Scalable and Secure Computation Among Strangers: Resource-Competitive Byzantine Protocols

Anisur R. Molla; Gopal Pandurangan; Jared Saia; John Augustine; Valerie King

arxiv: 1907.10308 · v2 · pith:KQI6QI74new · submitted 2019-07-24 · 💻 cs.DC · cs.DS

Scalable and Secure Computation Among Strangers: Resource-Competitive Byzantine Protocols

John Augustine , Valerie King , Anisur R. Molla , Gopal Pandurangan , Jared Saia This is my paper

Pith reviewed 2026-05-24 16:46 UTC · model grok-4.3

classification 💻 cs.DC cs.DS

keywords Byzantine agreementresource-competitive protocolspermissionless systemsscalable consensusleader electioncommittee electionByzantine faults

0 comments

The pith

Byzantine agreement among unknown nodes can be solved with honest nodes sending expected O((T+n) log n) bits total.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper extends Byzantine agreement to a model where nodes start without knowing each other's identities and can only contact random nodes or reply to incoming messages. It focuses on resource-competitive protocols, in which the total bits sent by honest nodes stay comparable to those sent by Byzantine nodes rather than growing much larger. The main construction is a randomized algorithm that solves Byzantine agreement along with leader election and committee election under these constraints. A sympathetic reader would care because this bound holds even when the network size is large and the fraction of Byzantine nodes is close to one quarter. The authors also give matching lower bounds showing that some dependence on the adversary's communication cost is unavoidable in general.

Core claim

Our randomized scalable algorithm solves Byzantine agreement, leader election, and committee election by sending an expected O((T+n)log n) bits with O(polylog(n)) latency, where T is the minimum of n² and the number of bits sent by adversarially controlled nodes. The algorithm is resilient to (1/4−ε)n Byzantine nodes for any fixed ε>0 and succeeds with high probability in a synchronous fully-connected network under a static full-information adversary where each node initially knows no other identities.

What carries the argument

A randomized algorithm that achieves resource-competitive Byzantine agreement by sending messages only to random destinations or nodes from which messages have already been received.

If this is right

Honest nodes incur communication cost comparable to the Byzantine nodes' cost even as n grows.
The same bounds apply simultaneously to Byzantine agreement, leader election, and committee election.
Latency stays polylogarithmic in n independent of the adversary's actions.
Any protocol must incur communication cost at least roughly proportional to the adversary's cost in the worst case.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

The model captures the essential communication restrictions of permissionless systems, so the bounds may carry over to dynamic participation settings.
The lower bound implies that resource-competitive design is required rather than optional for this class of problems.
The polylog latency suggests the protocol remains practical when n is very large.

Load-bearing premise

The network is synchronous and fully connected with a static adversary.

What would settle it

An execution in which the protocol succeeds against (1/4−ε)n Byzantine nodes yet honest nodes send asymptotically more than O((T+n) log n) bits in total.

Figures

Figures reproduced from arXiv: 1907.10308 by Anisur R. Molla, Gopal Pandurangan, Jared Saia, John Augustine, Valerie King.

read the original abstract

Motivated, in part, by the rise of permissionless systems such as Bitcoin where arbitrary nodes (whose identities are not known apriori) can join and leave at will, we extend established research in scalable Byzantine agreement to a more practical model where each node (initially) does not know the identity of other nodes. A node can send to new destinations only by sending to random (or arbitrary) nodes, or responding (if it chooses) to messages received from those destinations. We assume a synchronous and fully-connected network, with a full-information, but static Byzantine adversary. A general drawback of existing Byzantine protocols is that the communication cost incurred by the honest nodes may not be proportional to those incurred by the Byzantine nodes; in fact, they can be significantly higher. Our goal is to design Byzantine protocols for fundamental problems which are {\em resource competitive}, i.e., the number of bits sent by honest nodes is not much more than those sent by Byzantine nodes. We describe a randomized scalable algorithm to solve Byzantine agreement, leader election, and committee election in this model. Our algorithm sends an expected $O((T+n)\log n)$ bits and has latency $O(polylog(n))$, where $n$ is the number of nodes, and $T$ is the minimum of $n^2$ and the number of bits sent by adversarially controlled nodes. The algorithm is resilient to $(1/4-\epsilon)n$ Byzantine nodes for any fixed $\epsilon > 0$, and succeeds with high probability. Our work can be considered as a first application of resource-competitive analysis to fundamental Byzantine problems. To complement our algorithm we also show lower bounds for resource-competitive Byzantine agreement. We prove that, in general, one cannot hope to design Byzantine protocols that have communication cost that is significantly smaller than the cost of the Byzantine adversary.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Desk Editor's Note private letter to a colleague

Resource-competitive BA in unknown-ID model with O((T+n)log n) honest communication and a lower bound.

read the letter

The core contribution is an algorithm for Byzantine agreement, leader election, and committee election that keeps honest-node communication at expected O((T + n) log n) bits, where T is the bits sent by the adversary (capped at n²), with O(polylog n) latency. It works in the synchronous, fully connected model where nodes start without knowing identities and can only reach new nodes by random sends or replies. Resilience is (1/4 − ε)n for fixed ε > 0, with high-probability success, plus a lower bound showing communication cannot be asymptotically smaller than the adversary’s cost. This is the first explicit use of resource-competitive analysis for these problems in the unknown-identity setting.

Referee Report

2 major / 2 minor

Summary. The manuscript presents a randomized algorithm for Byzantine agreement, leader election, and committee election in a synchronous fully-connected network where nodes initially lack knowledge of others' identities and communicate only via random/arbitrary sends or responses. The algorithm is resource-competitive, achieving expected O((T + n) log n) bits of communication and O(polylog n) latency, where T is the minimum of n² and the bits sent by the adversary; it tolerates (1/4 − ε)n static full-information Byzantine faults for any fixed ε > 0 and succeeds with high probability. Complementary lower bounds show that communication cannot be asymptotically smaller than the adversary's cost.

Significance. If the analysis and proofs hold, the result is significant as the first application of resource-competitive analysis to core Byzantine problems in a permissionless-style model with unknown identities. The bounds tie honest-node cost directly to adversary effort (rather than allowing it to be much higher), and the lower bounds provide a matching guarantee; this is a meaningful extension of prior Byzantine agreement work under the stated model assumptions.

major comments (2)

[Abstract / Model description] The resilience threshold of (1/4 − ε)n is explicitly weaker than the classic 1/3 bound; while the abstract notes this is consistent with the restricted communication model, the manuscript should include a concrete argument (e.g., in the model or algorithm section) showing why 1/3 is not achievable under random/arbitrary-send communication.
[Algorithm description / Analysis] The definition of T as min(n², adversary bits sent) is used to bound the honest communication; the manuscript must show explicitly (via the algorithm pseudocode or analysis) that the honest nodes' total bits remain O((T + n) log n) even when the adversary sends up to n² bits, without circular dependence on the honest nodes' own communication.

minor comments (2)

[Abstract] The abstract states the latency is O(polylog(n)) but does not specify the base of the logarithm or the precise polylog degree; clarify this in the theorem statement.
[Lower bounds] The lower-bound section should explicitly state the model parameters under which the impossibility holds (e.g., whether it applies only to the random-send model or more generally).

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the careful review and the recommendation of minor revision. The comments are constructive, and we address each major point below. We will incorporate clarifications and additions as described.

read point-by-point responses

Referee: [Abstract / Model description] The resilience threshold of (1/4 − ε)n is explicitly weaker than the classic 1/3 bound; while the abstract notes this is consistent with the restricted communication model, the manuscript should include a concrete argument (e.g., in the model or algorithm section) showing why 1/3 is not achievable under random/arbitrary-send communication.

Authors: We agree that an explicit argument would strengthen the presentation. The abstract already notes consistency with the model, but we will add a dedicated paragraph in the model section of the revised manuscript that concretely explains why 1/3 resilience cannot be achieved under random/arbitrary-send communication (due to the inability to reliably target or flood specific nodes without prior identity knowledge, which prevents standard techniques for tolerating up to 1/3 faults). revision: yes
Referee: [Algorithm description / Analysis] The definition of T as min(n², adversary bits sent) is used to bound the honest communication; the manuscript must show explicitly (via the algorithm pseudocode or analysis) that the honest nodes' total bits remain O((T + n) log n) even when the adversary sends up to n² bits, without circular dependence on the honest nodes' own communication.

Authors: We will strengthen the analysis section to make this explicit. T is defined solely from the adversary's bit count (capped at n²), and the algorithm pseudocode ensures that honest nodes only respond to received messages or send a bounded number of random probes per phase; the total honest communication is therefore charged directly against the adversary's sends without depending on honest output volume. We will add a short lemma and proof sketch clarifying the independence from honest communication volume. revision: yes

Circularity Check

0 steps flagged

No significant circularity in derivation chain

full rationale

The paper derives an algorithm for Byzantine agreement, leader election, and committee election under a synchronous fully-connected model with static full-information adversary and unknown node identities. The central bound O((T + n) log n) communication with O(polylog n) latency is obtained directly from the protocol construction (random/arbitrary sends and responses), where T is defined as an external adversary cost (min(n², bits sent by Byzantines)). A matching lower bound is shown separately. No self-definitional steps, fitted inputs renamed as predictions, or load-bearing self-citations appear; the (1/4 − ε) resilience is explicitly weaker than the classic 1/3 threshold and consistent with the model. The derivation is self-contained against the stated assumptions.

Axiom & Free-Parameter Ledger

0 free parameters · 2 axioms · 0 invented entities

The result rests on standard distributed-computing model assumptions rather than new free parameters or invented entities.

axioms (2)

domain assumption Network is synchronous and fully connected.
Explicitly stated as part of the model in the abstract.
domain assumption Adversary is full-information but static.
Explicitly stated as part of the model in the abstract.

pith-pipeline@v0.9.0 · 5889 in / 1196 out tokens · 19767 ms · 2026-05-24T16:46:24.736846+00:00 · methodology

discussion (0)

Reference graph

Works this paper leans on

61 extracted references · 61 canonical work pages

[1]

Bolosky, Miguel Castro, Gerald Cermak, Ronnie Chaiken, John R

Atul Adya, William J. Bolosky, Miguel Castro, Gerald Cermak, Ronnie Chaiken, John R. Douceur, Jon Howell, Jacob R. Lorch, Marvin Theimer, and Roger P. Wattenhofer. FARSITE: Federated, Available, and Reliable Storage for Incompletely Trusted Environment. In 5th USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 1–14, 2002. 8We no...

work page 2002
[2]

Agbaria and R

A. Agbaria and R. Friedman. Overcoming byzantine failures using checkpointing. University of Illinois at Urbana-Champaign Coordinated Science Laboratory technical report no. UILU-ENG- 03- 2228 (CRHC-03-14), 2003

work page 2003
[3]

Hayes, and Jared Saia

Abhinav Aggarwal, Varsha Dani, Thomas P. Hayes, and Jared Saia. Sending a message with unknown noise. In Proceedings of the 19th International Conference on Distributed Computing and Networking (ICDCN), pages 8:1–8:10, 2018

work page 2018
[4]

Scaling byzantine fault-tolerant replication towide area networks

Yair Amir, Claudiu Danilov, Jonathan Kirsch, John Lane, Danny Dolev, Cristina Nita-Rotaru, Josh Olsen, and David John Zage. Scaling byzantine fault-tolerant replication towide area networks. In Proceedings of International Conference on Dependable Systems and Networks (DSN) , pages 105– 114, 2006

work page 2006
[5]

D. P. Anderson and J. Kubiatowicz. The worldwide computer. Scientiﬁc American, 286(3):28–35, 2002

work page 2002
[6]

Distributed Computing: Fundamentals, Simulations and Advanced Topics (2nd edition)

Hagit Attiya and Jennifer Welch. Distributed Computing: Fundamentals, Simulations and Advanced Topics (2nd edition). John Wiley Interscience, 2004

work page 2004
[7]

Sublinear message bounds for ran- domized agreement

John Augustine, Anisur Rahaman Molla, and Gopal Pandurangan. Sublinear message bounds for ran- domized agreement. In Proceedings of the ACM Symposium on Principles of Distributed Computing (PODC), pages 315–324, 2018

work page 2018
[8]

Bender, Jeremy T

Michael A. Bender, Jeremy T. Fineman, Seth Gilbert, and Maxwell Young. How to Scale Exponential Backoff: Constant Throughput, Polylog Access Attempts, and Robustness. In Proceedings of the 27th Annual ACM-SIAM Symposium on Discrete Algorithms (SODA), pages 636–654, 2016

work page 2016
[9]

Bender, Jeremy T

Michael A. Bender, Jeremy T. Fineman, Mahnush Movahedi, Jared Saia, Varsha Dani, Seth Gilbert, Seth Pettie, and Maxwell Young. Resource-Competitive Algorithms. SIGACT News, 46(3):57–71, September 2015

work page 2015
[10]

Bitcoin website https://bitcoin.org/

Bitcoin. Bitcoin website https://bitcoin.org/

work page
[11]

Kroll, and Edward W

Joseph Bonneau, Andrew Miller, Jeremy Clark, Arvind Narayanan, Joshua A. Kroll, and Edward W. Felten. SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies. In Proceedings of the IEEE Symposium on Security and Privacy (SP), pages 104–121, 2015

work page 2015
[12]

Communication locality in secure multi-party computation - how to run sublinear algorithms in a distributed setting

Elette Boyle, Shaﬁ Goldwasser, and Stefano Tessaro. Communication locality in secure multi-party computation - how to run sublinear algorithms in a distributed setting. In Proceedings of the 10th Theory of Cryptography Conference (TCC), pages 356–376, 2013

work page 2013
[13]

Fast byzantine agreement

Nicolas Braud-Santoni, Rachid Guerraoui, and Florian Huc. Fast byzantine agreement. In Proceedings of the 2013 ACM symposium on Principles of distributed computing, pages 57–64. ACM, 2013

work page 2013
[14]

Christian Cachin and Jonathan A. Poritz. Secure Intrusion-Tolerant Replication on the Internet. In Proceedings of the International Conference on Dependable Systems and Networks (DSN), pages 167– 176, 2002

work page 2002
[15]

Practical Byzantine Fault Tolerance

Miguel Castro and Barbara Liskov. Practical Byzantine Fault Tolerance. Operating Systems Review, 33:173–186, 1998

work page 1998
[16]

Practical Byzantine Fault Tolerance and Proactive Recovery.ACM Transactions on Computer Systems (TOCS), 20(4):398–461, 2002

Miguel Castro and Barbara Liskov. Practical Byzantine Fault Tolerance and Proactive Recovery.ACM Transactions on Computer Systems (TOCS), 20(4):398–461, 2002. 21

work page 2002
[17]

Byzantine Fault Tolerance: The Time is Now

Allen Clement, Mirco Marchetti, Edmund Wong, Lorenzo Alvisi, and Mike Dahlin. Byzantine Fault Tolerance: The Time is Now. In Proceedings of the Second Workshop on Large-Scale Distributed Systems and Middleware (LADIS), pages 1–4, 2008

work page 2008
[18]

Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults

Allen Clement, Edmund Wong, Lorenzo Alvisi, Mike Dahlin, and Mirco Marchetti. Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults. InProceedings of the Sixth USENIX Symposium on Networked Systems Design and Implementation (NSDI), pages 153–168, 2009

work page 2009
[19]

Interactive Commu- nication with Unknown Noise Rate

Varsha Dani, Tom Hayes, Mahnush Movahedi, Jared Saia, and Maxwell Young. Interactive Commu- nication with Unknown Noise Rate. Information and computation, 261(Part):464–486, 2018

work page 2018
[20]

Interactive Communication with Unknown Noise Rate

Varsha Dani, Mahnush Movahedi, Jared Saia, and Maxwell Young. Interactive Communication with Unknown Noise Rate. In Proceedings of the Colloquium on Automata, Languages, and Programming (ICALP), pages 575–587, 2015

work page 2015
[21]

Fischer, Robert J

Danny Dolev, Michael J. Fischer, Robert J. Fowler, Nancy A. Lynch, and H. Raymond Strong. An efﬁ- cient algorithm for byzantine agreement without authentication. Information and Control, 52(3):257– 274, 1982

work page 1982
[22]

Ethereum website https://ethereum.org/

Ethereum. Ethereum website https://ethereum.org/

work page
[23]

Bitcoin-NG: A Scalable Blockchain Protocol

Ittay Eyal, Adem Efe Gencer, Emin G ¨un Sirer, and Robbert Van Renesse. Bitcoin-NG: A Scalable Blockchain Protocol. In Proceedings of the 13th USENIX Symposium on Networked Systems Design and Implementation (NSDI), pages 45–59, 2016

work page 2016
[24]

Freenet website https://freenetproject.org/author/freenet-project-inc.html

Freenet. Freenet website https://freenetproject.org/author/freenet-project-inc.html

work page
[25]

Garay, Philip D

Juan A. Garay, Philip D. MacKenzie, Manoj Prabhakaran, and Ke Yang. Resource fairness and com- posability of cryptographic protocols. In Proceedings of the 3rd Theory of Cryptography Conference (TCC), pages 404–428, 2006

work page 2006
[26]

Algorand: Scal- ing Byzantine Agreements for Cryptocurrencies

Yossi Gilad, Rotem Hemo, Silvio Micali, Georgios Vlachos, and Nickolai Zeldovich. Algorand: Scal- ing Byzantine Agreements for Cryptocurrencies. In Proceedings of the 26th Symposium on Operating Systems Principles (SOSP), pages 51–68, 2017

work page 2017
[27]

(Near) Optimal Resource-Competitive Broadcast with Jamming

Seth Gilbert, Valerie King, Seth Pettie, Ely Porat, Jared Saia, and Maxwell Young. (Near) Optimal Resource-Competitive Broadcast with Jamming. In Proceedings of the 26th ACM Symposium on Par- allelism in Algorithms and Architectures (SPAA), pages 257–266, 2014

work page 2014
[28]

Resource-Competitive Analysis: A New Perspective on Attack-Resistant Distributed Computing

Seth Gilbert, Valerie King, Jared Saia, and Maxwell Young. Resource-Competitive Analysis: A New Perspective on Attack-Resistant Distributed Computing. In Proceedings of the 8th ACM International Workshop on Foundations of Mobile Computing, page 1, 2012

work page 2012
[29]

Making Evildoers Pay: Resource-Competitive Broadcast in Sensor Networks

Seth Gilbert and Maxwell Young. Making Evildoers Pay: Resource-Competitive Broadcast in Sensor Networks. In Proceedings of the 31th Symposium on Principles of Distributed Computing (PODC) , pages 145–154, 2012

work page 2012
[30]

Time-message trade-offs in distributed algorithms

Robert Gmyr and Gopal Pandurangan. Time-message trade-offs in distributed algorithms. In Pro- ceedings of the 32nd International Symposium on Distributed Computing (DISC) , pages 32:1–32:18, 2018

work page 2018
[31]

Democoin: A Publicly Veriﬁable and Jointly Serviced Cryptocur- rency

Sergey Gorbunov and Silvio Micali. Democoin: A Publicly Veriﬁable and Jointly Serviced Cryptocur- rency. Cryptology ePrint Archive, Report 2015/521, 2015. http://eprint.iacr.org/2015/521. 22

work page 2015
[32]

Load balanced scalable byzantine agreement through quorum building, with full information

Valerie King, Steven Lonargan, Jared Saia, and Amitabh Trehan. Load balanced scalable byzantine agreement through quorum building, with full information. InInternational Conference on Distributed Computing and Networking, pages 203–214. Springer, 2011

work page 2011
[33]

Breaking the O(n2) bit barrier: Scalable byzantine agreement with an adaptive adversary

Valerie King and Jared Saia. Breaking the O(n2) bit barrier: Scalable byzantine agreement with an adaptive adversary. J. ACM, 58(4):18:1–18:24, 2011

work page 2011
[34]

Scalable leader election

Valerie King, Jared Saia, Vishal Sanwalani, and Erik Vee. Scalable leader election. In Proceedings of the Seventeenth annual ACM-SIAM Symposium on Discrete Algorithm, pages 990–999. Society for Industrial and Applied Mathematics, 2006

work page 2006
[35]

Towards secure and scalable computation in peer-to-peer networks

Valerie King, Jared Saia, Vishal Sanwalani, and Erik Vee. Towards secure and scalable computation in peer-to-peer networks. In Foundations of Computer Science, 2006. FOCS’06. 47th Annual IEEE Symposium on, pages 87–98. IEEE, 2006

work page 2006
[36]

Conﬂict on a Communication Channel

Valerie King, Jared Saia, and Maxwell Young. Conﬂict on a Communication Channel. In Proceedings of the 30th Symposium on Principles of Distributed Computing (PODC), pages 277–286, 2011

work page 2011
[37]

Anonymous and untraceable communications in mobile wireless networks

Jiejun Kong. Anonymous and untraceable communications in mobile wireless networks . Citeseer, 2004

work page 2004
[38]

Zyzzyva: Speculative Byzantine Fault Tolerance

Ramakrishna Kotla, Lorenzo Alvisi, Mike Dahlin, Allen Clement, and Edmund Wong. Zyzzyva: Speculative Byzantine Fault Tolerance. InProceedings of21st ACM SIGOPS Symposium on Operating Systems Principles, pages 45–58, 2007

work page 2007
[39]

On the com- plexity of universal leader election

Shay Kutten, Gopal Pandurangan, David Peleg, Peter Robinson, and Amitabh Trehan. On the com- plexity of universal leader election. J. ACM, 62(1):7:1–7:27, 2015

work page 2015
[40]

Sublinear bounds for randomized leader election

Shay Kutten, Gopal Pandurangan, David Peleg, Peter Robinson, and Amitabh Trehan. Sublinear bounds for randomized leader election. Theor. Comput. Sci., 561:134–143, 2015

work page 2015
[41]

Privacy preservation in wireless sensor networks: A state-of-the-art survey

Na Li, Nan Zhang, Sajal K Das, and Bhavani Thuraisingham. Privacy preservation in wireless sensor networks: A state-of-the-art survey. Ad Hoc Networks, 7(8):1501–1514, 2009

work page 2009
[42]

A Secure Sharding Protocol For Open Blockchains

Loi Luu, Viswesh Narayanan, Chaodong Zheng, Kunal Baweja, Seth Gilbert, and Prateek Saxena. A Secure Sharding Protocol For Open Blockchains. InProceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS), pages 17–30, 2016

work page 2016
[43]

Distributed Algorithms

Nancy Lynch. Distributed Algorithms. Morgan Kaufmann, 1996

work page 1996
[44]

Dahlia Malkhi and Michael K. Reiter. Unreliable intrusion detection in distributed computations. In Proceedings of the 10th Computer Security Foundations Workshop (CSFW), pages 116–125, 1997

work page 1997
[45]

Probability and computing: randomization and probabilistic techniques in algorithms and data analysis

Michael Mitzenmacher and Eli Upfal. Probability and computing: randomization and probabilistic techniques in algorithms and data analysis. Cambridge university press, 2017

work page 2017
[46]

Applications of Byzantine Agreement in Database Systems

Hector Garcia Molina, Frank Pittelli, and Susan Davidson. Applications of Byzantine Agreement in Database Systems. ACM Transactions on Database Systems (TODS), 11:27–47, 1986

work page 1986
[47]

The Oceanstore Project

Oceanstore. The Oceanstore Project. http://oceanstore.cs.berkeley.edu

work page
[48]

Distributed Network Algorithms

Gopal Pandurangan. Distributed Network Algorithms. https://sites.google.com/site/gopalpandurangan/dna, 2018. 23

work page 2018
[49]

Pease, Robert E

Marshall C. Pease, Robert E. Shostak, and Leslie Lamport. Reaching agreement in the presence of faults. J. ACM, 27(2):228–234, 1980

work page 1980
[50]

D. Peleg. Distributed Computing: A Locality Sensitive Approach. SIAM, 2000

work page 2000
[51]

Byzantium: Byzantine- Fault-Tolerant Database Replication Providing Snapshot Isolation

Nuno Preguic ¸a, Rodrigo Rodrigues, Christ´ov¯ao Honorato, and Jo¯ao Lourenc ¸o. Byzantium: Byzantine- Fault-Tolerant Database Replication Providing Snapshot Isolation. In Proceedings of the Fourth Con- ference on Hot Topics in System Dependability, page 9. USENIX Association, 2008

work page 2008
[52]

Rhea, Patrick R

Sean C. Rhea, Patrick R. Eaton, Dennis Geels, Hakim Weatherspoon, Ben Y . Zhao, and John Kubi- atowicz. Pond: The oceanstore prototype. In Proceedings of the FAST ’03 Conference on File and Storage Technologies, pages 1–14, 2003

work page 2003
[53]

Designing secure sensor networks

Elaine Shi and Adrian Perrig. Designing secure sensor networks. IEEE Wireless Commun., 11(6):38– 43, 2004

work page 2004
[54]

Security, pri- vacy and trust in internet of things: The road ahead

Sabrina Sicari, Alessandra Rizzardi, Luigi Alfredo Grieco, and Alberto Coen-Porisini. Security, pri- vacy and trust in internet of things: The road ahead. Computer networks, 76:146–164, 2015

work page 2015
[55]

SINTRA - Distributed Trust on the Internet

SINTRA. SINTRA - Distributed Trust on the Internet. http://www.zurich.ibm.com/security/dti/

work page
[56]

Tor website https://www.torproject.org/

Tor. Tor website https://www.torproject.org/

work page
[57]

Internet of things–new security and privacy challenges

Rolf H Weber. Internet of things–new security and privacy challenges. Computer law & security review, 26(1):23–30, 2010

work page 2010
[58]

Contemporary approaches to fault tolerance

Alex Wright. Contemporary approaches to fault tolerance. Commun. ACM, 52(7):13–15, 2009

work page 2009
[59]

Byzantine agree- ment protocol using hierarchical groups

Hiroyuki Yoshino, Naohiro Hayashibara, Tomoya Enokido, and Makoto Takizawa. Byzantine agree- ment protocol using hierarchical groups. In Proceedings of the 11th International Conference on Parallel and Distributed Systems (ICPADS), pages 64–70, 2005

work page 2005
[60]

TorBricks: Blocking-Resistant Tor Bridge Distribu- tion

Mahdi Zamani, Jared Saia, and Jedidiah Crandall. TorBricks: Blocking-Resistant Tor Bridge Distribu- tion. In International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS) , pages 426–440. Springer, 2017

work page 2017
[61]

A Byzantine Fault Tolerant Distributed Commit Protocol

Wenbing Zhao. A Byzantine Fault Tolerant Distributed Commit Protocol. In Proceedings of the 3rd IEEE International Symposium on Dependable, Autonomic and Secure Computing, pages 37–46, 2007. 24

work page 2007

[1] [1]

Bolosky, Miguel Castro, Gerald Cermak, Ronnie Chaiken, John R

Atul Adya, William J. Bolosky, Miguel Castro, Gerald Cermak, Ronnie Chaiken, John R. Douceur, Jon Howell, Jacob R. Lorch, Marvin Theimer, and Roger P. Wattenhofer. FARSITE: Federated, Available, and Reliable Storage for Incompletely Trusted Environment. In 5th USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 1–14, 2002. 8We no...

work page 2002

[2] [2]

Agbaria and R

A. Agbaria and R. Friedman. Overcoming byzantine failures using checkpointing. University of Illinois at Urbana-Champaign Coordinated Science Laboratory technical report no. UILU-ENG- 03- 2228 (CRHC-03-14), 2003

work page 2003

[3] [3]

Hayes, and Jared Saia

Abhinav Aggarwal, Varsha Dani, Thomas P. Hayes, and Jared Saia. Sending a message with unknown noise. In Proceedings of the 19th International Conference on Distributed Computing and Networking (ICDCN), pages 8:1–8:10, 2018

work page 2018

[4] [4]

Scaling byzantine fault-tolerant replication towide area networks

Yair Amir, Claudiu Danilov, Jonathan Kirsch, John Lane, Danny Dolev, Cristina Nita-Rotaru, Josh Olsen, and David John Zage. Scaling byzantine fault-tolerant replication towide area networks. In Proceedings of International Conference on Dependable Systems and Networks (DSN) , pages 105– 114, 2006

work page 2006

[5] [5]

D. P. Anderson and J. Kubiatowicz. The worldwide computer. Scientiﬁc American, 286(3):28–35, 2002

work page 2002

[6] [6]

Distributed Computing: Fundamentals, Simulations and Advanced Topics (2nd edition)

Hagit Attiya and Jennifer Welch. Distributed Computing: Fundamentals, Simulations and Advanced Topics (2nd edition). John Wiley Interscience, 2004

work page 2004

[7] [7]

Sublinear message bounds for ran- domized agreement

John Augustine, Anisur Rahaman Molla, and Gopal Pandurangan. Sublinear message bounds for ran- domized agreement. In Proceedings of the ACM Symposium on Principles of Distributed Computing (PODC), pages 315–324, 2018

work page 2018

[8] [8]

Bender, Jeremy T

Michael A. Bender, Jeremy T. Fineman, Seth Gilbert, and Maxwell Young. How to Scale Exponential Backoff: Constant Throughput, Polylog Access Attempts, and Robustness. In Proceedings of the 27th Annual ACM-SIAM Symposium on Discrete Algorithms (SODA), pages 636–654, 2016

work page 2016

[9] [9]

Bender, Jeremy T

Michael A. Bender, Jeremy T. Fineman, Mahnush Movahedi, Jared Saia, Varsha Dani, Seth Gilbert, Seth Pettie, and Maxwell Young. Resource-Competitive Algorithms. SIGACT News, 46(3):57–71, September 2015

work page 2015

[10] [10]

Bitcoin website https://bitcoin.org/

Bitcoin. Bitcoin website https://bitcoin.org/

work page

[11] [11]

Kroll, and Edward W

Joseph Bonneau, Andrew Miller, Jeremy Clark, Arvind Narayanan, Joshua A. Kroll, and Edward W. Felten. SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies. In Proceedings of the IEEE Symposium on Security and Privacy (SP), pages 104–121, 2015

work page 2015

[12] [12]

Communication locality in secure multi-party computation - how to run sublinear algorithms in a distributed setting

Elette Boyle, Shaﬁ Goldwasser, and Stefano Tessaro. Communication locality in secure multi-party computation - how to run sublinear algorithms in a distributed setting. In Proceedings of the 10th Theory of Cryptography Conference (TCC), pages 356–376, 2013

work page 2013

[13] [13]

Fast byzantine agreement

Nicolas Braud-Santoni, Rachid Guerraoui, and Florian Huc. Fast byzantine agreement. In Proceedings of the 2013 ACM symposium on Principles of distributed computing, pages 57–64. ACM, 2013

work page 2013

[14] [14]

Christian Cachin and Jonathan A. Poritz. Secure Intrusion-Tolerant Replication on the Internet. In Proceedings of the International Conference on Dependable Systems and Networks (DSN), pages 167– 176, 2002

work page 2002

[15] [15]

Practical Byzantine Fault Tolerance

Miguel Castro and Barbara Liskov. Practical Byzantine Fault Tolerance. Operating Systems Review, 33:173–186, 1998

work page 1998

[16] [16]

Practical Byzantine Fault Tolerance and Proactive Recovery.ACM Transactions on Computer Systems (TOCS), 20(4):398–461, 2002

Miguel Castro and Barbara Liskov. Practical Byzantine Fault Tolerance and Proactive Recovery.ACM Transactions on Computer Systems (TOCS), 20(4):398–461, 2002. 21

work page 2002

[17] [17]

Byzantine Fault Tolerance: The Time is Now

Allen Clement, Mirco Marchetti, Edmund Wong, Lorenzo Alvisi, and Mike Dahlin. Byzantine Fault Tolerance: The Time is Now. In Proceedings of the Second Workshop on Large-Scale Distributed Systems and Middleware (LADIS), pages 1–4, 2008

work page 2008

[18] [18]

Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults

Allen Clement, Edmund Wong, Lorenzo Alvisi, Mike Dahlin, and Mirco Marchetti. Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults. InProceedings of the Sixth USENIX Symposium on Networked Systems Design and Implementation (NSDI), pages 153–168, 2009

work page 2009

[19] [19]

Interactive Commu- nication with Unknown Noise Rate

Varsha Dani, Tom Hayes, Mahnush Movahedi, Jared Saia, and Maxwell Young. Interactive Commu- nication with Unknown Noise Rate. Information and computation, 261(Part):464–486, 2018

work page 2018

[20] [20]

Interactive Communication with Unknown Noise Rate

Varsha Dani, Mahnush Movahedi, Jared Saia, and Maxwell Young. Interactive Communication with Unknown Noise Rate. In Proceedings of the Colloquium on Automata, Languages, and Programming (ICALP), pages 575–587, 2015

work page 2015

[21] [21]

Fischer, Robert J

Danny Dolev, Michael J. Fischer, Robert J. Fowler, Nancy A. Lynch, and H. Raymond Strong. An efﬁ- cient algorithm for byzantine agreement without authentication. Information and Control, 52(3):257– 274, 1982

work page 1982

[22] [22]

Ethereum website https://ethereum.org/

Ethereum. Ethereum website https://ethereum.org/

work page

[23] [23]

Bitcoin-NG: A Scalable Blockchain Protocol

Ittay Eyal, Adem Efe Gencer, Emin G ¨un Sirer, and Robbert Van Renesse. Bitcoin-NG: A Scalable Blockchain Protocol. In Proceedings of the 13th USENIX Symposium on Networked Systems Design and Implementation (NSDI), pages 45–59, 2016

work page 2016

[24] [24]

Freenet website https://freenetproject.org/author/freenet-project-inc.html

Freenet. Freenet website https://freenetproject.org/author/freenet-project-inc.html

work page

[25] [25]

Garay, Philip D

Juan A. Garay, Philip D. MacKenzie, Manoj Prabhakaran, and Ke Yang. Resource fairness and com- posability of cryptographic protocols. In Proceedings of the 3rd Theory of Cryptography Conference (TCC), pages 404–428, 2006

work page 2006

[26] [26]

Algorand: Scal- ing Byzantine Agreements for Cryptocurrencies

Yossi Gilad, Rotem Hemo, Silvio Micali, Georgios Vlachos, and Nickolai Zeldovich. Algorand: Scal- ing Byzantine Agreements for Cryptocurrencies. In Proceedings of the 26th Symposium on Operating Systems Principles (SOSP), pages 51–68, 2017

work page 2017

[27] [27]

(Near) Optimal Resource-Competitive Broadcast with Jamming

Seth Gilbert, Valerie King, Seth Pettie, Ely Porat, Jared Saia, and Maxwell Young. (Near) Optimal Resource-Competitive Broadcast with Jamming. In Proceedings of the 26th ACM Symposium on Par- allelism in Algorithms and Architectures (SPAA), pages 257–266, 2014

work page 2014

[28] [28]

Resource-Competitive Analysis: A New Perspective on Attack-Resistant Distributed Computing

Seth Gilbert, Valerie King, Jared Saia, and Maxwell Young. Resource-Competitive Analysis: A New Perspective on Attack-Resistant Distributed Computing. In Proceedings of the 8th ACM International Workshop on Foundations of Mobile Computing, page 1, 2012

work page 2012

[29] [29]

Making Evildoers Pay: Resource-Competitive Broadcast in Sensor Networks

Seth Gilbert and Maxwell Young. Making Evildoers Pay: Resource-Competitive Broadcast in Sensor Networks. In Proceedings of the 31th Symposium on Principles of Distributed Computing (PODC) , pages 145–154, 2012

work page 2012

[30] [30]

Time-message trade-offs in distributed algorithms

Robert Gmyr and Gopal Pandurangan. Time-message trade-offs in distributed algorithms. In Pro- ceedings of the 32nd International Symposium on Distributed Computing (DISC) , pages 32:1–32:18, 2018

work page 2018

[31] [31]

Democoin: A Publicly Veriﬁable and Jointly Serviced Cryptocur- rency

Sergey Gorbunov and Silvio Micali. Democoin: A Publicly Veriﬁable and Jointly Serviced Cryptocur- rency. Cryptology ePrint Archive, Report 2015/521, 2015. http://eprint.iacr.org/2015/521. 22

work page 2015

[32] [32]

Load balanced scalable byzantine agreement through quorum building, with full information

Valerie King, Steven Lonargan, Jared Saia, and Amitabh Trehan. Load balanced scalable byzantine agreement through quorum building, with full information. InInternational Conference on Distributed Computing and Networking, pages 203–214. Springer, 2011

work page 2011

[33] [33]

Breaking the O(n2) bit barrier: Scalable byzantine agreement with an adaptive adversary

Valerie King and Jared Saia. Breaking the O(n2) bit barrier: Scalable byzantine agreement with an adaptive adversary. J. ACM, 58(4):18:1–18:24, 2011

work page 2011

[34] [34]

Scalable leader election

Valerie King, Jared Saia, Vishal Sanwalani, and Erik Vee. Scalable leader election. In Proceedings of the Seventeenth annual ACM-SIAM Symposium on Discrete Algorithm, pages 990–999. Society for Industrial and Applied Mathematics, 2006

work page 2006

[35] [35]

Towards secure and scalable computation in peer-to-peer networks

Valerie King, Jared Saia, Vishal Sanwalani, and Erik Vee. Towards secure and scalable computation in peer-to-peer networks. In Foundations of Computer Science, 2006. FOCS’06. 47th Annual IEEE Symposium on, pages 87–98. IEEE, 2006

work page 2006

[36] [36]

Conﬂict on a Communication Channel

Valerie King, Jared Saia, and Maxwell Young. Conﬂict on a Communication Channel. In Proceedings of the 30th Symposium on Principles of Distributed Computing (PODC), pages 277–286, 2011

work page 2011

[37] [37]

Anonymous and untraceable communications in mobile wireless networks

Jiejun Kong. Anonymous and untraceable communications in mobile wireless networks . Citeseer, 2004

work page 2004

[38] [38]

Zyzzyva: Speculative Byzantine Fault Tolerance

Ramakrishna Kotla, Lorenzo Alvisi, Mike Dahlin, Allen Clement, and Edmund Wong. Zyzzyva: Speculative Byzantine Fault Tolerance. InProceedings of21st ACM SIGOPS Symposium on Operating Systems Principles, pages 45–58, 2007

work page 2007

[39] [39]

On the com- plexity of universal leader election

Shay Kutten, Gopal Pandurangan, David Peleg, Peter Robinson, and Amitabh Trehan. On the com- plexity of universal leader election. J. ACM, 62(1):7:1–7:27, 2015

work page 2015

[40] [40]

Sublinear bounds for randomized leader election

Shay Kutten, Gopal Pandurangan, David Peleg, Peter Robinson, and Amitabh Trehan. Sublinear bounds for randomized leader election. Theor. Comput. Sci., 561:134–143, 2015

work page 2015

[41] [41]

Privacy preservation in wireless sensor networks: A state-of-the-art survey

Na Li, Nan Zhang, Sajal K Das, and Bhavani Thuraisingham. Privacy preservation in wireless sensor networks: A state-of-the-art survey. Ad Hoc Networks, 7(8):1501–1514, 2009

work page 2009

[42] [42]

A Secure Sharding Protocol For Open Blockchains

Loi Luu, Viswesh Narayanan, Chaodong Zheng, Kunal Baweja, Seth Gilbert, and Prateek Saxena. A Secure Sharding Protocol For Open Blockchains. InProceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS), pages 17–30, 2016

work page 2016

[43] [43]

Distributed Algorithms

Nancy Lynch. Distributed Algorithms. Morgan Kaufmann, 1996

work page 1996

[44] [44]

Dahlia Malkhi and Michael K. Reiter. Unreliable intrusion detection in distributed computations. In Proceedings of the 10th Computer Security Foundations Workshop (CSFW), pages 116–125, 1997

work page 1997

[45] [45]

Probability and computing: randomization and probabilistic techniques in algorithms and data analysis

Michael Mitzenmacher and Eli Upfal. Probability and computing: randomization and probabilistic techniques in algorithms and data analysis. Cambridge university press, 2017

work page 2017

[46] [46]

Applications of Byzantine Agreement in Database Systems

Hector Garcia Molina, Frank Pittelli, and Susan Davidson. Applications of Byzantine Agreement in Database Systems. ACM Transactions on Database Systems (TODS), 11:27–47, 1986

work page 1986

[47] [47]

The Oceanstore Project

Oceanstore. The Oceanstore Project. http://oceanstore.cs.berkeley.edu

work page

[48] [48]

Distributed Network Algorithms

Gopal Pandurangan. Distributed Network Algorithms. https://sites.google.com/site/gopalpandurangan/dna, 2018. 23

work page 2018

[49] [49]

Pease, Robert E

Marshall C. Pease, Robert E. Shostak, and Leslie Lamport. Reaching agreement in the presence of faults. J. ACM, 27(2):228–234, 1980

work page 1980

[50] [50]

D. Peleg. Distributed Computing: A Locality Sensitive Approach. SIAM, 2000

work page 2000

[51] [51]

Byzantium: Byzantine- Fault-Tolerant Database Replication Providing Snapshot Isolation

Nuno Preguic ¸a, Rodrigo Rodrigues, Christ´ov¯ao Honorato, and Jo¯ao Lourenc ¸o. Byzantium: Byzantine- Fault-Tolerant Database Replication Providing Snapshot Isolation. In Proceedings of the Fourth Con- ference on Hot Topics in System Dependability, page 9. USENIX Association, 2008

work page 2008

[52] [52]

Rhea, Patrick R

Sean C. Rhea, Patrick R. Eaton, Dennis Geels, Hakim Weatherspoon, Ben Y . Zhao, and John Kubi- atowicz. Pond: The oceanstore prototype. In Proceedings of the FAST ’03 Conference on File and Storage Technologies, pages 1–14, 2003

work page 2003

[53] [53]

Designing secure sensor networks

Elaine Shi and Adrian Perrig. Designing secure sensor networks. IEEE Wireless Commun., 11(6):38– 43, 2004

work page 2004

[54] [54]

Security, pri- vacy and trust in internet of things: The road ahead

Sabrina Sicari, Alessandra Rizzardi, Luigi Alfredo Grieco, and Alberto Coen-Porisini. Security, pri- vacy and trust in internet of things: The road ahead. Computer networks, 76:146–164, 2015

work page 2015

[55] [55]

SINTRA - Distributed Trust on the Internet

SINTRA. SINTRA - Distributed Trust on the Internet. http://www.zurich.ibm.com/security/dti/

work page

[56] [56]

Tor website https://www.torproject.org/

Tor. Tor website https://www.torproject.org/

work page

[57] [57]

Internet of things–new security and privacy challenges

Rolf H Weber. Internet of things–new security and privacy challenges. Computer law & security review, 26(1):23–30, 2010

work page 2010

[58] [58]

Contemporary approaches to fault tolerance

Alex Wright. Contemporary approaches to fault tolerance. Commun. ACM, 52(7):13–15, 2009

work page 2009

[59] [59]

Byzantine agree- ment protocol using hierarchical groups

Hiroyuki Yoshino, Naohiro Hayashibara, Tomoya Enokido, and Makoto Takizawa. Byzantine agree- ment protocol using hierarchical groups. In Proceedings of the 11th International Conference on Parallel and Distributed Systems (ICPADS), pages 64–70, 2005

work page 2005

[60] [60]

TorBricks: Blocking-Resistant Tor Bridge Distribu- tion

Mahdi Zamani, Jared Saia, and Jedidiah Crandall. TorBricks: Blocking-Resistant Tor Bridge Distribu- tion. In International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS) , pages 426–440. Springer, 2017

work page 2017

[61] [61]

A Byzantine Fault Tolerant Distributed Commit Protocol

Wenbing Zhao. A Byzantine Fault Tolerant Distributed Commit Protocol. In Proceedings of the 3rd IEEE International Symposium on Dependable, Autonomic and Secure Computing, pages 37–46, 2007. 24

work page 2007