diff options
author | Christian Grothoff <christian@grothoff.org> | 2021-06-12 16:49:12 +0200 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2021-06-12 16:49:12 +0200 |
commit | da2d89045c2fc10ea393e4eb917c3dca480486bc (patch) | |
tree | 9897de299f0cc43ee4cf4548363a5e9094be5a46 /draft-summermatter-set-union.xml | |
parent | aab0ce19452466c8290c700f1f6fddefa1c12ec2 (diff) | |
download | lsd0003-da2d89045c2fc10ea393e4eb917c3dca480486bc.tar.gz lsd0003-da2d89045c2fc10ea393e4eb917c3dca480486bc.zip |
chapter 1
Diffstat (limited to 'draft-summermatter-set-union.xml')
-rw-r--r-- | draft-summermatter-set-union.xml | 54 |
1 files changed, 27 insertions, 27 deletions
diff --git a/draft-summermatter-set-union.xml b/draft-summermatter-set-union.xml index ad5f17f..66fdfab 100644 --- a/draft-summermatter-set-union.xml +++ b/draft-summermatter-set-union.xml | |||
@@ -70,7 +70,7 @@ | |||
70 | 70 | ||
71 | Our primary envisioned application domain is the | 71 | Our primary envisioned application domain is the |
72 | distribution of revocation messages in the GNU Name | 72 | distribution of revocation messages in the GNU Name |
73 | System (GNS) <xref target="GNS" format="default" /><xref target="GNS" format="default"/>. In GNS, | 73 | System (GNS) <xref target="GNS" format="default" />. In GNS, |
74 | key revocation messages are usually flooded across the | 74 | key revocation messages are usually flooded across the |
75 | peer-to-peer overlay network to all connected peers | 75 | peer-to-peer overlay network to all connected peers |
76 | whenever a key is revoked. However, as peers may be | 76 | whenever a key is revoked. However, as peers may be |
@@ -91,7 +91,7 @@ | |||
91 | computational results. We note that for such systems, | 91 | computational results. We note that for such systems, |
92 | the set reconciliation protocol is merely a component of | 92 | the set reconciliation protocol is merely a component of |
93 | a multiparty consensus protocol, such as the one | 93 | a multiparty consensus protocol, such as the one |
94 | described in F.Dold's "Byzantine set-union consensus using | 94 | described in Dold's "Byzantine set-union consensus using |
95 | efficient set reconciliation" <xref target="ByzantineSetUnionConsensusUsingEfficientSetReconciliation" format="default"/>. | 95 | efficient set reconciliation" <xref target="ByzantineSetUnionConsensusUsingEfficientSetReconciliation" format="default"/>. |
96 | </t> | 96 | </t> |
97 | <t> | 97 | <t> |
@@ -108,12 +108,14 @@ | |||
108 | the number of network round-trips and the number of bytes | 108 | the number of network round-trips and the number of bytes |
109 | sent over the network. Thus, for the protocol to choose | 109 | sent over the network. Thus, for the protocol to choose |
110 | the right parameters for a given situation, applications | 110 | the right parameters for a given situation, applications |
111 | using the protocol SHOULD provide a parameter that specifies | 111 | using an implementation of the protocol SHOULD provide a |
112 | parameter that specifies | ||
112 | the cost-ratio of round-trips vs. bandwidth usage. Given | 113 | the cost-ratio of round-trips vs. bandwidth usage. Given |
113 | this trade-off factor, the protocol will then choose parameters | 114 | this trade-off factor, an implementation CAN then choose parameters |
114 | that minimize the total execution costs. In particular, there | 115 | that minimize total execution cost. In particular, there |
115 | is one major choice to be made, namely between sending the | 116 | is one major choice to be made, namely between sending the |
116 | complete set of elements, or sending only the elements that differ. | 117 | complete set of elements, or computing the set differences and |
118 | transmitting only the elements in the set differences. | ||
117 | In the latter case, our design is basically a concrete | 119 | In the latter case, our design is basically a concrete |
118 | implementation of a proposal by Eppstein.<xref target="Eppstein" format="default" /> | 120 | implementation of a proposal by Eppstein.<xref target="Eppstein" format="default" /> |
119 | </t> | 121 | </t> |
@@ -123,9 +125,7 @@ | |||
123 | fault-tolerant because it provides cryptographic and | 125 | fault-tolerant because it provides cryptographic and |
124 | probabilistic methods to discover if the other peer | 126 | probabilistic methods to discover if the other peer |
125 | is dishonest or misbehaving. | 127 | is dishonest or misbehaving. |
126 | </t> | 128 | Here, the security objective is to limit resources wasted on |
127 | <t> | ||
128 | The objective here is to limit resources wasted on | ||
129 | malicious actors. Malicious actors could send malformed | 129 | malicious actors. Malicious actors could send malformed |
130 | messages, including malformed set elements, claim to | 130 | messages, including malformed set elements, claim to |
131 | have much larger numbers of valid set elements than they | 131 | have much larger numbers of valid set elements than they |
@@ -141,27 +141,27 @@ | |||
141 | </t> | 141 | </t> |
142 | <t> | 142 | <t> |
143 | To defend against some of these attacks, applications | 143 | To defend against some of these attacks, applications |
144 | need to remember the number of elements previously | 144 | SHOULD remember the number of elements previously |
145 | shared with a peer, and provide a way to check that | 145 | shared with a peer, and SHOULD provide a way to check that |
146 | elements are well-formed. Applications may also be able | 146 | elements are well-formed. Applications MAY also |
147 | to provide an upper bound on the total number of valid | 147 | provide an upper bound on the total number of valid |
148 | elements that may exist. For example, in E-voting, the | 148 | elements that exist. For example, in E-voting, the |
149 | number of eligible voters could be used to provide such | 149 | number of eligible voters MAY be used to provide such |
150 | an upper bound. | 150 | an upper bound. |
151 | </t> | 151 | </t> |
152 | |||
153 | <t> | 152 | <t> |
154 | Initially, this RFC was created as part of Elias Summermatter's | 153 | A first draft of this RFC is part of Elias Summermatter's |
155 | bachelor thesis. Many of the algorithms and parameters | 154 | bachelor thesis. Many of the algorithms and parameters |
156 | documented in this RFC are derived in detail in this thesis. | 155 | documented in this RFC are derived from experiments |
157 | <xref target="byzantine_fault_tolerant_set_reconciliation" format="default"/> | 156 | detailed in this thesis. |
157 | <xref target="byzantine_fault_tolerant_set_reconciliation" format="default"/> | ||
158 | </t> | 158 | </t> |
159 | 159 | ||
160 | <t> | 160 | <t> |
161 | This document defines the normative wire format of resource records, resolution processes, | 161 | This document defines the normative wire format of resource records, resolution processes, |
162 | cryptographic routines and security considerations for use by implementors. | 162 | cryptographic routines and security considerations for use by implementors. |
163 | SETU requires a bidirectional secure communication channel between the two parties. | 163 | SETU requires a bidirectional secure communication channel between the two parties. |
164 | Specification of the communication channel is out of scope of this document. | 164 | Specification of the communication channel is out of scope of this document. |
165 | </t> | 165 | </t> |
166 | <t> | 166 | <t> |
167 | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL | 167 | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL |
@@ -1600,7 +1600,7 @@ FUNCTION get_bucket_id (key, number_of_buckets_per_element, ibf_size) | |||
1600 | <t> | 1600 | <t> |
1601 | The <em><xref target="messages_request_full" format="title" /></em> message is sent by the initiating peer in <strong>Expect SE</strong> state to the receiving peer, if | 1601 | The <em><xref target="messages_request_full" format="title" /></em> message is sent by the initiating peer in <strong>Expect SE</strong> state to the receiving peer, if |
1602 | the operation mode "<xref target="modeofoperation_full-sync" format="title" />" is | 1602 | the operation mode "<xref target="modeofoperation_full-sync" format="title" />" is |
1603 | determined to be the superior <xref target="modeofoperation" format="title" /> and that it is the better choice that | 1603 | determined to be the superior <xref target="modeofoperation" format="title" /> and that it is the better choice that |
1604 | the other peer sends his elements first. The initiating peer changes after sending the <em><xref target="messages_request_full" format="title" /></em> message into | 1604 | the other peer sends his elements first. The initiating peer changes after sending the <em><xref target="messages_request_full" format="title" /></em> message into |
1605 | <strong>Full Receiving</strong> state. | 1605 | <strong>Full Receiving</strong> state. |
1606 | </t> | 1606 | </t> |
@@ -1659,7 +1659,7 @@ FUNCTION get_bucket_id (key, number_of_buckets_per_element, ibf_size) | |||
1659 | <t> | 1659 | <t> |
1660 | The <em><xref target="messages_send_full" format="title" /></em> message is sent by the initiating peer in <strong>Expect SE</strong> state to the receiving peer if | 1660 | The <em><xref target="messages_send_full" format="title" /></em> message is sent by the initiating peer in <strong>Expect SE</strong> state to the receiving peer if |
1661 | the operation mode "<xref target="modeofoperation_full-sync" format="title" />" is | 1661 | the operation mode "<xref target="modeofoperation_full-sync" format="title" />" is |
1662 | determined as superior <xref target="modeofoperation" format="title" /> and that it is the better choice that the | 1662 | determined as superior <xref target="modeofoperation" format="title" /> and that it is the better choice that the |
1663 | peer sends his elements first. The initiating peer changes after sending the <em><xref target="messages_request_full" format="title" /></em> message into | 1663 | peer sends his elements first. The initiating peer changes after sending the <em><xref target="messages_request_full" format="title" /></em> message into |
1664 | <strong>Full Sending</strong> state. | 1664 | <strong>Full Sending</strong> state. |
1665 | </t> | 1665 | </t> |
@@ -2557,7 +2557,7 @@ FUNCTION END | |||
2557 | <t> | 2557 | <t> |
2558 | In order to calculate this plausibility, in Summmermatters paper <xref target="byzantine_fault_tolerant_set_reconciliation" format="default"/> | 2558 | In order to calculate this plausibility, in Summmermatters paper <xref target="byzantine_fault_tolerant_set_reconciliation" format="default"/> |
2559 | a formula was developed, which depicts the probability with which one | 2559 | a formula was developed, which depicts the probability with which one |
2560 | can calculate the corresponding plausibility based on the number of | 2560 | can calculate the corresponding plausibility based on the number of |
2561 | new and repeated elements after each received element. | 2561 | new and repeated elements after each received element. |
2562 | </t> | 2562 | </t> |
2563 | <t> | 2563 | <t> |