Fast byzantine paxos

US 7,620,680 B1
Filed: 08/15/2002
Issued: 11/17/2009
Est. Priority Date: 08/15/2002
Status: Active Grant

First Claim

Patent Images

1. A method for selecting values in a distributed computing system having a maximum number of malicious devices, the method comprising:

receiving a properly authenticated request;

receiving a group of forwarded prior vote messages with authenticators comprising more copies of prior vote messages than three times the maximum number of malicious devices in the distributed computing system, of which more copies than twice the maximum number of malicious devices in the distributed computing system are properly authenticated, wherein the group of forwarded prior vote messages with authenticators indicate a set of safe values for a proposal number for current and future steps; and

transmitting a vote message if the properly authenticated request is contained in the set of safe values and no other request with the proposal number for a current step was previously accepted.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A distributed computing system can operate in the face of malicious failures on the part of some of its constituent devices, and provide a minimum of message delays between receiving a client request and providing a response, when each device within the system verifies the sender of any message it receives, and the propriety of the message. The sender can be verified through message authentication schemes or digital signature schemes. The propriety of a message can be verified by receiving a sufficiently large number of equivalent, properly authenticated messages. If the number of malicious devices is represented by the variable “M”, a sufficient number of equivalent, properly authenticated messages to verify that the message is true can be any number of messages greater than M. Furthermore, to verify that a leader device is not maliciously submitting different proposals to different devices using the same proposal number, a quorum of devices can be required to select a proposal, where a quorum is a sufficiently large number of devices such that any other quorum has, as a majority of its devices, non-malicious devices from the first quorum. Therefore, the distributed computing system can operate properly with M number of malicious failures and F number of total failures, and with a minimum of message delays, if the number of constituent devices in the distributed computing system is greater than 3F+2M. Additionally, if the distributed computing system can revert to a more traditional algorithm if too many devices fail or become malicious, it can use a message-delay-reducing algorithm while having as few as 2Q+F+2M+1 constituent devices, where Q is the number of devices that can fail and still allow the system to use a message-delay-reducing algorithm.

84 Citations

View as Search Results

15 Claims

1. A method for selecting values in a distributed computing system having a maximum number of malicious devices, the method comprising:
- receiving a properly authenticated request;
  
  receiving a group of forwarded prior vote messages with authenticators comprising more copies of prior vote messages than three times the maximum number of malicious devices in the distributed computing system, of which more copies than twice the maximum number of malicious devices in the distributed computing system are properly authenticated, wherein the group of forwarded prior vote messages with authenticators indicate a set of safe values for a proposal number for current and future steps; and
  
  transmitting a vote message if the properly authenticated request is contained in the set of safe values and no other request with the proposal number for a current step was previously accepted.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein the properly authenticated request is received from a client, the group of forwarded prior vote messages with authenticators are received from a leader, and the vote message is transmitted to the client;
    - the method further comprising assigning the properly authenticated request a safe proposal number and the current step, wherein the safe proposal number is the proposal number for which the set of safe values is all values.
  - 3. The method of claim 2, further comprising:
    - receiving, from the leader, a properly authenticated suggested next proposal number message comprising a suggested next proposal number;
      
      transmitting, to a first quorum of devices, in response to the suggested next proposal number message, a prior vote message with authenticator and a prior vote message proof of safety, wherein the prior vote message with authenticator comprises an indication of the properly authenticated request and the proposal number;
      
      receiving, from a second quorum of devices, a group of prior vote messages with authenticators, wherein each prior vote message in the group of prior vote messages with authenticators comprises an indication of a request previously voted for by the sending device and a sender prior vote proposal number corresponding to the request previously voted for by the sending device;
      
      transmitting, to the leader, the group of prior vote messages with authenticators received from the second quorum of devices;
      
      receiving, from the leader, a properly authenticated proposal and a proposal proof of safety, wherein the properly authenticated proposal comprises either the properly authenticated request or one of the requests previously voted for by the sending device indicated by the group of prior vote messages with authenticators; and
      
      transmitting, to the leader, a vote message for the proposal if no other suggested next proposal number message was received since the suggested next proposal number message was received from the leader.
  - 4. The method of claim 1, wherein transmitting the vote message comprises transmitting the vote message if no suggested next proposal number message was received since a suggested next proposal number message was received from a leader, and further wherein the properly authenticated request and the group of forwarded prior vote messages with authenticators are received from the leader, and the vote message is transmitted to the leader, the properly authenticated request comprising an indication of a leader assigned proposal number and the current step, wherein the leader assigned proposal number is larger than a previously voted for proposal number if a request was previously voted for;
    - the method further comprising;
      
      receiving, from the leader, the suggested next proposal number message comprising a suggested next proposal number;
      
      transmitting, to a first quorum of devices, in response to the suggested next proposal number message, a prior vote message with authenticator and a prior vote message proof of safety, wherein the prior vote message with authenticator comprises an indication of a previously voted for request and the previously voted for proposal number if a request was previously voted for;
      
      receiving, from a second quorum of devices, a group of prior vote messages with authenticators, wherein each prior vote message in the group of prior vote messages with authenticators comprises an indication of a request previously voted for by a sending device and a previously voted proposal number corresponding to the request previously voted for by the sending device; and
      
      transmitting, to the leader, the group of prior vote messages with authenticators received from the second quorum of devices.

5. A computer-readable storage medium having computer-executable instructions for selecting values in a distributed computing system having a maximum number of malicious devices, the computer-executable instructions performing steps comprising:
- receiving a properly authenticated request;
  
  receiving a group of forwarded prior vote messages with authenticators comprising more copies of prior vote messages than three times the maximum number of malicious devices in the distributed computing system, of which more copies than twice the maximum number of malicious devices in the distributed computing system are properly authenticated, wherein the group of forwarded prior vote messages with authenticators indicate a set of safe values for a proposal number for current and future steps; and
  
  transmitting a vote message if the properly authenticated request is contained in the set of safe values and no other request with the proposal number for a current step was previously accepted.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 12)
- - 6. The computer-readable storage medium of claim 5, wherein the properly authenticated request is received from a client, the group of forwarded prior vote messages with authenticators are received from a leader, and the vote message is transmitted to the client;
    - the computer-readable medium having further computer-executable instructions for assigning the properly authenticated request a safe proposal number and the current step, wherein the safe proposal number is the proposal number for which the set of safe values is all values.
  - 7. The computer-readable storage medium of claim 6, wherein transmitting the vote message further comprises transmitting the vote message if the client is authorized to make the properly authenticated request.
  - 8. The computer-readable storage medium of claim 6, having further computer-executable instructions performing steps comprising:
    - receiving, from the leader, a properly authenticated suggested next proposal number message comprising a suggested next proposal number;
      
      transmitting, to a first quorum of devices, in response to the suggested next proposal number message, a prior vote message with authenticator and a prior vote message proof of safety, wherein the prior vote message with authenticator comprises an indication of the properly authenticated request and the proposal number;
      
      receiving, from a second quorum of devices, a group of prior vote messages with authenticators, wherein each prior vote message in the group of prior vote messages with authenticators comprises an indication of a request previously voted for by the sending device and a sender prior vote proposal number corresponding to the request previously voted for by the sending device;
      
      transmitting, to the leader, the group of prior vote messages with authenticators received from the second quorum of devices;
      
      receiving, from the leader, a properly authenticated proposal and a proposal proof of safety, wherein the properly authenticated proposal comprises either the properly authenticated request or one of the requests previously voted for by the sending device indicated by the group of prior vote messages with authenticators; and
      
      transmitting, to the leader, a vote message for the proposal if no other suggested next proposal number message was received since the suggested next proposal number message was received from the leader.
  - 9. The computer-readable storage medium of claim 8, wherein the proposal proof of safety comprises a second group of forwarded prior vote messages with authenticators, the second group of forwarded prior vote messages with authenticators indicating that the proposal is safe;
    - the second group of forwarded prior vote messages with authenticators comprising more properly authenticated copies of prior vote messages than twice the maximum number of malicious devices in the distributed computing system.
  - 10. The computer-readable storage medium of claim 5, wherein transmitting the vote message comprises transmitting the vote message if no suggested next proposal number message was received since a suggested next proposal number message was received from a leader, and further wherein the properly authenticated request and the group of forwarded prior vote messages with authenticators are received from the leader, and the vote message is transmitted to the leader, the properly authenticated request comprising an indication of a leader assigned proposal number and the current step, wherein the leader assigned proposal number is larger than a previously voted for proposal number if a request was previously voted for;
    - the computer-readable medium having further computer-executable instructions performing steps comprising;
      
      receiving, from the leader, the suggested next proposal number message comprising a suggested next proposal number;
      
      transmitting, to a first quorum of devices, in response to the suggested next proposal number message, a prior vote message with authenticator and a prior vote message proof of safety, wherein the prior vote message with authenticator comprises an indication of a previously voted for request and the previously voted for proposal number if a request was previously voted for;
      
      receiving, from a second quorum of devices, a group of prior vote messages with authenticators, wherein each prior vote message in the group of prior vote messages with authenticators comprises an indication of a request previously voted for by a sending device and a previously voted proposal number corresponding to the request previously voted for by the sending device; and
      
      transmitting, to the leader, the group of prior vote messages with authenticators received from the second quorum of devices.
  - 11. The computer-readable storage medium of claim 10 wherein the prior vote message proof of safety comprises a previously received group of forwarded prior vote messages with authenticators, the previously received group of forwarded prior vote messages with authenticators indicating that the previously voted for request was safe;
    - the previously received group of forwarded prior vote messages with authenticators comprising more properly authenticated copies of previously received prior vote messages than twice the maximum number of malicious devices in the distributed computing system.
  - 12. The computer-readable storage medium of claim 10 wherein the transmitting, to the leader, the group of prior vote messages with authenticators comprises determining the set of safe values and transmitting the set of safe values to the leader, wherein the set of safe values is a majority previously voted for request indicated by at least a majority of prior vote messages with authenticators in the group of prior vote messages with authenticators.

13. A distributed computing system, wherein at least a quorum of devices in the distributed computing system comprise computer-readable storage media having computer-executable instructions for performing steps comprising:
- receiving a properly authenticated request;
  
  receiving a group of forwarded prior vote messages with authenticators comprising more copies of prior vote messages than three times a maximum number of malicious devices in the distributed computing system, of which more copies than twice the maximum number of malicious devices in the distributed computing system are properly authenticated, wherein the group of forwarded prior vote messages with authenticators indicate a set of safe values for a proposal number for current and future steps; and
  
  if a sufficient number of devices operate;
  
  transmitting a vote message if the properly authenticated request is contained in the set of safe values and no other request with the proposal number for a current step was previously accepted;
  
  otherwise;
  
  transmitting, to a first quorum of devices in the distributed computing system, an exclusivity message, wherein the exclusivity message indicates a unique proposed value for the proposal number for which a vote can be cast, and wherein the exclusivity message is authenticated for the first quorum of devices;
  
  receiving, from a second quorum of devices in the distributed computing system, a quorum of exclusivity messages authenticated from the second quorum of devices; and
  
  transmitting a vote message if the received quorum of exclusivity messages indicated the properly authenticated request as the unique proposed value and no suggested next proposal number message was responded to;
  
  the distributed computing system comprising a minimum number of devices, wherein the minimum number of devices is greater than;
  
  a sum of a maximum number of failed devices and the maximum number of malicious devices plus twice the maximum number of malicious devices plus twice a maximum number of failed and malicious devices that can be accommodated, wherein the sufficient number of operating devices is at least the minimum number of devices minus the maximum number of failed and malicious devices that can be accommodated.
- View Dependent Claims (14, 15)
- - 14. The distributed computing system of claim 13, wherein the quorum of devices comprises at least as many devices as the minimum number of devices in the distributed computing system minus the maximum number of failed and malicious devices that can be accommodated.
  - 15. The distributed computing system of claim 13, wherein if the properly authenticated request and the group of forwarded prior vote messages with authenticators are only received from a leader device, then the distributed computing system comprises a new minimum number of devices, wherein the new minimum number of devices is two devices less than the minimum number of devices.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Lamport, Leslie
Primary Examiner(s)
Flynn; Nathan J
Assistant Examiner(s)
WASEL, MOHAMED A

Application Number

US10/219,106
Time in Patent Office

2,651 Days
Field of Search

709/201, 709/202, 709/248
US Class Current

709/201
CPC Class Codes

H04L 63/123 received data contents, e.g...

H04L 63/1441 Countermeasures against mal...

Fast byzantine paxos

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

84 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Fast byzantine paxos

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

84 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links