# ITEC452

### Presentations text content in ITEC452

ITEC452Distributed ComputingLecture 12Distributed Consensus

Hwajung Lee

Slide2Distributed Consensus

Reaching agreement is a fundamental problem in distributed computing. Some examples areLeader election / Mutual ExclusionCommit or Abort in distributed transactionsReaching agreement about which process has failedClock phase synchronizationAir traffic control system: all aircrafts must have the same view

If there is no failure, then reaching consensus is trivial. All-to-all broadcast

Followed by a applying a choice function … Consensus in presence of

failures can however be complex.

Slide3Problem Specification

u3

u2

u1

u0

v

v

v

v

Here,

v

must be equal to the value at some input line.

Also, all outputs must be identical.

input

output

p0

p1

p2

p3

Slide4Problem Specification

Termination

. Every non-faulty process must eventually decide.

Agreement.

The final decision of every non-faulty process

must be identical.

Validity.

If every non-faulty process begins with the same

initial value

v

, then their final decision must be

v

.

Slide5Asynchronous Consensus

Seven members of a busy household decided

to hire a cook

, since they do not have time to prepare their own food. Each member

separately interviewed

every applicant for the cook’s position. Depending on how it went, each member voted

"yes" (means “hire”)

or

"no" (means “don't hire”).

These members will now have to communicate with one another to

reach a uniform final decision

about whether the applicant will be hired. The process will be repeated with the next applicant, until someone is hired.

Consider various modes of communication…

Slide6Asynchronous Consensus

Theorem

.

In a

purely asynchronous

distributed system,

the consensus problem is

impossible

to solve

if even a

single process crashes

Famous result due to

Fischer, Lynch, Patterson

(commonly known as FLP 85)

Slide7Proof

Bivalent and Univalent states

A decision state is

bivalent

, if starting from that state, there exist

two distinct executions leading to two distinct decision values

0

or

1.

Otherwise it is

univalent

.

A

univalent

state may be

either

0-valent

or

1-valent.

Slide8Proof

Lemma

.

No execution can lead from a 0-valent to a 1-valent

state or vice versa.

Proof

.

Follows from the definition of 0-valent and 1-valent states.

Slide9Proof

Lemma. Every consensus protocol must have a bivalent initial state.Proof by contradiction. Suppose not. Then consider the following input patterns:s[0] 0 0 0 0 0 0 …0 0 0 {0-valent) 0 0 0 0 0 0 …0 0 1 s[j] is 0-valent 0 0 0 0 0 0 …0 1 1 s[j+1] is 1-valent … … … … (differ in jth position)s[n-1] 1 1 1 1 1 1 …1 1 1 {1-valent}

What if process (j+1) crashes at the first step?

Slide10Proof

Lemma. In a consensus protocol, starting from any initial bivalent state, there must exist a reachable bivalent state T, such that every action taken by some process p in state T leads to either a 0-valent or a 1-valent state.

Actions 0 and 1 from T must be taken by the

same process

p. Why?

The adversary tries to prevent

The system from reaching

consensus

Slide11Proof of FLP (continued)

Lemma. In a consensus protocol, starting from any initial bivalent state I, there must exist a reachable bivalent state T, such that every action taken by some process p in state T leads to either a 0-valent or a 1-valent state.

Actions 0 and 1 from T must be taken by the

same process

p. Why?

Slide12Proof of FLP (continued)

T

T0

T1

Decision =1

Decision = 0

p reads

q writes

e1

e0

Starting from T, let e1 be a computation that

excludes any step

by p.

Let p crash after reading.Then e1 is a valid computation from T0 too.

To all non-faulty processes, these two computations are identical, but the

outcomes are different! This is not possible!

Case 1.

1-valent

0-valent

Assume shared memory communication.

Also assume that p ≠ q. Various cases are possible

Such a computation must exist

since p can crash at any time

Slide13Proof (continued)

T

T0

T1

Decision =1

Decision = 0

p writes

q writes

e1

e0

Both write on the

same variable

, and

p writes first.

From T, let e1 be a computation that

excludes any step

by p.

Let p crash after writing.Then e1 is a valid computation from T0 too.

To all non-faulty processes, these two computations are identical, but the outcomes are different!

Case 2.

1-valent

0-valent

Slide14Proof (continued)

T

T0

T1

Z

Decision =1

Decision = 0

p writes

q writes

Let both p and q write

,

but on

different variables

.

Then regardless of the order of these writes, both computations lead

to the same

intermediate global state Z, which must be univalent. Is Z 1-valent or 0-valent? Both are absurd

Case 3

0-valent

1-valent

p writes

q writes

Slide15Proof (continued)

Similar arguments can be made for communication using

the message passing model too (See Lynch’s book). These

lead to the fact that p, q cannot be distinct processes, and

p = q. Call p the

decider

process.

What if p crashes in state T? No consensus is reached!

Slide16Conclusion

In a purely asynchronous system, there is no solution to the consensus problem if a single process crashes..

Note that this is true for

deterministic

algorithms only. Solutions do exist

for the

consensus problem using

randomized algorithm

,

or using the

synchronous model.

Slide17Byzantine Generals Problem

Describes and solves the consensus problem on the

synchronous model of communication

.

Processor speeds have lower bounds and communication delays have upper bounds.

The network is

completely connected

Processes undergo

byzantine failures

, the worst possible kind of failure

Slide18Byzantine Generals Problem

n

generals

{0, 1, 2, ..., n-1}

decide about whether to

"attack"

or to

"retreat"

during a particular phase of a war. The goal is to

agree upon the same plan of action

.

Some

generals may be

"traitors"

and therefore send either no input, or send conflicting inputs to prevent the

"loyal" generals from reaching an agreement.

Devise a strategy, by which

every loyal general eventually agrees upon the same plan, regardless of the action of the traitors.

Slide19Byzantine Generals

0

3

2

1

Attack = 1

Attack=1

Retreat = 0

Retreat = 0

{1, 1, 0,

0

}

{1, 1, 0,

0

}

Every general will broadcast his judgment to everyone else.

These are inputs to the consensus protocol.

{1, 1, 0,

1}

{1, 1, 0, 0}

traitor

The traitor

may send out conflicting inputs

Slide20Byzantine Generals

We need to devise a protocol so that every peer(call it a lieutenant) receives the same value from any given general (call it a commander). Clearly, the lieutenants will have to use secondary information.

Note that the roles of the

commander

and the

lieutenants

will rotate among the generals

.

Slide21Interactive consistency specifications

IC1. Every loyal lieutenant receives the same order from the commander.IC2. If the commander is loyal, then every loyal lieutenant receives the order that the commander sends.

commander

lieutenants

Slide22The Communication Model

Oral Messages

1. Messages are not corrupted in transit.

2. Messages can be lost, but the absence of message can be detected.

3. When a message is received (or its absence is detected), the receiver knows the identity of the sender (or the defaulter).

OM(m)

represents an

interactive consistency protocol

in presence of at most

m

traitors.

Slide23An Impossibility Result

Using

oral messages

,

no solution

to the Byzantine

Generals problem exists with

three or fewer

generals

and

one traitor

. Consider the two cases:

Slide24

Impossibility result

Using oral messages

,

no solution to the Byzantine Generals problem exists

with

3m

or fewer

generals and

m

traitors (

m > 0

).

Hint.

Divide the

3m

generals into three groups of

m

generals each, such that all the traitors belong to one group. This scenario is no better than the case of three generals and one traitor.

Slide25

The OM(m) algorithm

Recursive algorithm OM(m) OM(m-1) OM(m-2) OM(0) OM(0) = Direct broadcast

OM(0)

Slide26The OM(m) algorithm

1. Commander i sends out a value v (0 or 1)2. If m > 0, then every lieutenant j ≠ i, afterreceiving v, acts as a commander and initiates OM(m-1) with everyone except i . 3. Every lieutenant, collects (n-1) values: (n-2) values sent by the lieutenants usingOM(m-1), and one direct value from the commander. Then he picks the majority of these values as the order from i

Slide27Example of OM(1)

Slide28The OM(m) algorithm

Recall what the oral message model is.Recall the two interactive consistency criteria IC1 & IC2.

Byzantine agreement algorithm for the Oral Message model of communication with at most m traitors

Slide29The OM(m) algorithm

Recursive algorithm OM(m) OM(m-1) OM(m-2) OM(0)

OM(0) = Direct broadcast

m= max number

of traitors

Slide30The OM(m) algorithm

[1] Commander i sends out a value v (0 or 1)[2] If m > 0, then every lieutenant j ≠ i, afterreceiving v, acts as a commander and initiates OM(m-1) with everyone except i . [3] Every lieutenant, collects (n-1) values: (n-2) values sent by the lieutenants usingOM(m-1), and one direct value from the commander. Then he picks the majority of these values as the order from i

Slide31Example of OM(1)

Slide32Example of OM(2)

OM(2)

OM(1)

OM(0)

Slide33Proof of OM(m)

Lemma.Let the commander beloyal, and n > 2m + k,where m = maximumnumber of traitors. Then OM(k) satisfies IC2

Slide34Proof of OM(m)

ProofIf k=0, then the result trivially holds.Let it hold for k = r (r > 0) i.e. OM(r)satisfies IC2. We have to show thatit holds for k = r + 1 too.By definition n > 2m+ r+1, so n-1 > 2m+ rSo OM(r) holds for the lieutenants in the bottom row. Each loyal lieutenant willcollect n-m-1 identical good values andm bad values. So bad values are votedout (n-m-1 > m + r implies n-m-1 > m)

Slide35The final theorem

Theorem

. If

n > 3m

where

m

is the maximum number of

traitors, then

OM(m)

satisfies both

IC1

and

IC2

.

Proof.

Consider two cases:

Case 1

. Commander is loyal. The theorem follows from

the previous lemma (substitute

k = m

).

Case 2

. Commander is a traitor. We prove it by induction.

Base case

. m=0 trivial.

(

Induction hypothesis

) Let the theorem hold for m = r.

We have to show that it holds for m = r+1 too.

Slide36Proof (continued)

There are n > 3(r + 1) generals and r + 1 traitors. Excluding the commander, there are > 3r+2 generals of which there are r traitors. So > 2r+2 lieutenants are loyal. Since 3r+ 2 > 3.r, OM(r) satisfies IC1 and IC2

> 2r+2

r traitors

Slide37Proof (continued)

In OM(r+1), a loyal lieutenant chooses themajority from (1) > 2r+1 values obtainedfrom the loyal lieutenants via OM(r), (2) the r values from the traitors, and (3) the value directly from the commander.

> 2r+2

r traitors

The set of values collected in part (1) & (3) are the same for all loyal lieutenants –

it is the same set of values that these lieutenants received from the commander.

Also, by the induction hypothesis, in part (2) each loyal lieutenant receives

identical values from each traitor.

So every loyal lieutenant collects the same set of values.

Slide38Solution using signed messages

A

signed message

satisfies all the conditions of oral message, plus

two extra conditions

Signature cannot be forged. Forged message are detected and discarded.

Anyone can verify its authenticity of a signature.

Signed messages

improve resilience.

Slide39Example

discard

Using signed messages, byzantine

consensus

is feasible

with 3 generals

and 1 traitor

Slide40Signature list

0

1

7

2

4

V{0}

V{0,1}

V{0,1,7}

V{0,1,7,4}

Slide41The SM(m) algorithm

1. Commander

i

sends out a signed message

v{i}

to each lieutenant j ≠ i

2. Lieutenant

j

, after receiving

v{S}

, appends it to a set

V.j,

only if

(i) it is not forged, and (ii) it has not been received before.

3. If the

length

of

S

is less than

m+1

, then lieutenant

j

(i) appends his own signature to

S

, and

(ii) sends out the signed message to every other lieutenant

whose signature does not appear in

S

.

4. Lieutenant

j

applies a choice function on

V.j

to make the final decision.

Slide42Theorem of signed messages

If

n ≥ m + 2

, where

m

is the maximum

number of traitors, then

SM(m)

satisfies

both

IC1

and

IC2

.

Case 1. Commander is loyal

. The bag of

Each process will contain exactly one

message, that was sent by the commander.

Slide43Theorem of signed messages

Case 2. Commander is traitor

.

The signature list has a size (m+1), and there are m traitors, so

at least one lieutenant signing the message must be loyal

.

Every loyal lieutenant i will receive every other loyal lieutenant’s message. So, every message accepted by

j

is also accepted by

i

and vice versa. So

V.i = V.j

.

Slide44Concluding remarks

The signed message version tolerates a

larger number (n-2)

of faults.

Message complexity however is the same in both cases

Slide45Failure detector

Recall FLP’85 impossibility result. If

crash failure

can be

detected

, then consensus is trivial!

In synchronous systems with bounded delay channels, crash failures can

definitely be detected

using timeouts.

But

what about asynchronous systems

? Can we design a

failure detector

for purely asynchronous distributed systems?

Slide46Failure detectors for asynchronous systems

In asynchronous distributed systems, the detection of

crash failures

is imperfect. This is why, consensus cannot

be solved. But

how close

can we get towards a

perfect

failure detector

? Two properties are relevant:

Completeness

Every crashed process is eventually suspected

.

Accuracy

No correct process is suspected

.

Slide47Example

0

6

1

3

5

2

4

7

0 suspects {1,2,3,7} to have failed. Does this satisfy completeness? Does this satisfy accuracy?

crashed

Slide48Classification of completeness

Strong completeness

.

Every crashed process is eventually suspected by

every

correct process

, and remains a suspect thereafter.

Weak completeness

.

Every crashed process is eventually suspected by

at least one

correct process, and remains a suspect thereafter.

(These are liveness properties)

Slide49Classification of accuracy

Strong accuracy

.

No correct process

is ever suspected.

Weak accuracy

.

There is

at least one correct process

that is never suspected

.

(These are safety properties)

Slide50Transforming completeness

Transforming Weak completeness into strong completeness

Program

strong completeness (program for process i};

define

D: set of process ids (representing the

suspects

);

initially

D is generated by the

weakly complete

failure detector

;

do

true

send

D(i) to every process

j ≠ i;

receive

D(j) from every process

j ≠ i;

D(i) := D(i)

D(j);

if

j

D(i)

D(i) := D(i) \ j

fi

od

Slide51Eventual accuracy

Accuracy is a

safety property

. A failure detector is

eventually strongly accurate

, if there exists a time

T

after which

no correct process is suspected

.

(

Before that time, a correct process be added to and removed from the list of suspects any number of times

)

A failure detector is

eventually weakly accurate

, if there exists a time

T

after which

at least one process is no more suspected

.

Slide52Classifying failure detectors

Perfect P. (Strongly) Complete and strongly accurateStrong S. (Strongly) Complete and weakly accurateEventually perfect ◊P. (Strongly) Complete and eventually strongly accurateEventually strong ◊S (Strongly) Complete and eventually weakly accurate

strong completeness

weak completeness

strong accuracy

weak accuracy

◊ strong accuracy

◊ weak accuracy

Perfect P

Strong S

◊P

◊S

Weak W

◊W

Slide53Motivation

Question 1.

Given a failure detector of a certain type, how can we solve the

consensus problem

?

Question 2

. How can we implement these classes of failure detectors in asynchronous distributed systems?

Question 3

. What is the

weakest class of failure detectors

that can solve the consensus problem?

(

Weakest class of failure detectors is

closer to reality)

Slide54Consensus using failure detector

input

output

1

2

3

4

Agreed value

Slide55Consensus using P

{

program for process p, t = max number of faulty processes

}

initially

V

p

:= (

,

,

, …,

); D

p

:= V

p;

{V

p

[q]

≠

means, process p thinks q

is

a suspect}

{Phase 1} for round

r

p

= 1 to t +1

send (r

p

, D

p,

p) to all;

wait to receive (r

p

, D

q

, q) from all q,

{or else q becomes a suspect};

for

k = 1

to

n V

p

[k] =

(r

p

, D

q

, q): D

q

[k] ≠

V

p

[k] := D

q

[k]

end for

end for

{at the end of Phase 1, V

p

for each correct process is identical}

{Phase 2}

Final decision value is the

first

element V

p

[j]: V

p

[j] ≠

Q. What is there is no suspect?

Slide56Understanding consensus using P

It is possible that a process

p

sends out the first message

to

q

and then crashes. If there are

n

processes and

t

of

them crashed, then after

at most

(t + 1)

asynchronous

rounds

,

V

p

for each correct process

p

becomes identical

,

and contains all inputs from processes that may have

transmitted at least once.

The choice function leads to

a unique decision.

Slide57Understanding consensus using P

i

i

j

k

l

l

l

l

Sends (1, D

i

) and

then crashes

Sends (2, D

j

) and

then crashes

Sends (t, D

k) and then crashes

Sends (t+1,Dl)

Completely connected topology

Slide58
## ITEC452

Download Presentation - The PPT/PDF document "ITEC452" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.