计算机科学与探索 ›› 2020, Vol. 14 ›› Issue (10): 1693-1701.DOI: 10.3778/j.issn.1673-9418.1912052

• 网络与信息安全 • 上一篇    下一篇

少数决:更安全的分布式一致性算法选举机制

李彬,姜建国   

  1. 1. 北京交通大学 计算机与信息技术学院,北京 100044
    2. 国家保密科技测评中心,北京 100044
    3. 中国科学院 信息工程研究所,北京 100093
  • 出版日期:2020-10-01 发布日期:2020-10-12

Minority Decision: More Secure Voting Mechanism for Distributed Consistency Algorithm

LI Bin, JIANG Jianguo   

  1. 1. School of Computer and Information Technology, Beijing Jiaotong University, Beijing 100044, China
    2. National Secrecy Science and Technology Evaluation Center, Beijing 100044, China
    3. Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China
  • Online:2020-10-01 Published:2020-10-12

摘要:

目前应用于分布式系统中的基于选举的分布式一致性算法(类Paxos算法),都是采用得到50%以上选票者当选Leader的方式进行选举。此种选举机制类似现实生活中的选举,存在因控制投票而丧失系统去中心化的安全隐患。而去中心化是分布式系统的重要安全属性,可以避免系统因某个特殊节点故障而整体瘫痪。为此,提出了一种新的Leader选举机制——少数决,即通过逐步淘汰选择一致的多数者的方式选出Leader。此种选举机制可以有效降低绝对控票攻击的可能性,提高Leader选举的随机性,进而保证整个系统去中心化。通过理论分析和实验结果进一步验证了此种选举机制对比传统的多数决选举机制,在没有明显降低选举时间的基础上,具有更好的安全性。

关键词: 一致性算法, 选举机制, 少数决, 去中心化, 安全性

Abstract:

At present, the election based distributed consistency algorithm (Paxos like algorithm) applied in distri-buted system is elected by more than 50% of the voters. This kind of election mechanism is similar to the election in real life, and there is a potential risk of losing systematic decentralization due to the control of voting. Decen-tralization is an important security attribute of the distributed system, which can avoid the overall failure of the system due to the failure of a particular node. For this reason, this paper proposes a new leader election mechanism,minority decision, which selects leaders by phasing out the same majority. This kind of election mechanism can effectively reduce the possibility of absolute vote control attack, improve the randomness of leader election, and then ensure the decentralization of the whole system. Through theoretical analysis and experimental results, it is verified that this kind of election mechanism has better security than the traditional majority election mechanism without significantly reducing the election time.

Key words: consistency algorithm, election mechanism, minority decision, decentralization, security