Cryptology ePrint Archive: Report 2019/692

Synchronous Consensus with Optimal Asynchronous Fallback Guarantees

Erica Blum and Jonathan Katz and Julian Loss

Abstract: Typically, protocols for Byzantine agreement (BA) are designed to run in either a synchronous network (where all messages are guaranteed to be delivered within some known time $\Delta$ from when they are sent) or an asynchronous network (where messages may be arbitrarily delayed). Protocols designed for synchronous networks are generally insecure if the network in which they run does not ensure synchrony; protocols designed for asynchronous networks are (of course) secure in a synchronous setting as well, but in that case tolerate a lower fraction of faults than would have been possible if synchrony had been assumed from the start.

Fix some number of parties $n$, and $0 < t_a < n/3 \leq t_s < n/2$. We ask whether it is possible (given a public-key infrastructure) to design a BA protocol that (1) is resilient to $t_s$ corruptions when run in a synchronous network and (2) remains resilient to $t_a$ faults even if the network happens to be asynchronous. We show matching feasibility and infeasibility results demonstrating that this is possible if and only if $t_a + 2\cdot t_s < n$.

Category / Keywords: cryptographic protocols / Byzantine agreement

Original Publication (with minor differences): IACR-TCC-2019

Date: received 11 Jun 2019, last revised 27 Sep 2021

Contact author: jkatz2 at gmail com

Available format(s): PDF | BibTeX Citation

Note: Minor fix in BA protocol

Version: 20210927:140309 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]