Making Hash-based MVBA Great Again

Hanwen Feng; Zhenliang Lu; Tiancheng Mai; Qiang Tang

Paper 2024/479

Making Hash-based MVBA Great Again

Hanwen Feng

, University of Sydney

Zhenliang Lu, University of Sydney

Tiancheng Mai, University of Sydney

Qiang Tang, University of Sydney

Abstract

Multi-valued Validated Asynchronous Byzantine Agreement ($\mathsf{MVBA}$) is one essential primitive for many distributed protocols, such as asynchronous Byzantine fault-tolerant scenarios like atomic broadcast ($\mathsf{ABC}$), asynchronous distributed key generation, and many others. Recent efforts (Lu et al, PODC' 20) have pushed the communication complexity of $\mathsf{MVBA}$ to optimal $O(\ell n + \lambda n^2)$, which, however, heavily rely on ``heavyweight'' cryptographic tools, such as non-interactive threshold signatures. The computational cost of algebraic operations, the susceptibility to quantum attacks, and the necessity of a trusted setup associated with threshold signatures present significant remaining challenges. There is a growing interest in information-theoretic or hash-based constructions (historically called signature-free constructions). Unfortunately, the state-of-the-art hash-based $\mathsf{MVBA}$ (Duan et al., CCS'23) incurs a large $O(\ell n^2 + \lambda n^3)$-bits communication, which in turn makes the hash-based $\mathsf{MVBA}$inferior performance-wise comparing with the ``classical'' ones. Indeed, this was clearly demonstrated in our experimental evaluations. To make hash-based $\mathsf{MVBA}$ actually realize its full potential, in this paper, we introduce an $\mathsf{MVBA}$ with adaptive security, and $\widetilde{O}(\ell n + \lambda n^2)$ communication, exclusively leveraging conventional hash functions. Our new $\mathsf{MVBA}$ achieves nearly optimal communication, devoid of heavy operations, surpassing both threshold signature-based schemes and the hash-based scheme in many practical settings, as demonstrated in our experiments. For example, in scenarios with a network size of $n = 201$ and an input size of $1.75$ MB, our $\mathsf{MVBA}$ exhibits a latency that is 81\% lower than that of the existing hash-based $\mathsf{MVBA}$ and 47\% lower than the threshold signature-based $\mathsf{MVBA}$. Our new construction also achieves optimal parameters in other metrics such as $O(1)$ rounds and $O(n^2)$ message complexity, except with a sub-optimal resilience, tolerating up to $20\%$ Byzantine corruptions (instead of $33\%$). Given its practical performance advantages, our new hash-based $\mathsf{MVBA}$ naturally leads to better asynchronous distributed protocols, by simply plugging it into existing frameworks.

Metadata

Available format(s): PDF
Category: Cryptographic protocols
Publication info: Preprint.
Keywords: Byzantine Agreement Asynchronous Consensus MVBA
Contact author(s): hanw feng94 @ gmail com
zhenliang lu @ sydney edu au
tiancheng mai @ sydney edu au
qiang tang @ sydney edu au
History: 2024-03-25: last of 2 revisions; 2024-03-22: received; See all versions
Short URL: https://ia.cr/2024/479
License: CC BY

BibTeX

@misc{cryptoeprint:2024/479,
      author = {Hanwen Feng and Zhenliang Lu and Tiancheng Mai and Qiang Tang},
      title = {Making Hash-based {MVBA} Great Again},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/479},
      year = {2024},
      url = {https://eprint.iacr.org/2024/479}
}