Chapter Preview
TopBackground
An arbitrary fault is often referred to as a Byzantine fault. The term was introduced in (Lamport, Shostak, & Pease, 1982) to highlight a specific faulty behavior that a Byzantine faulty process may disseminate conflicting information to other processes. For example, a compromised process might exhibit such Byzantine faulty behavior. Byzantine fault tolerance refers to the capability of tolerating Byzantine faults in a system. It can be achieved by introducing sufficient redundancy into the system and by using a sophisticated replica coordination algorithm that can cope with Byzantine faulty replicas and clients. A basic requirement for such an algorithm is to ensure that all server replicas agree on the total ordering of the requests received despite the existence of Byzantine faulty replicas and clients. Such an agreement is often referred to as Byzantine agreement (Lamport, Shostak, & Pease, 1982).
Key Terms in this Chapter
Random Number: A number generated by some process that cannot be reproduced or predicted.
Strong Replica Consistency: The states of the replicas of a process should remain identical at the end of the processing of each request.
Message Authentication Code (MAC): A MAC is produced by a keyed secure hash function on a message. It is used to ensure the integrity of the message such that if a message protected by a MAC is tampered, it can be detected by comparing the MAC included with in the message and the recomputed MAC.
Quorum: A quorum of a set consists of the minimum number of components to perform a predefined function. In Byzantine fault tolerance replication, 2f+1 is needed to form a quorum in a set of 3f+1 replicas.
System Integrity: The integrity of a system refers to the capability of performing correctly according to the original specification of the system under various adversarial conditions.
Entropy: A measure of uncertainty, or randomness.
Threshold Cryptography: Basic cryptographic operations such as encryption, decryption, signature generation, and verification are performed by a group of processes without reconstructing the shared secret.
Pseudo-Random Number Generator: An algorithm used to generate a sequence of numbers that approximate the properties of random numbers. The algorithm depends on one or a small set of initial numbers, usually referred to as the seed to the generator.
Security: The security of a system refers to its capability of protecting itself from harm, such as external attacks. More specifically, a secure system is one that guarantees confidentiality, integrity, and the availability of the system.