Technical Report Number
The Castro and Liskov Byzantine Fault Tolerance protocol for replicated state machines (CLBFT) provides a practical means of tolerating arbitrary replica failures in replicated passive data servers. For better performance, CLBFT uses Message Authentication Codes (MAC) instead of public Key cryptography to authenticate messages and preserves replica consistency even in the presence of malicious clients. However, CLBFT is susceptible to potential attacks by malicious clients using corrupted MACs to force replica groups into expensive configuration changes repeatedly. While not affecting correctness, this vulnerability can seriously impair the performance of the replica group. We propose modifications to CLBFT that address this problem. We identify two key forms of attacks and present a viable solution to each.
Pallemulle, Sajeeva L.; Thorvaldsson, Haraldur D.; and Goldman, Kenneth J., "Preserving Performance of Byzantine Fault Tolerant Replica Groups in the Presence of Malicious Clients" Report Number: WUCSE-2006-52 (2006). All Computer Science and Engineering Research.