TY - JOUR
T1 - Efficient and DoS-resistant Consensus for Permissioned Blockchains
AU - Chen, Xusheng
AU - Zhao, Shixiong
AU - Qi, Ji
AU - Jiang, Jianyu
AU - Song, Haoze
AU - Wang, Cheng
AU - Li, Tsz On
AU - Chan, T. H.Hubert
AU - Zhang, Fengwei
AU - Luo, Xiapu
AU - Wang, Sen
AU - Zhang, Gong
AU - Cui, Heming
N1 - Funding Information:
We thank our shepherd, Zhenhua Liu, and all anonymous reviewers for their valuable comments. This project was funded by Huawei Innovation Research Program Flagship 2018 , Huawei Theory Lab Flagship 2021 , HKU-SCF R&D funding scheme, HK RGC GRF ( 17202318 , 17207117 , 17201220 ), HK RGC ECS ( 27200916 ), Research Grants Council of the Hong Kong Special Administrative Region, China (No. PolyU15222320 ), and a Croucher Innovation Award .
Publisher Copyright:
© 2021
PY - 2022/2
Y1 - 2022/2
N2 - Existing permissioned blockchain systems designate a fixed and explicit group of committee nodes to run a consensus protocol that confirms the same sequence of blocks among all nodes. Unfortunately, when such a permissioned blockchain runs on a large scale on the Internet, these explicit committee nodes can be easily turned down by denial-of-service (DoS) or network partition attacks. Although recent studies proposed scalable BFT protocols that run on a larger number of committee nodes, these protocols’ efficiency drops dramatically when only a small number of nodes are attacked. In this paper, we propose a novel protocol named EGES that leverages hardware trusted execution environments (e.g., Intel SGX) to develop a new abstraction called “stealth committee”, which effectively hides a committee into a large pool of fake committee nodes. EGES selects a different stealth committee for each block and confirms the same blocks among all nodes with overwhelming probability. Our evaluation shows that EGES is the first efficient permissioned blockchain's consensus protocol, which simultaneously satisfies two important metrics: (1) EGES can tolerate tough DoS and network partition attacks; and (2) EGES achieves comparable throughput and latency as existing fastest permissioned blockchains’ consensus protocols. EGES's source code is available on http://github.com/hku-systems/eges.
AB - Existing permissioned blockchain systems designate a fixed and explicit group of committee nodes to run a consensus protocol that confirms the same sequence of blocks among all nodes. Unfortunately, when such a permissioned blockchain runs on a large scale on the Internet, these explicit committee nodes can be easily turned down by denial-of-service (DoS) or network partition attacks. Although recent studies proposed scalable BFT protocols that run on a larger number of committee nodes, these protocols’ efficiency drops dramatically when only a small number of nodes are attacked. In this paper, we propose a novel protocol named EGES that leverages hardware trusted execution environments (e.g., Intel SGX) to develop a new abstraction called “stealth committee”, which effectively hides a committee into a large pool of fake committee nodes. EGES selects a different stealth committee for each block and confirms the same blocks among all nodes with overwhelming probability. Our evaluation shows that EGES is the first efficient permissioned blockchain's consensus protocol, which simultaneously satisfies two important metrics: (1) EGES can tolerate tough DoS and network partition attacks; and (2) EGES achieves comparable throughput and latency as existing fastest permissioned blockchains’ consensus protocols. EGES's source code is available on http://github.com/hku-systems/eges.
KW - Byzantine fault tolerance
KW - Consensus
KW - DoS atack
KW - Permissioned blockchain
KW - Trusted execution environment
UR - http://www.scopus.com/inward/record.url?scp=85118573026&partnerID=8YFLogxK
U2 - 10.1016/j.peva.2021.102244
DO - 10.1016/j.peva.2021.102244
M3 - Journal article
AN - SCOPUS:85118573026
SN - 0166-5316
VL - 153
SP - 1
EP - 23
JO - Performance Evaluation
JF - Performance Evaluation
M1 - 102244
ER -