Efficient and DoS-resistant Consensus for Permissioned Blockchains

TL;DR

This paper introduces EGES, a consensus protocol for permissioned blockchains that uses Intel SGX to create a stealth committee, making it resistant to DoS and network partition attacks while maintaining high throughput and low latency.

Contribution

EGES is the first permissioned blockchain consensus protocol that effectively resists DoS and network partition attacks using stealth committees and SGX technology.

Findings

EGES tolerates severe DoS and network partition attacks.

EGES achieves throughput and latency comparable to existing protocols.

Stealth committees effectively hide nodes from attackers.

Abstract

Existing permissioned blockchain systems designate a fixed and explicit group of committee nodes to run a consensus protocol that confirms the same sequence of blocks among all nodes. Unfortunately, when such a permissioned blockchain runs in a large scale on the Internet, these explicit committee nodes can be easily turned down by denial-of-service (DoS) or network partition attacks. Although work proposes scalable BFT protocols that run on a larger number of committee nodes, their efficiency drops dramatically when only a small number of nodes are attacked. In this paper, our EGES protocol leverages Intel SGX to develop a new abstraction called "stealth committee", which effectively hides the committee nodes into a large pool of fake committee nodes. EGES selects a distinct group of stealth committee for each block and confirms the same sequence of blocks among all nodes with overwhelming probability. Evaluation on typical geo-distributed settings shows that: (1)EGES is the first permissioned blockchain's consensus protocol that can tolerate tough DoS and network partition attacks; and (2) EGES achieves comparable throughput and latency as existing permissioned blockchains' protocols