Breaking the O(√n)-bit barrier: Byzantine agreement with polylog bits per party

Elette Boyle, Ran Cohen, Aarushi Goel

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

11 Scopus citations


Byzantine agreement (BA), the task of n parties to agree on one of their input bits in the face of malicious agents, is a powerful primitive that lies at the core of a vast range of distributed protocols. Interestingly, in BA protocols with the best overall communication, the demands of the parties are highly unbalanced: the amortized cost is O(1) bits per party, but some parties must send ω(n) bits. In best known balanced protocols, the overall communication is sub-optimal, with each party communicating O(gn). In this work, we ask whether asymmetry is inherent for optimizing total communication. In particular, is BA possible where each party communicates only O(1) bits? Our contributions in this line are as follows: We define a cryptographic primitive - -succinctly reconstructed distributed signatures (SRDS) - -that suffices for constructing O(1) balanced BA. We provide two constructions of SRDS from different cryptographic and Public-Key Infrastructure (PKI) assumptions. The SRDS-based BA follows a paradigm of boosting from almost-everywhere agreement to full agreement, and does so in a single round. Complementarily, we prove that PKI setup and cryptographic assumptions are necessary for such protocols in which every party sends o(n) messages. We further explore connections between a natural approach toward attaining SRDS and average-case succinct non-interactive argument systems (SNARGs) for a particular type of NP-Complete problems (generalizing Subset-Sum and Subset-Product). Our results provide new approaches forward, as well as limitations and barriers, towards minimizing per-party communication of BA. In particular, we construct the first two BA protocols with O(1) balanced communication, offering a tradeoff between setup and cryptographic assumptions, and answering an open question presented by King and Saia (DISC'09).

Original languageEnglish
Title of host publicationPODC 2021 - Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing
PublisherAssociation for Computing Machinery
Number of pages12
ISBN (Electronic)9781450385480
StatePublished - 21 Jul 2021
Externally publishedYes
Event40th ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing, PODC 2021 - Virtual, Online, Italy
Duration: 26 Jul 202130 Jul 2021

Publication series

NameProceedings of the Annual ACM Symposium on Principles of Distributed Computing


Conference40th ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing, PODC 2021
CityVirtual, Online

Bibliographical note

Publisher Copyright:
© 2021 ACM.


E. Boyle’s research is supported in part by ISF grant 1861/16 and AFOSR Award FA9550-17-1-0069 and ERC project HSS (852952). R. Cohen’s research is supported in part by NSF grant 1646671. A. Goel’s work was done in part while visiting the FACT Center at IDC Herzliya, Israel. Her research is supported in part by an NSF CNS grant 1814919, NSF CAREER award 1942789 and Johns Hopkins University Catalyst award.

FundersFunder number
NSF CNS1942789, 1814919
National Science Foundation1646671
Air Force Office of Scientific ResearchFA9550-17-1-0069
Johns Hopkins University
European Research Council852952
Israel Science Foundation1861/16


    • byzantine agreement
    • communication complexity
    • cryptographic protocols


    Dive into the research topics of 'Breaking the O(√n)-bit barrier: Byzantine agreement with polylog bits per party'. Together they form a unique fingerprint.

    Cite this