- 學位論文
拜占庭容錯協議之同步器的攻擊與防禦
Attacking and Protecting View Synchronizers of Byzantine Fault-Tolerant Protocols
並列摘要
Leader-based Byzantine Fault-Tolerant (BFT) protocols heavily rely on an honest leader to guide other nodes to reach a consensus. To elect the current leader, the HotStuff BFT protocol proposed to use a pacemaker, which also ensures the liveness of the BFT protocol. In this paper, we carefully inspected HotStuff BFT and discovered that their pacemaker implementation contains a serious vulnerability that prevents the honest nodes to synchronize to the same leader. This allows us to construct two liveness attacks, Freezer attack and Constant-time Freezer attack, that stop HotStuff BFT from reaching any consensus. Notably, the Constant-time Freezer attack can be carried out in constant time, disregarding the number of honest nodes, and one single Byzantine node can launch this attack. In correspond to this security vulnerability, we design a secure and efficient view doubling synchronizer that provides protections to HotStuff's pacemaker and has comparable efficiency as other existing view synchronizers.
參考文獻
延伸閱讀
- 黃德丞(2006)。以Snort入侵偵測器防護MSRPC協定攻擊的應用與研究〔碩士論文,國立臺北科技大學〕。華藝線上圖書館。https://doi.org/10.6841/NTUT.2006.00286
- 王思翰(2009)。合作式跨網站指令碼攻擊之防禦機制〔碩士論文,中原大學〕。華藝線上圖書館。https://doi.org/10.6840/CYCU.2009.00907
- 吳正光、陳奕明、吳大任(2012)。應用賽局模型計算協同式恐怖攻擊威脅值並有效動員安全部隊。危機管理學刊,9(1),27-38。https://doi.org/10.6459/JCM.201203_9(1).0003
- Arshad, R., & Ikram, N. (2012). Cryptanalysis of a Non-interactive Deniable Authentication Protocol Based on Factoring. International Journal of Network Security, 14(2), 117-120. https://doi.org/10.6633/IJNS.201203.14(2).07
- Tsang, J. (2011). An Optimization-based Methodology for Maximization of Network Survivability against Intelligent Attacks [doctoral dissertation, National Taiwan University]. Airiti Library. https://doi.org/10.6342/NTU.2011.00820