TY - GEN
T1 - Communication complexity of byzantine agreement, revisited
AU - Abraham, Ittai
AU - Chan, T. H.Hubert
AU - Dolev, Danny
AU - Nayak, Kartik
AU - Pass, Rafael
AU - Ren, Ling
AU - Shi, Elaine
N1 - Publisher Copyright:
© 2019 ACM.
PY - 2019/7/16
Y1 - 2019/7/16
N2 - As Byzantine Agreement (BA) protocols find application in large-scale decentralized cryptocurrencies, an increasingly important problem is to design BA protocols with improved communication complexity. A few existing works have shown how to achieve subquadratic BA under an adaptive adversary. Intriguingly, they all make a common relaxation about the adaptivity of the attacker, that is, if an honest node sends a message and then gets corrupted in some round, the adversary cannot erase the message that was already sent - henceforth we say that such an adversary cannot perform "after-the-fact removal". By contrast, many (super-)quadratic BA protocols in the literature can tolerate after-the-fact removal. In this paper, we first prove that disallowing after-the-fact removal is necessary for achieving subquadratic-communication BA. Next, we show a new subquadratic binary BA construction (of course, assuming no after-the-fact removal) that achieves near- optimal resilience and expected constant rounds under standard cryptographic assumptions and a public-key infrastructure (PKI). In comparison, all known subquadratic protocols make additional strong assumptions such as random oracles or the ability of honest nodes to erase secrets from memory, and even with these strong assumptions, no prior work can achieve the above properties. Lastly, we show that some setup assumption is necessary for achieving subquadratic multicast-based BA.
AB - As Byzantine Agreement (BA) protocols find application in large-scale decentralized cryptocurrencies, an increasingly important problem is to design BA protocols with improved communication complexity. A few existing works have shown how to achieve subquadratic BA under an adaptive adversary. Intriguingly, they all make a common relaxation about the adaptivity of the attacker, that is, if an honest node sends a message and then gets corrupted in some round, the adversary cannot erase the message that was already sent - henceforth we say that such an adversary cannot perform "after-the-fact removal". By contrast, many (super-)quadratic BA protocols in the literature can tolerate after-the-fact removal. In this paper, we first prove that disallowing after-the-fact removal is necessary for achieving subquadratic-communication BA. Next, we show a new subquadratic binary BA construction (of course, assuming no after-the-fact removal) that achieves near- optimal resilience and expected constant rounds under standard cryptographic assumptions and a public-key infrastructure (PKI). In comparison, all known subquadratic protocols make additional strong assumptions such as random oracles or the ability of honest nodes to erase secrets from memory, and even with these strong assumptions, no prior work can achieve the above properties. Lastly, we show that some setup assumption is necessary for achieving subquadratic multicast-based BA.
KW - Adaptive
KW - Byzantine agreement
KW - Communication complexity
KW - Lower bound
KW - Multicast
UR - http://www.scopus.com/inward/record.url?scp=85070940993&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85070940993&partnerID=8YFLogxK
U2 - 10.1145/3293611.3331629
DO - 10.1145/3293611.3331629
M3 - Conference contribution
AN - SCOPUS:85070940993
T3 - Proceedings of the Annual ACM Symposium on Principles of Distributed Computing
SP - 317
EP - 326
BT - PODC 2019 - Proceedings of the 2019 ACM Symposium on Principles of Distributed Computing
PB - Association for Computing Machinery
T2 - 38th ACM Symposium on Principles of Distributed Computing, PODC 2019
Y2 - 29 July 2019 through 2 August 2019
ER -