Showing papers by "Dan Alistarh published in 2010"

Fast randomized test-and-set and renaming

Abstract: Most people believe that renaming is easy: simply choose a name at random; if more than one process selects the same name, then try again. We highlight the issues that occur when trying to implement such a scheme and shed new light on the read-write complexity of randomized renaming in an asynchronous environment. At the heart of our new perspective stands an adaptive implementation of a randomized test-and-set object, that has poly-logarithmic step complexity per operation, with high probability. Interestingly, our implementation is anonymous, as it does not require process identifiers. Based on this implementation, we present two new randomized renaming algorithms. The first ensures a tight namespace of n names using O(n log4 n) total steps, with high probability. This significantly improves on the complexity of the best previously known namespace-optimal algorithms. The second algorithm achieves a namespace of size k(1 + e) using O(k log4 k/ log2(1 + e)) total steps, both with high probability, where k is the total contention in the execution. It is the first adaptive randomized renaming algorithm, and it improves on existing deterministic solutions by providing a smaller namespace, and by lowering step complexity.

How efficient can gossip be? (on the cost of resilient information exchange)

Abstract: Gossip, also known as epidemic dissemination, is becoming an increasingly popular technique in distributed systems. Yet, it has remained a partially open question: how robust are such protocols? We consider a natural extension of the random phone-call model (introduced by Karp et al. [1]), and we analyze two different notions of robustness: the ability to tolerate adaptive failures, and the ability to tolerate oblivious failures. For adaptive failures, we present a new gossip protocol, TrickleGossip, which achieves near-optimal O(n log3 n) message complexity. To the best of our knowledge, this is the first epidemic-style protocol that can tolerate adaptive failures. We also show a direct relation between resilience and message complexity, demonstrating that gossip protocols which tolerate a large number of adaptive failures need to use a super-linear number of messages with high probability. For oblivious failures, we present a new gossip protocol, CoordinatedGossip, that achieves optimal O(n) message complexity. This protocol makes novel use of the universe reduction technique to limit the message complexity.

Securing every bit: authenticated broadcast in radio networks

Abstract: This paper studies non-cryptographic authenticated broadcast in radio networks subject to malicious failures. We introduce two protocols that address this problem. The first, NeighborWatchRB, makes use of a novel strategy in which honest devices monitor their neighbors for malicious behavior. Second, we present a more robust variant, MultiPathRB, that tolerates the maximum possible density of malicious devices per region, using an elaborate voting strategy. We also introduce a new proof technique to show that both protocols ensure asymptotically optimal running time.We demonstrate the fault tolerance of our protocols through extensive simulation. Simulations show the practical superiority of the NeighborWatchRB protocol (an advantage hidden in the constants of the asymptotic complexity). The NeighborWatchRB protocol even performs relatively well when compared to the simple, fast epidemic protocols commonly used in the radio setting, protocols that tolerate no malicious faults. We therefore believe that the overhead for ensuring authenticated broadcast is reasonable, especially in applications that use authenticated broadcast only when necessary, such as distributing an authenticated digest

Brief announcement: new bounds for partially synchronous set agreement

Abstract: Set agreement [4] is a fundamental problem in distributed computing, in which processes collectively choose a small subset of values from a larger set of proposals. Set agreement has been extensively studied in both synchronous and asynchronous systems [10,11,3,5,8,9]. Real world distributed systems, however, are neither purely synchronous nor purely asynchronous. To describe such a system, Dwork et al. [6] introduced the idea of partial synchrony. They assume for every execution some (unknown) time GST (global stabilization time), after which the system is synchronous. In a recent paper [1,2], we study the complexity of set agreement in the context of partially synchronous systems, determining the minimum-sized window of synchrony in which set agreement can be solved. We show that at least \(\lfloor{{t}\over{k}}+2\rfloor\) synchronous rounds are required for k-set agreement, where t < n is the number of crashes, and k is the agreement parameter of the set agreement task. We then introduce an algorithm that terminates in any window of synchrony of size at least \(\lfloor{{t}\over{k}}+4\rfloor\) rounds. Together, these results tightly bound the inherent price of tolerating some asynchrony.

Routing Attacks as a Viable Threat: Can Software Systems Protect Themselves?

Abstract: In this paper, we show that distributed systems are vul- nerable to routing attacks and propose an architecture to obviate this vulnerability. A somewhat surprising finding is that even a small-scale routing attack can completely dis- rupt the operation of a state-machine replication service. The architecture that we propose is based on the following simple ideas: (1) Circumvent the adversary if possible and (2) if it is not possible, relax the application semantics.