This document describes an architecture for secure service replication in an asynchronous network like the Internet, where a malicious adversary may corrupt some servers and control the network. The underlying protocols for Byzantine agreement and for atomic broadcast rely on recent developments in threshold cryptography. These assumptions are discussed in detail and compared to related work from the last decade. A formal model using concepts from modern cryptography is developed, modular definitions for several broadcast problems are presented, including reliable, atomic, and secure causal broadcast, and protocols implementing them. Reliable broadcast is a basic primitive, also known as the Byzantine generals problem, providing agreement on a delivered message. Atomic broadcast imposes additionally a total order on all delivered messages. A randomized asynchronous atomic broadcast protocol is presented that maintains liveness and safety at the same time. It is based on a new efficient protocol for multi-valued asynchronous Byzantine agreement with an external validity condition. Secure causal broadcast extends atomic broadcast by encryption to guarantee a causal order among the delivered messages. Furthermore, it is discussed how several distributed trusted applications can be realized using such an architecture: a digital notary service, a trusted third party for fair exchange, a certification authority, and an authentication service.
By: Christian Cachin (editor), Joy Algesheimer, Klaus Kursawe,Frank Petzold, Jonathan A. Poritz, Victor Shoup and MichaelWaidner
Published in: RZ3318 in 2001
LIMITED DISTRIBUTION NOTICE:
This Research Report is available. This report has been submitted for publication outside of IBM and will probably be copyrighted if accepted for publication. It has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher, its distribution outside of IBM prior to publication should be limited to peer communications and specific requests. After outside publication, requests should be filled only by reprints or legally obtained copies of the article (e.g., payment of royalties). I have read and understand this notice and am a member of the scientific community outside or inside of IBM seeking a single copy only.
Questions about this service can be mailed to reports@us.ibm.com .