Shafi Goldwasser, Madhu Sudan and Vinod Vaikuntanathan ... · Distributed Computing With Imperfect...
Transcript of Shafi Goldwasser, Madhu Sudan and Vinod Vaikuntanathan ... · Distributed Computing With Imperfect...
Distributed Computing With Imperfect Randomness
Shafi Goldwasser, Madhu Sudan and Vinod Vaikuntanathan
Presentation by: Daniel Thomas
Donnerstag, 19. Mai 2011
1. Randomness
2
Donnerstag, 19. Mai 2011
1. Randomness
3
QuickSort
Donnerstag, 19. Mai 2011
1. Randomness
4
QuickSort
P
Donnerstag, 19. Mai 2011
1. Randomness
5
QuickSortP
< P >= P
Donnerstag, 19. Mai 2011
1. Randomness
6
QuickSortP
< P >= P
What If Already Sorted?
Donnerstag, 19. Mai 2011
1. Randomness
7
QuickSortP
< P >= P
What If Already Sorted?
→ Randomized QuickSort
Donnerstag, 19. Mai 2011
1. Randomness
8
Real Randomness?(Strong Randomness)
Donnerstag, 19. Mai 2011
1. Randomness
9
Atomic Decay?
Real Randomness?(Strong Randomness)
Donnerstag, 19. Mai 2011
1. Randomness
10
Atomic Decay?
Real Randomness?(Strong Randomness)
Donnerstag, 19. Mai 2011
1. Randomness
11
Pseudorandomness?(Weak Randmoness?)
Donnerstag, 19. Mai 2011
1. Randomness
12
Pseudorandomness?(Weak Randmoness?)
Get Randomness From System?
Donnerstag, 19. Mai 2011
Setting
13
1. Randomness
Donnerstag, 19. Mai 2011
Setting
14
Agreement?
1. Randomness
Donnerstag, 19. Mai 2011
15
Faulty Player
Agreement?
Setting
1. Randomness
Donnerstag, 19. Mai 2011
16
Faulty Player
Agreement?
Weak Random Source
Weak Random Source
Weak Random Source
1. Randomness
Setting
Donnerstag, 19. Mai 2011
1. Randomness, Overview
2. Byzantine Agreement
4. Randomness In A Distributed Environment
3. Probabilistic BA Protocol
Donnerstag, 19. Mai 2011
2. Byzantine Agreement (single fault case)
18
Donnerstag, 19. Mai 2011
2. Byzantine Agreement (single fault case)
19
v(1)
v(3)
v(2)
v(4)
Traitors
Loyal
Donnerstag, 19. Mai 2011
2. Byzantine Agreement (single fault case)
20
A. The non-faulty generals compute exactly the same vectorB. The element of this vector corresponding to a given non-faulty general is the private value/opinion of this general
v(1)
v(3)
v(2)
v(4)
Traitors
Loyal
Donnerstag, 19. Mai 2011
2. Byzantine Agreement (single fault case)
21
Works if n >= 3m + 1And for m+1 rounds are required.
v(1)
v(3)
v(2)
v(4)
Traitors
Loyal
Donnerstag, 19. Mai 2011
3. Probabilistic Byzantine Agreement Protocols
22
Deterministic AlgorithmRandomized Algorithm
A Simple and Efficient Randomized Byzantine Agreement Algorithm, B.Chor And B.A Coan
m+1 rounds O(m/log n) rounds
Donnerstag, 19. Mai 2011
3. Probabilistic Byzantine Agreement Protocols
23
Deterministic AlgorithmRandomized Algorithm
A Simple and Efficient Randomized Byzantine Agreement Algorithm, B.Chor And B.A Coan
m+1 rounds O(m/log n) rounds
Randomized Algorithm Expects Players To Have Real Random Source!
Donnerstag, 19. Mai 2011
4. Randomness In A Distributed Environment
24
Formalizing Our Randomness Model
Donnerstag, 19. Mai 2011
4. Randomness In A Distributed Environment
25
Formalizing Our Randomness Model
Strong Randomness: Um
Weak Randomness: (k, δ)-weak source
No Randomness
Donnerstag, 19. Mai 2011
Randomness Model
Each player (sensor) has access to its own weak source that is independent of the sources of all other players
Is there a way to get real randomness (a string of unbiased and independent random bits) by combining weak random sources?
26
4. Randomness In A Distributed Environment
Donnerstag, 19. Mai 2011
Randomness Model
Each player (sensor) has access to its own weak source that is independent of the sources of all other players
Is there a way to get real randomness (a string of unbiased and independent random bits) by combining weak random sources?
27
4. Randomness In A Distributed Environment
Extractors!
Donnerstag, 19. Mai 2011
Extractors
28
4. Randomness In A Distributed Environment
ExtractorDeterministic Function
Ext: {0,1} ➝ {0,1}
Weak Random Source{0,1}
0100110011011101011
Almost unbiased & independent bits{0,1}
01001110
k
k m
m
Donnerstag, 19. Mai 2011
Extractors
29
4. Randomness In A Distributed Environment
ExtractorDeterministic Function
Ext: {0,1} ➝ {0,1}
Weak Random Source{0,1}
0100110011011101011
Almost unbiased & independent bits {0,1}
01001110
k
k m
m
Not Possible
In General
Donnerstag, 19. Mai 2011
2 Source Extractors
30
4. Randomness In A Distributed Environment
Weak Random Source0100110011011101011
Weak Random Source0100111011010011011←independent→
(k, δ)-two source Extractor)Deterministic Function
Ext: ({0,1} ) ➝ {0,1}
Almost unbiased & independent bits {0,1}
01001110
k m
m
2
Donnerstag, 19. Mai 2011
A Very Simple Extractor
31
4. Randomness In A Distributed Environment
Donnerstag, 19. Mai 2011
A Very Simple Extractor
32
4. Randomness In A Distributed Environment
0 1
Donnerstag, 19. Mai 2011
A Very Simple Extractor
33
4. Randomness In A Distributed Environment
0 10 0
Donnerstag, 19. Mai 2011
A Very Simple Extractor
34
4. Randomness In A Distributed Environment
0 10 01 1
Donnerstag, 19. Mai 2011
A Very Simple Extractor
35
4. Randomness In A Distributed Environment
0 10 01 11 0
Donnerstag, 19. Mai 2011
A Very Simple Extractor
36
4. Randomness In A Distributed Environment
0 10 01 11 00 0
Donnerstag, 19. Mai 2011
A Very Simple Extractor
37
4. Randomness In A Distributed Environment
0 10 01 11 00 01 0
Donnerstag, 19. Mai 2011
A Very Simple Extractor
38
4. Randomness In A Distributed Environment
0 10 01 11 00 01 00 1
Donnerstag, 19. Mai 2011
A Very Simple Extractor
39
4. Randomness In A Distributed Environment
0 10 01 11 00 01 00 1
0
1
10
Donnerstag, 19. Mai 2011
A Very Simple Extractor
40
4. Randomness In A Distributed Environment
0 10 01 11 00 01 00 1
0
1
10
Not a (k, δ)-two source Extractor!(do you see why?)
Donnerstag, 19. Mai 2011
41
Agreement?
4. Randomness In A Distributed Environment
Is this enough?
Donnerstag, 19. Mai 2011
42
4. Randomness In A Distributed Environment
Is this enough?No, as we have faulty players!What if they try to “poison” therandomness?
Donnerstag, 19. Mai 2011
43
4. Randomness In A Distributed Environment
Multi-source extractors whose output is random even if an arbitrary subset of the input sources don’t send a weak random string (e.g. faulty players) but all sources are independent
Immune Extractors
Donnerstag, 19. Mai 2011
44
4. Randomness In A Distributed Environment(κ, τ) Immune Extractors, as a picture
(k, δ) source (k, δ) source(k, δ) source(k, δ) source
Almost unbiased & independent bits {0,1}
01001110
(κ, τ)-immune extractorDeterministic Function
Ext: ({0,1}) ➝ {0,1}k+1
m
m
κ + 1 block sources
m
Donnerstag, 19. Mai 2011
45
4. Randomness In A Distributed Environment
Let Ext be any (k, δ) two source extractor Let X₁², X₁³, ... denote t distinct blocks from the source X₁ Let X₂, X₃, ... be one block each from the other t sources I-Ext({X₁} , X₂, ..., Xt+1) = ⊕ Ext(X₁, Xi)
I-Ext: A(t, t-1)-immune extractor
ii=2
t+1 t+1
i=2
i
Donnerstag, 19. Mai 2011
46
4. Randomness In A Distributed Environment
Let Ext be any (k, δ) two source extractor Let X₁², X₁³, ... denote t distinct blocks from the source X₁ Let X₂, X₃, ... be one block each from the other t sources I-Ext({X₁} , X₂, ..., Xt+1) = ⊕ Ext(X₁, Xi)
Theorem: I-Ext is a (t, t-1) immune extractor!
I-Ext: A (t, t-1)-immune extractor
ii=2
t+1 t+1
i=2
i
i
Donnerstag, 19. Mai 2011
47
4. Randomness In A Distributed Environment
... each player sends each other player a string from its weak random source ...
Donnerstag, 19. Mai 2011
48
4. Randomness In A Distributed Environment
... each player can use I-Ext to generate a string very close to Um ...
Donnerstag, 19. Mai 2011
49
4. Randomness In A Distributed Environment
... every player has an almost random string ...
Donnerstag, 19. Mai 2011
50
5. Conclusion
The paper mainly showed how it is possible to for each player of a network to extract a almost unbiased, uniform random string by sharing their (mutually independent) random sources, even in presence of faulty or even malicious parties.
Donnerstag, 19. Mai 2011
51
?Donnerstag, 19. Mai 2011