Extending Asynchronous Byzantine Agreement with Crusader Agreement

TL;DR

This paper introduces a new reduction from multivalued Byzantine agreement to binary Byzantine agreement, along with two novel information-theoretic crusader agreement protocols, enabling efficient multivalued agreement with security guarantees.

Contribution

It presents a reduction from multivalued to binary Byzantine agreement and designs two new information-theoretic crusader agreement protocols for multivalued inputs.

Findings

Achieves multivalued BA with one binary BA and one crusader agreement instance.

Develops a statistically secure CA protocol with near-universal hashing.

Creates a perfectly secure CA protocol tolerating up to n/3 faults with bounded communication.

Abstract

In this work, we study multivalued byzantine agreement (BA) in an asynchronous network of $n$ parties where up to $t < \frac{n}{3}$ parties are byzantine. We present a new reduction from multivalued BA to binary BA. It allows one to achieve BA on $\ell$-bit inputs with one instance of binary BA, one instance of crusader agreement (CA) on $\ell$-bit inputs and $\Theta(\ell n + n^2)$ bits of additional communication. As our reduction uses multivalued CA, we also design two new information-theoretic CA protocols for $\ell$-bit inputs. In the first one, we use almost-universal hashing to achieve statistical security with probability $1 - 2^{-\lambda}$ against $t < \frac{n}{3}$ faults with $\Theta(\ell n + n^2(\lambda + \log n))$ bits of communication. Following this, we replace the hashes with error correcting code symbols and add a preliminary step based on the synchronous multivalued BA protocol COOL [DISC '21] to obtain a second, perfectly secure CA protocol that can for any $\varepsilon > 0$ be set to tolerate $t \leq \frac{n}{3 + \varepsilon}$ faults with $\mathcal{O}\bigl(\frac{\ell n}{\min(1, \varepsilon^2)} + n^2\max\bigl(1, \log \frac{1}{\varepsilon}\bigr) \bigr)$ bits of communication. Our CA protocols allow one to extend binary BA to multivalued BA with a constant round overhead, a quadratic-in-$n$ communication overhead, and information-theoretic security.