Information Security and Cryptography Research Group

Efficient Byzantine Agreement Secure Against General Adversaries

Matthias Fitzi and Ueli Maurer

International Symposium on Distributed Computing — DISC '98, Lecture Notes in Computer Science, Springer-Verlag, vol. 1499, pp. 134–148, Sep 1998.

This paper presents protocols for Byzantine agreement, i.e. for reliable broadcast, among a set of $n$ players, some of which may be controlled by an adversary. It is well-known that Byzantine agreement is possible if and only if the number of cheaters is less than $n/3$. In this paper we consider a general adversary that is specified by a set of subsets of the player set (the adversary structure), and any one of these subsets may be corrupted by the adversary. The only condition we need is that no three of these subsets cover the full player set. A result of Hirt and Maurer implies that this condition is necessary and sufficient for the existence of a Byzantine agreement protocol, but the complexity of their protocols is generally exponential in the number of players. The purpose of this paper is to present the first protocol with polynomial message and computation complexity for any (even exponentially large) specification of the adversary structure. This closes a gap in a recent result of Cramer, Damgård and Maurer on applying span programs to secure multi-party computation.

Key words: Broadcast, Byzantine agreement, general adversary, multi-party computation, fault detection.

BibTeX Citation

@inproceedings{FitMau98,
    author       = {Matthias Fitzi and Ueli Maurer},
    title        = {Efficient Byzantine Agreement Secure Against General Adversaries},
    editor       = {Shay Kutten},
    booktitle    = {International Symposium on Distributed Computing --- DISC~'98},
    pages        = 134--148,
    series       = {Lecture Notes in Computer Science},
    volume       = 1499,
    year         = 1998,
    month        = 9,
    publisher    = {Springer-Verlag},
}

Files and Links