Limited Update and Self-Initialisation

The URSA update concept was presented in (LKZ+_{04, LL00).}

4.6.4.1 Limited Update and Self-Initialisation Strategy

The URSA strategy is first to update an initial set of peers Pi. This initial group is denoted E of size ε. Note that ∀Pb ∈ E. Each peer Pb generates an update polynomial and computes the update shares for all Pi and distributes their shares to them. Each Pb now updates its share and deletes its old share as well as the received update shares and its update polynomial.

In the second step of the update phase, group I recovers the new shares of other trusted peers. As soon as a peer is recovered, it can also help to recover other peer. This way a kind of a swarming effect of share recoveries is initialised. Figure 4.9 depicts this strategy. The update traffic is distributed fairly among the trusted peers. Also, the protocol has natural robustness against offline trusted peers.

4.6.4.2 Analytical Evaluation of Limited Update and Self-Initialisation

This strategy employs direct distribution for the update group B of size β to all peer Pi in E. For example, for  = 17 for each Pbthis traffic results in 0.81 kBytes for unverified Threshold BLS updates, 19.38 kBytes for verified Threshold BLS updates, and 2.50 kBytes for URSA updates.

Afterwards, the swarming recovery process is started. For traffic analysis it is assumed that depending on the number of peers that have already been updated each of them is chosen with an equal probability to recover the next trusted peer. For example, with  = 17 the Pbs will on average participate in 70 recoveries. Accordingly, using unverified Threshold BLS each Pbhas to upload in total (update and self-

D B B B B

1

2

3

4

Table 4.7: System Key Update - Maximum Peer Traffic Comparison for T = 1000 and t = 17

Direct Tree-based Limited & Self Init. Improved Limited & Self Init. URSA 156.03 KB 326.50 KB 188.44 KB BLS UV 50.73 KB 307.52 KB 61.24 KB BLS V 1209.73 KB 157.49 KB 1537.09 KB 380.73 KB

initialisation) 61.24 kBytes. With verified BLS the traffic results in 1537.09 kBytes. This is due to the verification values that are different for each recovery. Using URSA, the traffic per Pbresults in 188.44 kBytes.

If a recovery group recovers several peers at the same time, traffic could be reduced because the verification values need to be exchanged only once within the recovery group D. Also, if the initial update group updates more than just the required quorum size the overall traffic can be reduced. Furthermore, the robustness of the recovery process will be increased. For example, if the initial update group updates 2tpeers and also each recovery group always recovers 10 peers using the same generating polynomials, system wide traffic results in 380.87 kBytes for verified BLS. This is a reduction of 70.66%.

Furthermore, it is not fair to compare these values with the other two distribution strategies, because for them, the traffic of using only one update polynomial was presented; the size of the update group β was not considered. However, share recovery is independent of the size of the update group β.

4.6.5 Summary

In summary, the three different update strategies – direct distribution, tree-based distribution, limited update and self initialisation – the system wide traffic for an update group sizes of β =5, 10, 15 will be compared. The trusted peer system has a size of T = 1000; the threshold is set to t = 17. The initial group size  for the limited update and self initialisation strategy is set to ε = 50.

Table 4.7 shows the resulting traffic for a peer Pb in an update group B. However, as mentioned above, this comparison is not fair for the “limited update and self initialisation” strategy, because all peers (apart from the initial updated distribution group E) have received their complete new share, whereas for the other strategies, only the update of one peer in B was considered. Also, it has to be taken into account that this strategy distributes the generated traffic over a larger period of time than the other two strategies. Furthermore, the improved limited self initialisation strategy creates significantly less traffic. The tree-based distribution especially creates all traffic immediately.

The system-wide traffic is compared in Table 4.8. Here, the “limited update and self initialisation” strategy creates the most traffic; the improved version creates significantly less traffic. Also, this strategy is only marginally sensitive to the update group size β. Therefore, for large β it can be the best solution. The tree-based distribution is the best alternative for verified updates. Direct distribution should only be chose for small update sizes and unverified traffic.

This analysis shows that the “limited update and self initialisation” strategy seems to create the most traffic by far. However, the other update strategies require the knowledge of all system trusted peers; tree-based distribution also requires the knowledge of all trusted peers’ public keys. This assumption seems to be quite hard to actualise. In order to collect this information, additional traffic in the overlay is required. Such information could also be collected over time when trusted peers interact with each other. However, each peer in the update group meets different trusted peers over time; and a consistent knowledge is required with the update group. Especially for the tree-based distribution, the required

Table 4.8: System Key Update - Complete Traffic Comparison for T = 1000 and t = 17

β Direct Tree-based Limited & Self Init. Improved Limited & Self Init. URSA 5 0.76 MB 1.59 MB 2.56 MB BLS UV 5 0.25 MB 1.50 MB 0.83 MB BLS V 5 5.91 MB 3.12 MB 20.91 MB 5.74 MB URSA 10 1.52 MB 3.19 MB 2.57 MB BLS UV 10 0.50 MB 3.00 MB 0.84 MB BLS V 10 11.82 MB 6.24 MB 21.00 MB 5.93 MB URSA 15 2.29 MB 4.78 MB 2.59 MB BLS UV 15 0.74 MB 4.5 MB 0.84 MB BLS V 15 17.72 MB 9.36 MB 21.10 MB 6.13 MB

Legend: V = Verified, UV = Unverified

knowledge of the trusted peers’ public key does not enable information collection over time. Public keys must be verified before usage with the owner, in order to guarantee an attack free update distribution.

The improved version of the “limited update and self-initialisation” strategy is a compromise here. It does not require the encryption of information, which is why it is the preferred strategy over tree-based distribution.

In conclusion, the “limited update and self initialisation” strategy seems the most realistic one to apply for the token-based accounting scheme.