Diffusion without false rumors: On propagating updates in a Byzantine environment

We study how to efficiently diffuse updates to a large distributed system of data replicas, some of which may exhibit arbitrary (Byzantine) failures. We assume that strictly fewer than t replicas fail, and that each update is initially received by at least t correct replicas. The goal is to diffuse each update to all correct replicas while ensuring that correct replicas accept no updates generated spuriously by faulty replicas. To achieve this, each correct replica further propagates an update only after receiving it from at least t others. In this way, no correct replica will ever propagate or accept an update that only faulty replicas introduce, since it will receive that update from only the t-1 faulty replicas. We provide the first analysis of diffusion protocols for such environments. This analysis is fundamentally different from known analyses for the benign case due to our treatment of fully Byzantine failures - which, among other things, precludes the use of digital signatures for authenticating forwarded updates. We propose two measures that characterize the efficiency of diffusion algorithms, delay and fan-in, and prove general lower bounds with regards to these measures. We then provide a family of diffusion algorithms that have nearly optimal delay/fan-in product.