M.K. Reiter. Secure Agreement Protocols: Reliable and Atomic Multicast in Rampart. In 2nd ACM Conference on Computer and Communication Security, pages 68-80, Fairfax, Virginia, November 1994.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....to all members of the group. SecureRing s developers claim that their use of message digests in a signed token to allow a single digital signature to cover multiple messages makes their protocol more e#cient than protocols in which all messages need to be signed. 1.2. 4 Rampart Rampart [Rei95, Rei94a, Rei94b] toolkit has protocols for providing group membership services [Rei94b] and reliable, atomic multicast services [Rei94a] in the presence of Byzantine faults in a process group, provided that no more than one third of the group members are faulty. The protocols use public key cryptography ....

....digital signature to cover multiple messages makes their protocol more e#cient than protocols in which all messages need to be signed. 1.2. 4 Rampart Rampart [Rei95, Rei94a, Rei94b] toolkit has protocols for providing group membership services [Rei94b] and reliable, atomic multicast services [Rei94a] in the presence of Byzantine faults in a process group, provided that no more than one third of the group members are faulty. The protocols use public key cryptography to authenticate messages. Processes communicate exclusively by sending and receiving messages over a completely connected, ....

Michael K. Reiter. Secure Agreement Protocols: Reliable and Atomic Group Multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68--80, 1994.

....a packet that would be accepted by legitimate group members. If a member of the group is compromised, in effect becoming an adversary, then it would be necessary to distribute a new key or resort to more costly public key authentication protocols. A few secure reliable multicast protocols exist [42, 43]. These protocols can survive attacks even if up to one third of the group participants have been compromised. They include mechanisms whereby honest group participants can detect other group participants that exhibit malicious behavior or otherwise fail to properly execute the reliable multicast ....

M.K. Reiter, "Secure Agreement Protocols: Reliable and Atomic Group Multicast in Rampart," Proc. 2nd ACM Conf. on Computer and Communications Security, Fairfax, Va., 2--4 Nov. 1994, pp. 68--80, <http://www.research.att.com/~reiter/ papers/ccs2.ps.gz>.

....open networks, some research interest shifted to securing GCSs. Recall that the core of any GCS is its membership protocol. Some of the work in securing group communication focused on protecting the membership protocol in the presence of byzantine faults. This includes systems such as Rampart [12] and SecureRing [13] Rampart builds its group multicast over a secure group membership protocol achieved by the means of two party secure channels. The SecureRing system protects the low level ring protocol by using digital signatures to authenticate each transmission of the token and each data ....

M. K. Reiter, "Secure agreement protocols: reliable and atomic group multicast in Rampart," in Proceedings of the 2nd ACM Conference on Computer and Communications Security, pp. 68--80, ACM, November 1994.

....by a non interactive statistical zero knowledge (NISZK) argument that the bid was correctly formed [LAN02] and that (1) holds. The latter can be done efficiently by using an efficient range proof [Bou00,Lip01] Both the bids and the NISZK arguments are stored on a cryptographic bulletin board [Rei94,Rei95]. Next, the seller forwards the encrypted bids to the authority, who decrypts the bids, finds out the two highest bids (X 1 ; X 2 ) and sends X 1 ) his commitment on X 1 ) back to the seller over an authenticated channel. X 1 will not be revealed to the seller. This is ....

Michael K. Reiter. Secure Agreement Protocols: Reliable and Atomic Group Multicast in Rampart. In 2nd ACM Conference on Computer and Communications Security, pages 68--80, Fairfax, Virginia, USA, 2--4 November 1994. ACM Press.

.... Byzantine failures have focused on single source broadcast protocols that provide reliable communication to replicas and replica agreement on the broadcast value (e.g. LSP82,DS83,BT85,MR97] sometimes with additional ordering guarantees on the delivery of updates from di erent sources (e.g. [Rei94,CASD95,MM95,KMM98,CL99]) The problem that we consider here is di erent from these works in the following ways. First, in these prior works, it is assumed that one replica begins with each update, and that this replica may be faulty in which case the good replicas can agree on an arbitrary update. In contrast, in our ....

M. K. Reiter. Secure agreement protocols: Reliable and atomic group multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68-80, November 1994.

....authentication for the point to point messages. In a consistent broadcast, the agreement property is relaxed to guarantee only consistency of the message among those parties that actually deliver it, whereas some parties may not deliver anything at all. Such a protocol has been used by Reiter [11], who called it echo broadcast. A broadcast protocol works as follows. The sender sends the payload message to all parties, who generate a share of a threshold signature to bind the payload to the particular broadcast instance and echo it back to the sender (recall that this may also be a ....

M. Reiter, "Secure agreement protocols: Reliable and atomic group multicast in Rampart," in Proc. 2nd ACM Conference on Computer and Communications Security, pp. 68-- 80, 1994.

....open networks, some research interest shifted to securing GCSs. Recall that the core of any GCS is its membership protocol. Some of the work in securing group communication focused on protecting the membership protocol in the presence of byzantine faults. This includes systems such as Rampart [12] and SecureRing [13] Rampart builds its group multicast over a secure group membership protocol achieved by the means of two party secure channels. The SecureRing system protects the low level ring protocol by using digital signatures to authenticate each transmission of the token and each data ....

M. K. Reiter, "Secure agreement protocols: reliable and atomic group multicast in Rampart," in Proceedings of the 2nd ACM Conference on Computer and Communications Security, pp. 68--80, ACM, November 1994. 16

....execution have either been the synchronous or the asynchronous models. Recent research in this area, however, has mostly focused on asynchronous systems, since this model is well suited for describing networks like the Internet and other WANs with unpredictable timeliness (examples can be found in [4, 18, 10, 8, 14, 3]) The assumption of this model has also one added advantage the resulting protocol tolerates timing attacks. Nevertheless, the asynchronous model has some drawbacks, and among them is the constrain that it imposes on the maximum number of processes that are allowed to fail simultaneously. For ....

....TTCB is optimized, and faster protocols are used to implement the agreement ser vice. Nevertheless, it should be noticed that the current performance results are already very good when compared with other Byzantine resilient protocols that have been published in the literature. For instance, in [18], for a group of 5 processes and message sizes of 0 and 1 Kbytes, the delivery times were approximately 47 and 50 ms, respectively. 0 5 1 0 1 5 2 0 2 5 0 2 0 0 4 0 0 6 0 8 0 0 1 0 0 0 M e s s a g e n u m b e r D e l i v e r y t i m e ( m i l i s e c o n d s ) Figure 6. ....

[Article contains additional citation context not shown here]

M. Reiter. Secure agreement protocols: Reliable and atomic group multicast in Rampart. In Proc. the 2nd ACM Conference on Computer and Communications Security, pages 68--80, Nov. 1994.

....Initially this predicate is false. As soon as p detects some misbehavior exhibited by q, like sending invalid messages or skipping expected messages, p sets its local predicate Byzantine p (q) to true. Echo Broadcast Protocol. To cope with conflicting messages, we use an echo broadcast protocol [16, 13]. The echo broadcast forces the coordinator to prove that it does not send conflicting messages to correct processes. The coordinator of some round r, say process q, initiates the echo broadcast by sending its estimate v in an Initial message to all processes. When a correct process p receives ....

.... algorithm that is more e#cient or more resilient than previous ones, but rather to focus on the modularization of such algorithms, and hence address the more general problem of failure encapsulation (Section 4) Similarly, several byzantine resilient atomic broadcast algorithms have been proposed [13, 8, 12]. By trying to follow the original reduction of [1] we suggested a simple and more modular approach that illustrates the issue of failure transparency (Section 5) 7 Conclusion Devising distributed algorithms is di#cult because of the possibility of partial failures. To help factorize this ....

M. K. Reiter. Secure Agreement Protocols: Reliable and Atomic Group Multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68--80, November 1994.

....This section analyzes the behavior of the LSA algorithm in the presence of a single, arbitrary failure. The group membership service and the FIFO order reliable multicast used in the leader to followers communication are assumed not to fail (or, equivalently, to mask their Byzantine failures [10]) In this way, nonfaulty followers always have a consistent view of the replicas in the system and always receive the same sequence of messages from the leader. The architectural setup for the following discussion contains a single, independent voter in the system. The voter is in charge of ....

M. Reiter. Secure agreement protocols: Reliable and atomic group multicast in Rampart. In Proc. of the 2nd ACM Conf. on Computer and Comm. Security, pages 68--80, 1994.

....communication are assumed not to fail. In this way, nonfaulty followers always have a consistent view of the replicas in the system and always receive the same sequence of messages from the leader. An equivalent assumption is that these protocols can mask their Byzantine failures (e.g. 17] and [27]) The architectural setup for the following discussion contains a single, independent voter in the system. The voter is in charge of detecting replica failures crashes, hangs, and value errors whether they originate from the application or the LSA code. The voter also excludes faulty ....

....software based replication, reliable message delivery and consistency of information constitute two major difficulties to overcome in the implementation of replicated systems. These issues have been extensively investigated and resulted in many group communication protocols [6] 14] 18] 3] [27]. Another fundamental issue in replicated systems is the potential nondeterminism in the execution of different instances of a replicated component application. The Tandem Integrity S2 system [16] guarantees that its three processors execute the same instruction streams by synchronizing (1) on ....

M. Reiter. Secure agreement protocols: Reliable and atomic group multicast in Rampart. In Proceedings of the Second ACM Conference on Computer and Communication Security, pages 68--80, 1994.

....where a fault is the corruption of a single replica by the attacker. The replicas must be coordinated to ensure that, as a group, they will not be corrupted when the attacker succeeds in corrupting some of them. Many protocols for fault tolerant replica coordination exist [la] a] 11] [13]. The fault tolerance problem to solve becomes harder or easier depending on whether the attacker is able to gain application level privilege. If the attacker cannot gain application level privilege then application replicas will, at worst, crash when corrupted, and so it will not be necessary ....

M. Reiter. Secure agreement protocols: Reliable and atomic group multicast in Rampart. In Proceedings of the 2nd ACM conference on computer and communication security, Nov. 1994.

....guaranties than Ensemble, though stronger group keys come at an unavoidable computational cost. Antigone has been used to secure video conferences over the web, using the VIC and VAT tools. However, to date, it has not been provided with a fault tolerance architecture. The Totem [9] and Rampart [16] systems can survive Byzantine faults, at the cost of a further degradation of performance. The Ensemble security architecture [14] has evolved from seminal work by Reiter [12, 17] done in the context of the Isis and Horus systems. These results show how group keying can be integrated with a ....

M. Reiter. Secure agreement protocols: Reliable and atomic group multicast in rampart. In ACM Conference on Computer and Communication Security, pages 68-80, November 1994.

....by Mark Hayden, who was one of the original developers of Ensemble. That implementation is called C Ensemble. We inserted new intrusion tolerant microprotocols for providing group membership and reliable, ordered message delivery into the C Ensemble framework. 1.2. 2 Rampart Rampart [Rei95, Rei94a, Rei94b] is a toolkit for building secure, fault tolerant services. It has protocols for providing group membership services [Rei94b] and reliable, atomic multicast services [Rei94a] in the presence of Byzantine faults in a process group, provided that no more than one third of the group members ....

....membership and reliable, ordered message delivery into the C Ensemble framework. 1.2.2 Rampart Rampart [Rei95, Rei94a, Rei94b] is a toolkit for building secure, fault tolerant services. It has protocols for providing group membership services [Rei94b] and reliable, atomic multicast services [Rei94a] in the presence of Byzantine faults in a process group, provided that no more than one third of the group members are faulty. The protocols use public key cryptography to authenticate messages. Processes communicate exclusively by sending and receiving messages over a completely connected, ....

Michael K. Reiter. Secure Agreement Protocols: Reliable and Atomic Group Multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68--80, 1994.

....and positive and negative ACKs to address the issues that arise in an unreliable network, such as messages getting lost, reordered, and delayed. The reliable multicast protocol we evaluate provides the properties described below, which are similar to those provided by SecureRing [12] and Rampart [3]. Integrity For any message m and process p, a correct process q delivers m (purportedly from p) at most once, and, if p is correct, only if p multicast m. Agreement If process p is correct throughout a view and delivers m in that view, then all processes that are correct throughout that view ....

Michael K. Reiter, "Secure Agreement Protocols: Reliable and Atomic Group Multicast in Rampart," Proceedings of the 2nd ACM Conference on Computer and Communications Security, pp. 68-80, 1994

No context found.

M. K. Reiter. Secure agreement protocols: Reliable and atomic group multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68--80, November 1994.

No context found.

M. K. Reiter. Secure agreement protocols: Reliable and atomic group multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68--80, November 1994.

No context found.

M. K. Reiter. Secure agreement protocols: Reliable and atomic group multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68--80, November 1994.

No context found.

M. K. Reiter. Secure agreement protocols: Reliable and atomic group multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68--80, November 1994.

.... Byzantine failures have focused on singlesource broadcast protocols that provide reliable communication to replicas and replica agreement on the broadcast value (e.g. LSP82, DS83, BT85, MR97] sometimes with additional ordering guarantees on the delivery of updates from different sources (e.g. [Rei94, CASD95, MM95] and [KMM98, CL99] The problem that we consider here is different from these works in the following ways. First, in these prior works, it is assumed that one replica begins with each update, and that this replica may be faulty in which case the correct replicas can agree on an arbitrary ....

M. K. Reiter. Secure agreement protocols: Reliable and atomic group multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68--80, November 1994.

No context found.

M.K. Reiter. Secure Agreement Protocols: Reliable and Atomic Multicast in Rampart. In 2nd ACM Conference on Computer and Communication Security, pages 68-80, Fairfax, Virginia, November 1994.

No context found.

M. Reiter. Secure Agreement Protocols: Reliable and Atomic Group Multicast in Rampart. In Proceedings of 2nd ACM Conference on Computer and Communications Security, pages 68--80. ACM, November 1994. 30

No context found.

Reiter M. K. Secure agreement protocols: reliable and atomic group multicast in rampart. In CCS '94: Proceedings of the 2nd ACM Conference on Computer and communications security, pages 68--80. ACM Press, 1994.

No context found.

M. Reiter. Secure agreement protocols: Reliable and atomic group multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68--80, November 1994.

No context found.

Reiter M. K. Secure agreement protocols: reliable and atomic group multicast in rampart. In CCS '94: Proceedings of the 2nd ACM Conference on Computer and communications security, pages 68--80. ACM Press, 1994.

No context found.

REITER,M. 1994. Secure agreement protocols: Reliable and atomic group multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security (Fairfax, VA). 68--80.

No context found.

M. Reiter, \Secure agreement protocols: Reliable and atomic group multicast in Rampart," in Proc. 2nd ACM Conference on Computer and Communications Security, pp. 68-80, 1994.

No context found.

M. Reiter, "Secure agreement protocols: Reliable and atomic group multicast in Rampart, " in Proc. 2nd ACM Conference on Computer and Communications Security, 1994.

No context found.

M. K. Reiter, "Secure agreement protocols: reliable and atomic group multicast in Rampart," in Proceedings of the 2 Security, pp. 68--80, ACM, November 1994.

No context found.

Michael Reiter. Secure Agreement Protocols: Reliable and Atomic Group Multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68--80, Fairfax, VA, USA, November 1994.

No context found.

Michael K. Reiter. Secure agreement protocols: Reliable and atomic group multicast in Rampart. In Conference on Computer and Communications Security, pages 68--80. ACM, November 1994. <http:// www.research.att.com/#reiter/papers/ccs2.ps.gz>.

No context found.

M. Reiter. Secure agreement protocols: Reliable and atomic group multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68--80, November 1994.

No context found.

Michael Reiter. Secure Agreement Protocols: Reliable and Atomic Group Multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68--80, Fairfax, VA, USA, November 1994.

No context found.

Michael Reiter. Secure Agreement Protocols: Reliable and Atomic Group Multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68--80, Fairfax, VA, USA, November 1994.

No context found.

M. K. Reiter. Secure agreement protocols: Reliable and atomic group multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68--80, November 1994.

No context found.

Michael Reiter. Secure Agreement Protocols: Reliable and Atomic Group Multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68--80, Fairfax, VA, USA, November 1994.

No context found.

REITER, M. K. 1994. Secure agreement protocols: Reliable and atomic group multicast in Rampart. In Proc. 2nd ACM Conf. on Computer and Communications Security (CCS-2). 68--80.

No context found.

M. K. Reiter. Secure agreement protocols: Reliable and atomic group multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68-80, November 1994.

No context found.

M. K. Reiter. Secure Agreement Protocols: Reliable and Atomic Group Multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communication Security, pages 68--80, November 1994.

No context found.

M. Reiter. Secure agreement protocols: Reliable and atomic group multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68--80, November 1994.

No context found.

Michael Reiter. Secure Agreement Protocols: Reliable and Atomic Group Multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68--80, Fairfax, VA, USA, November 1994.

No context found.

Michael Reiter. Secure Agreement Protocols: Reliable and Atomic Group Multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68--80, Fairfax, VA, USA, November 1994.

No context found.

Reiter, M. K. (1994) Secure agreement protocols: reliable and atomic group multicast in Rampart. In Proc. 2nd ACM Conf. on Computer and Communications Security, Fairfax, VA, November 2--4, pp. 68--80. ACM, New York.

No context found.

M. K. Reiter, "Secure agreement protocols: Reliable and atomic group multicast in rampart," in Proc. ACM Conf. Computer and Communications Security, Nov. 1994, pp. 68--80.

No context found.

Reiter, M.K. Secure agreement protocols: Reliable and atomic group multicast in rampart. In ACM Conference on Computer and Communication Security, pages 68-80, New York, USA, November 1994. ACM press.

No context found.

M.K. Reiter, "Secure Agreement Protocols: Reliable and Atomic Group Multicast in Rampart," Proc. Second ACM Conf. Computer and Comm. Security, 1994.

No context found.

M. Reiter, \Secure agreement protocols: Reliable and atomic group multicast in Rampart," in Proc. 2nd ACM Conference on Computer and Communications Security, pp. 68-80, 1994.

No context found.

M. Reiter, "Secure agreement protocols: Reliable and atomic group multicast in Rampart," in Proc. 2nd ACM Conference on Computer and Communications Security, pp. 68--80, 1994.

No context found.

M. Reiter, "Secure agreement protocols: Reliable and atomic group multicast in Rampart," in Proc. 2nd ACM Conference on Computer and Communications Security, pp. 68--80, 1994.

No context found.

Reiter, M. Secure agreement protocols: Reliable and atomic group multicast in Rampart in Proceedings of the Second ACM Conference on Computer and Communication Security. 1994. Fairfax, VA.

First 50 documents  Next 50

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC