One of the main reasons why Byzantine fault-tolerant (BFT) systems are not widely used lies in their high resource con-sumption: 3f+1 replicas are necessary to tolerate only f faults. Recent works have been able to reduce the minimum number of replicas to 2f+1 by relying on a trusted sub-system that prevents a replica from making conflicting state-ments to other replicas without being detected. Nevertheless, having been designed with the focus on fault handling, these systems still employ a majority of replicas during normal-case operation for seemingly redundant work. Furthermore, the trusted subsystems available trade off performance for security: that is, they either achieve high throughput or they come with a small trusted computing base. This paper presents CheapBFT, a BFT system that, for the first time, tolerates that all bur one of the replicas active in normal-case operation become faulty. CheapBFT runs a composite agreement protocol and exploits passive replica-tion to save resources; in the absence of faults, it requires that only f+1 replicas actively agree on client requests and ex-ecute them. In case of suspected faulty behavior, CheapBFT triggers a transition protocol that activates/extra passive replicas and brings all non-faulty replicas into a consistent state again. This approach, for example, allows the system to safely switch to another, more resilient agreement protocol. CheapBFT relies on an FPGA-based trusted subsystem for the authentication of protocol messages that provides high performance and comprises a small trusted computing base.
展开▼
