distributed systems security - university of washington · 2018. 3. 8. · distributed systems...
TRANSCRIPT
![Page 1: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/1.jpg)
DistributedSystemsSecurity
![Page 2: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/2.jpg)
Topics
• Byzan7nefaultresistance
• BitCoin
• CourseWrapUp
![Page 3: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/3.jpg)
FaultTolerance
• Wehavesofarassumed“fail-stop”failures(e.g.,powerfailuresorsystemcrashes)
• Inotherwords,iftheserverisup,itfollowstheprotocol
• Hardenough:
• difficulttodis7nguishbetweencrashvs.networkdown
• difficulttodealwithnetworkpar77on
![Page 4: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/4.jpg)
LargerClassofFailures
• Canonehandlealargerclassoffailures?
• Buggyserversthatcomputeincorrectlyratherthanstopping
• Serversthatdonotfollowtheprotocol
• ServersthathavebeenmodifiedbyanaQacker
• ReferredtoasByzan7nefaults
![Page 5: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/5.jpg)
Model
• Provideareplicatedstatemachineabstrac7on
• Assume2f+1of3f+1nodesarenon-faulty
• Inotherwords,oneneeds3f+1replicastohandleffaults
• Asynchronoussystem,unreliablechannels
• Usecryptography(bothpublic-keyandsecret-keycrypto)
![Page 6: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/6.jpg)
GeneralIdea
• Primary-backupplusquorumsystem
• Execu7onsaresequencesofviews
• Clientssendsignedcommandstoprimaryofcurrentview
• Primaryassignssequencenumbertoclient’scommand
• Primarywritessequencenumbertothe“register”implementedbythequorumsystemdefinedbyalltheservers
![Page 7: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/7.jpg)
AQacker’sPowers
• Worstcase:asingleaQackercontrolstheffaultyreplicas
• Suppliesthecodethatfaultyreplicasrun
• Knowsthecodethenon-faultyreplicasarerunning
• Knowsthefaultyreplicas’cryptokeys
• Canreadnetworkmessages
• CantemporarilyforcemessagestobedelayedviaDoS
![Page 8: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/8.jpg)
Whatfaultscannothappen?
• Nomorethanfoutof3f+1replicascanbefaulty
• Noclientfailure--clientscanneverdoanythingbad(orrathersuchbehaviorcanbedetectedusingstandardtechniques)
• Noguessingofcryptokeysorbreakingofcryptography
![Page 9: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/9.jpg)
• Ques7on:inaPaxosRSMsebng,whatcouldtheaQackersorbyzan7nenodesdo?
![Page 10: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/10.jpg)
Whatcouldgowrong?
• Primarycouldbefaulty!
• Couldignorecommands;assignsamesequencenumbertodifferentrequests;skipsequencenumbers;etc.
• Backupscouldbefaulty!
• Couldincorrectlystorecommandsforwardedbyacorrectprimary
• Faultyreplicascouldincorrectlyrespondtotheclient!
![Page 11: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/11.jpg)
ExampleUseScenario
• Arvind:
echoA>grade
echoB>grade
tellPaul"thegradefileisready"
• Paul:
catgrade
![Page 12: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/12.jpg)
Design1
• client,nservers
• clientsendsrequesttoallofthem
• waitsforallntoreply
• onlyproceedsifallnagree
• whatiswrongwiththisdesign?
![Page 13: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/13.jpg)
Design2
• letushavereplicasvote
• 2f+1servers,assumenomorethanfarefaulty
• clientwaitsforf+1matchingreplies
• ifonlyfarefaulty,andnetworkworkseventually,mustgetthem!
• whatiswrongwithdesign2?
![Page 14: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/14.jpg)
IssueswithDesign2
• f+1matchingrepliesmightbefbadnodes&1good
• somaybeonlyonegoodnodegottheopera7on!
• nextopera7onalsowaitsforf+1
• mightnotincludethatonegoodnodethatsawop1
• example:S1S2S3(S1isbad)
• everyonehearsandrepliestowrite("A")
• S1andS2replytowrite("B"),butS3missesit
• clientcan'twaitforS3sinceitmaybetheonefaultyserver
• S1andS3replytoread(),butS2missesit;read()yields"A"
• result:clienttrickedintoaccep7ngout-of-datestate
![Page 15: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/15.jpg)
Design3
• 3f+1servers,ofwhichatmostfarefaulty
• clientwaitsfor2f+1matchingreplies
• fbadnodesplusamajorityofthegoodnodes
• soallsetsof2f+1overlapinatleastonegoodnode
• doesdesign3haveeverythingweneed?
![Page 16: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/16.jpg)
RefinedApproach
• letushaveaprimarytopickorderforconcurrentclientrequests
• useaquorumof2f+1outof3f+1nodes
• haveamechanismtodealwithfaultyprimary
• replicassendresultsdirecttoclient
• replicasexchangeinfoaboutopssentbyprimary
• clientsno7fyreplicasofeachopera7on,aswellasprimary;ifnoprogress,forcechangeofprimary
![Page 17: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/17.jpg)
PBFT:Overview
• Normalopera7on:howtheprotocolworksintheabsenceoffailures;hopefully,thecommoncase
• Viewchanges:howtodeposeafaultyprimaryandelectanewone
• Garbagecollec7on:howtoreclaimthestorageusedtokeepvariouscer7ficates
• Recovery:howtomakeafaultyreplicabehavecorrectlyagain
![Page 18: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/18.jpg)
NormalOpera7on
• Threephases:
• Pre-prepare:assignssequencenumbertorequest
• Prepare:ensuresfault-tolerantconsistentorderingofrequestswithinviews
• Commit:ensuresfault-tolerantconsistentorderingofrequestsacrossviews
• Eachreplicamaintainsthefollowingstate:
• Servicestate
• Messagelogwithallmessagessent/received
• Integerrepresen7ngthecurrentviewnumber
![Page 19: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/19.jpg)
Clientissuesrequest
• o:statemachineopera7on
• t:7mestamp
• c:clientid
![Page 20: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/20.jpg)
Pre-prepare
• v:view
• n:sequencenumber
• d:digestofm
• m:client’srequest
![Page 21: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/21.jpg)
Pre-prepare
![Page 22: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/22.jpg)
Pre-prepare
![Page 23: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/23.jpg)
Prepare
![Page 24: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/24.jpg)
Prepare
![Page 25: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/25.jpg)
PrepareCer7ficate
• P-cer7ficatesensuretotalorderwithinviews
• ReplicaproducesP-cer7ficate(m,v,n)iffitslogholds:
• Therequestm
• APRE-PREPAREforminviewvwithsequencenumbern
• 2fPREPAREfromdifferentbackupsthatmatchthepre-prepare
• AP-cer7ficate(m,v,n)meansthataquorumagreeswithassigningsequencenumberntominviewv
• Notwonon-faultyreplicaswithP-cer7ficate(m1,v,n)andP-cer7ficate(m2,v,n)
![Page 26: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/26.jpg)
P-cer7ficatesarenotenough
• AP-cer7ficateprovesthatamajorityofcorrectreplicashasagreedonasequencenumberforaclient’srequest
• Yetthatordercouldbemodifiedbyanewleaderelectedinaviewchange
![Page 27: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/27.jpg)
Commit
![Page 28: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/28.jpg)
CommitCer7ficate
• C-cer7ficatesensuretotalorderacrossviews
• can’tmissP-cer7ficateduringaviewchange
• AreplicahasaC-cer7ficate(m,v,n)if:
• ithadaP-cer7ficate(m,v,n)
• logcontains2f+1matchingCOMMITfromdifferentreplicas(includingitself)
• ReplicaexecutesarequestaoeritgetsaC-cer7ficateforit,andhasclearedallrequestswithsmallersequencenumbers
![Page 29: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/29.jpg)
Reply
![Page 30: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/30.jpg)
BackupsDisplacePrimary
• Adisgruntledbackupmu7nies:
• stopsaccep7ngmessages(butforVIEW-CHANGE&NEW-VIEW)
• mul7casts<VIEW-CHANGE,v+1,P>
• PcontainsallP-Cer7ficatesknowntoreplicai
• Abackupjoinsmu7nyaoerseeingf+1dis7nctVIEW-CHANGEmessages
• Mu7nysucceedsifnewprimarycollectsanew-viewcer+ficateV,indica7ngsupportfrom2f+1dis7nctreplicas(includingitself)
![Page 31: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/31.jpg)
ViewChange:NewPrimary
• The“primaryelect”p’(replicav+1modN)extractsfromthenew-viewcer7ficateV:
• thehighestsequencenumberhofanymessageforwhichVcontainsaP-cer7ficate
• twosetsOandN:
• ifthereisaP-cer7ficateforn,minV,n≤h
• O=O∪<PRE-PREPARE,v+1,n,m>
• Otherwise,ifn≤hbutnoP-cer7ficate:
• N=N∪<PRE-PREPARE,v+1,n,null>
• p’mul7casts<NEW-VIEW,v+1,V,O,N>
![Page 32: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/32.jpg)
ViewChange:Backup
• BackupacceptsNEW-VIEWmessageforv+1if
• itissignedproperly
• itcontainsinVavalidVIEW-CHANGEmessagesforv+1
• itcanverifylocallythatOiscorrect(repea7ngtheprimary’scomputa7on)
• AddsallentriesinOtoitslog(sodidp’)
• Mul7castsaPREPAREforeachmessageinO
• AddsallPREPAREtologandentersnewview
![Page 33: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/33.jpg)
GarbageCollec7on
• Forsafety,acorrectreplicakeepsinlogmessagesaboutrequestoun7lit
• ohasbeenexecutedbyamajorityofcorrectreplicas,and
• thisfactcanprovenduringaviewchange
• TruncatelogwithStableCer7ficate
• Eachreplicaiperiodically(aoerprocessingkrequests)checkpointsstateandmul7casts<CHECKPOINT,n,d,i>
• 2f+1CHECKPOINTmessagesareaproofofthecheckpoint’scorrectness
![Page 34: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/34.jpg)
BFTDiscussion
• IsPBFTprac7cal?
• Doesitaddresstheconcernsthatenterpriseuserswouldliketobeaddressed?
![Page 35: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/35.jpg)
Topics
• Byzan7nefaultresistance
• BitCoin
![Page 36: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/36.jpg)
Bitcoin
• adigitalcurrency
• apublicledgertopreventdouble-spending
• nocentralizedtrustormechanism<--thisishard!
![Page 37: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/37.jpg)
Whydigitalcurrency?
• mightmakeonlinepaymentseasier
• creditcardshaveworkedwellbutaren'tperfect
• insecure->fraud->fees,restric7ons,reversals
• recordofallyourpurchases
![Page 38: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/38.jpg)
Whatishardtechnically?
• forgery
• doublespending
• theo
![Page 39: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/39.jpg)
What’shardsocially/economically?
• whydoBitcoinshavevalue?
• howtopayforinfrastructure?
• monetarypolicy(inten7onalinfla7on)
• laws(taxes,laundering,drugs,terrorists)
![Page 40: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/40.jpg)
Idea
• Signedsequenceoftransac7ons
• thereareabunchofcoins,eachownedbysomeone
• everycoinhasasequenceoftransac7onrecords
• oneforeach7methiscoinwastransferredaspayment
• acoin'slatesttransac7onindicateswhoownsitnow
![Page 41: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/41.jpg)
Transac7onRecord
• pub(user1):publickeyofnewowner
• hash(prev):hashofthiscoin'sprevioustransac7onrecord
• sig(user2):signatureovertransac7onbypreviousowner'sprivatekey
• BitCoinhasmorecomplexity:amount(frac7onal),mul7plein/out,...
![Page 42: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/42.jpg)
Transac7onExample
1. Yownsacoin,previouslygiventoitbyX:
• T7:pub(Y),hash(T6),sig(X)
2. YbuysahamburgerfromZandpayswiththiscoin
• ZsendspublickeytoY
• Ycreatesanewtransac7onandsignsit
• T8:pub(Z),hash(T7),sig(Y)
3. Ysendstransac7onrecordtoZ
4. Zverifies:T8'ssig()correspondstoT7'spub()
5. ZgiveshamburgertoY
![Page 43: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/43.jpg)
DoubleSpending
• Ycreatestwotransac7onsforsamecoin:Y->Z,Y->Q
• bothwithhash(T7)
• Yshowsdifferenttransac7onstoZandQ
• bothtransac7onslookgood,includingsignaturesandhash
• nowbothZandQwillgivehamburgerstoY
![Page 44: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/44.jpg)
Defense
• publishlogofalltransac7onstoeveryone,insameorder
• soQknowsaboutY->Z,andwillrejectY->Q
• a"publicledger"
• ensureYcan'tun-publishatransac7on
![Page 45: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/45.jpg)
StrawmanSolu7on
• Assumeap2pnetwork
• Peersfloodnewtransac7onsover“overlay”
• Transac7onisacceptableonlyifmajorityofpeersthinkitisvalid
• Whataretheissueswiththisscheme?
![Page 46: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/46.jpg)
BitCoinBlockChain
• theblockchaincontainstransac7onsonallcoins
• manypeers,eachwithacompletecopyofthechain
• proposedtransac7onsfloodedtoallpeers
• newblocksfloodedtoallpeers
• eachblock:hash(prevblock),setoftransac7ons,nonce,currentwallclock7mestamp
• newblockevery10minutescontainingnewxac7ons
• payeedoesn'tverifyun7lxac7onisintheblockchain
![Page 47: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/47.jpg)
“Mining”Blocks
• requirement:hash(block)hasNleadingzeros
• eachpeertriesnoncevaluesun7lthisworksout
• tryingonenonceisfast,butmostnonceswon'twork
• miningablocknotaspecificfixedamountofwork
• onenodecantakemonthstocreateoneblock
• butthousandsofpeersareworkingonit
• suchthatexpected7metofirsttofindisabout10minutes
• thewinnerfloodsthenewblocktoallpeers
• thereisanincen7vetomineablock—12.5bc
![Page 48: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/48.jpg)
Timing
• start:allpeersknow7llB5
• andareworkingonB6(tryingdifferentnonces)
• YsendsY->Ztransac7ontopeers,whichfloodit
• peersbufferthetransac7onun7lB6iscomputed
• peersthatheardY->Zincludeitinnextblock
• soeventuallyblockchainis:B5,B6,B7,whereB7includesY->Z
![Page 49: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/49.jpg)
DoubleSpending
• whatifYsendsoutY->ZandY->Qatthesame7me?
• nocorrectpeerwillacceptboth
• ablockwillhaveonebutnotboth
• buttherecouldbeafork:B6<-BZandB6<-BQ
![Page 50: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/50.jpg)
ForkedChain
• eachpeerbelieveswhicheverofBZ/BQitsawfirst
• triestocreateasuccessor
• ifmanymoresawBZthanBQ,morewillmineforBZ
• soBZsuccessorlikelytobecreatedfirst
• evenotherwiseonewillbeextendedfirstgivensignificantvarianceinminingsuccess7me
• peersalwaysswitchtominingthelongestfork,reinforcingagreement
![Page 51: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/51.jpg)
DoubleSpendingDefense
• waitforenoughblockstobeminted
• ifafewblockshavebeenminted,unlikelythatadifferentforkwillwin
• ifsellingahigh-valueitem,thenwaitforafewblocksbeforeshipping
• couldaQackerstartaforkfromanoldblock?
• yes,butforkmustbelongerforotherstobelieve
• yes--butforkmustbelongerinorderforpeerstoacceptit
• iftheaQackerhas1000sofCPUs--morethanallthehonestbitcoinpeers--thentheaQackercancreatethelongestfork
• systemworksonlyifnoen7tycontrolsamajorityofnodes
![Page 52: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/52.jpg)
BitCoinSummary
• Keyidea:blockchain
• Publicledgerisagreatidea
• Decentraliza7onmightbegood
• MiningisacleverwaytoavoidsybilaQacks
• WillBitCoinscalewell?
![Page 53: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/53.jpg)
ClassSummary
• Implemen7ngdistributedsystems:systemandprotocoldesign
• Corealgorithms:clocks,snapshots,transac7ons,2PC,Paxos
• Realsystems:VM-FT,DSM,GFS,BigTable,MegaStore,Spanner,Chord,Dynamo
• Abstrac7onsforbigdataanaly7cs
• Buildingsecuresystemsfromuntrustedcomponents
![Page 54: Distributed Systems Security - University of Washington · 2018. 3. 8. · Distributed Systems Security. Topics ... • For safety, a correct replica keeps in log messages about request](https://reader034.vdocuments.us/reader034/viewer/2022052106/60414aa3387a0764f34280c1/html5/thumbnails/54.jpg)
Trends
• Transac7onsovergeo-distributed,replicateddata
• COPS(Princeton),Tapir(UW),RIFL/RamCloud/Rao(Stanford)
• Accelera7ngdistributedsystemsusinghardwaresupport
• Catapult(Microsoo),Annapurna(Amazon),Cavium,Mellanox
• Bigdataanaly7csforDNNs
• MXNet/TVM(UW),Torch,Theano,Dawn(Stanford),Rise(Berkeley)