Randomisation is a critical tool in designing distributed systems. The common coin primitive, enabling the system members to agree on an unpredictable random number, has proven to be particularly useful. We observe, however, that it is impossible to implement a truly random common coin protocol in a fault-prone asynchronous system. To circumvent this impossibility, we introduce two relaxations of the perfect common coin: (1) approximate common coin generating random numbers that are close to each other; and (2) Monte Carlo common coin generating a common random number with an arbitrarily small, but non-zero, probability of failure. Building atop the approximate agreement primitive, we obtain efficient asynchronous implementations of the two abstractions, tolerating up to one third of Byzantine processes. Our protocols do not assume trusted setup or public key infrastructure and converge to the perfect coin exponentially fast in the protocol running time. By plugging one of our protocols for Monte Carlo common coin in a well-known consensus algorithm, we manage to get a binary Byzantine agreement protocol with $O(n^3 \log n)$ communication complexity, resilient against an adaptive adversary, and tolerating the optimal number $f<n/3$ of failures without trusted setup or PKI. To the best of our knowledge, the best communication complexity for binary Byzantine agreement achieved so far in this setting is $O(n^4)$. We also show how the approximate common coin, combined with a variant of Gray code, can be used to solve an interesting problem of Intersecting Random Subsets, which we introduce in this paper.
翻译:随机调试是设计分布式系统的关键工具。 普通硬币原始, 使系统成员能够就无法预测的随机数字达成一致, 事实证明非常有用 。 然而, 我们观察到, 在容易出错的杂交系统中, 无法执行真正随机的通用硬币协议 。 为了绕过这一可能性, 我们引入了两种完美的共同硬币的放松:(1) 大约共同硬币生成随机数字, 并且相互接近; (2) 蒙特卡洛共同硬币生成一个普通随机数, 任意地小但非零, 有可能失败。 在接近原始协议时, 我们获得了两个抽象的不同步执行。 但是, 我们观察到, 我们无法在容易出错的容易出错的系统里执行真正随机的通用共同硬币协议 。 通过在众所周知的协商一致算法中插入一个我们为蒙特卡洛共同硬币设计的协议, 我们设法获得一个与$( n3\log n) 的硬币协议。 我们获得了两个简单协议, 能够有效地执行两个抽象的抽象式协议, 将Byalityalatealityalatealate etalate 3 。