20085

Verification requiredToday: RedundancyE.g. seti@home: Send the same task to 3 participants

This paper: Distributed asymmetric checking

Asymmetry: Verification is often cheaper than computation

Distributed: Participants check each other

The Problem of Cheaters

Random value

Slide6

Michael Kuhn, ETH Zurich @ IPDPS 20086Contributions

Distributed checking algorithm integrated in BOINCFaster than redundancy if asymmetric checking function existsBetter guarantees than typically used redundancy schemes

Resistant against

Dominance of seemingly fast clients

Lazy checking

Sybil attacks

Proof-of-concept implementation for discrete logarithm problem

Asymmetric checking function for Pollard-rho algorithm

Slide7

Michael Kuhn, ETH Zurich @ IPDPS 20087Related Work

Cheating is a problem[Kahney, Wired Magazine, Feb. 2001]

Seti@home: more than 50% of resources spent on cheating!

Ringer scheme (precompute selected results)

[Golle and Mironov, CT-RSA‘01], [Szaja et al., SP‘03]

Additional work on the server (precomputing ringers)

Commitment scheme with Merkle-tree

[Du et al., ICDCS‘04]

Additional work on the server (recompute some work-units)

Cryptographic protocols

e.g. [Aiello et al, ICALP‘00], [Cachin et al., EUROCRYPT‘99]

Often computationally too expensive in practice

Slide8

Michael Kuhn, ETH Zurich @ IPDPS 20088Challenges

Cheaters seem to be much faster than ordinary participants

1% cheaters can submit >99%

of the results

Cheaters stay honest for a long time, and only then start to cheat

Opens many possibilities for cheaters

Never trust a participant

Lazy checking

Cheaters can calculate everything correctly but cheat during

verification (i.e. simply say the result was correct)

Slide9

Michael Kuhn, ETH Zurich @ IPDPS 20089

Cheater Characterization

Fraction of cheating clients: p

Problem: Sybil attacks

Fraction of incorrect results

in the system:

r

Problem: Random results can be computed very fast

If no countermeasures are taken: r = 1

Fraction of computing power

of cheater(s):

qComputing power is expensive => q is limited

!Goal of cheaters: Pretend to have worked more than what is possible with the available computing resources

r

p

q

Slide10

Michael Kuhn, ETH Zurich @ IPDPS 200810Asymmetric Verification

Performance property: It is much cheaper to verify the correctness of a result than to calculate the result

Asymmetric

Fingerprint property

: A verifier calculates a fingerprint rather than a boolean result

Server compares fingerprints

Only honestly computed checks can lead to a positive result

Observe: Collusions still possible

Uniqueness property

: Results are either inherently unique, or the dependence from the input values can be verified

Prevents replay attacks

Example:

Task: Find prime factors of x = 10829; Solution: {7, 7, 13, 17}

Checking input: {7, 7, 13, 17};

Fingerprint

: 7 * 7 * 13 * 17 =

10829

Slide11

Michael Kuhn, ETH Zurich @ IPDPS 200811Distributed Verification: Algorithm

PrerequisitesFraction of cheaters is limited and considerably smaller than 50% (e.g. p ≤ 10%) => details later

Punishment is possible

Check each result, until a clear decision is possible

Result good if „considerably more“ positive than negative checks (and vice versa)

As p is limited, high probability of correct decision (see paper for details)

Punish cheaters (including colluders) and remove all their pending results

Assign checks

uniformly at random

among active clientsFast clients (often cheaters) cannot dominate checking

Slide12

Michael Kuhn, ETH Zurich @ IPDPS 200812Lifecycle of a Task

One after the other, to mitigate collusion

1

2

3

4

5

Slide13

Michael Kuhn, ETH Zurich @ IPDPS 200813Preventing Sybil Attacks

Problem: Zero cost identitySolution: Don‘t assign identity for free!Idea: Couple p (#clients) to q (computing resources)

New client has to perform some work without getting credits

=> buys identity

Goal: make the number of incorrect results a cheater can deliver before being detected lower than the price to buy the identity

Observe: For honest participants the price is low (as they only have to „pay“ once)

Slide14

Michael Kuhn, ETH Zurich @ IPDPS 200814Analysis (Simulation)

Number of checks vs. number of results (p = 10%)Asymmetry: Checking is 50 times faster than calculationFastest clients 100 times faster than slowest

Fast clients do

not

dominate checking!

Slide15

Michael Kuhn, ETH Zurich @ IPDPS 200815Analysis (Simulation) (2)

Queue lengthsNumber of pending checks for different confidence values

Slide16

Michael Kuhn, ETH Zurich @ IPDPS 200816Implementation in BOINC

Slide17

Michael Kuhn, ETH Zurich @ IPDPS 200817ECC Challenge

Task: Break large discrete logarithm on elliptic curve

Currently: 130-bit

Reward: 20,000 USD

Discrete Logarithm

Given a group with generator g, as well as a group element h:

Find x, such that g^x = h

Best known algorithm: Pollard-Rho

Well suited for parallelization and use in grids

Slide18

Michael Kuhn, ETH Zurich @ IPDPS 200818Pollard-Rho (Sketch)

Slide19

Michael Kuhn, ETH Zurich @ IPDPS 200819Asymmetric Verification (Sketch)

Not every point possesses a predecessorBackward iteration has high

probability to fail after a

certain number of steps

Finding a distinguished point together with the required parameters is asymptotically as expensive as forward iteration

Checking function: Report the x-th predecessor

Verifier can forward iterate x steps and check whether the

distinguished point is found

P(length > 50) < 10%

Slide20

Michael Kuhn, ETH Zurich @ IPDPS 200820Conclusions

Algorithm for distributed verification in volunteer computing, which is resistant against:Seemingly fast clients (uniform selection of verifier among all active clients)Lazy checking (fingerprint property)

Replay attacks (uniqueness property)

Sybil attacks (don‘t assign identity for free)

Downside: Strong assumption on the verification function

But: such verification functions exist (Pollard-Rho)

Future: More generic approaches

Slide21

Michael Kuhn, ETH Zurich @ IPDPS 200821Thanks for your Interest

Questions?