Secure Distributed Computing


Summary. The goal of this course is to understand distributed cryptosystems and protocols for distributed systems that use the replication paradigm for tolerating faults or even malicious attacks. The course will consist of two parts: first an introduction to this active area of research, with presentation of the principles; second a seminar-style interactive presentation of classic research papers and recently developed systems by the participants.

Prerequisites. Basic knowledge in cryptography and principles of distributed systems, as offered in courses “Security and Cryptography” and “Distributed Algorithms”.


Lecturer. Dr. Christian Cachin, IBM Research - Zurich, until Dec. 2009 on sabbatical leave at Distributed Programming Laboratory (LPD), EPFL, office INR 327.

Dates. The lecture takes place Tuesdays, 8:15-10:00, in BC02.

Web page.

List of Topics

  • Secret sharing
  • Distributed/threshold cryptosystems
  • Asynchronous Byzantine agreement
  • Atomic broadcast (Byzantine-fault tolerance, BFT)
  • BFT services and storage
  • Proactive cryptosystems
  • Untrusted storage



Papers grouped by topic

Threshold cryptography

  • Christian Cachin, Klaus Kursawe, Anna Lysyanskaya, Reto Strobl: Asynchronous Verifiable Secret Sharing and Proactive Cryptosystems. ACM Conference on Computer and Communications Security 2002: 88-97

BFT replication protocols

BFT replication protocols when there are attacks and some applications

  • Ben Vandiver, Hari Balakrishnan, Barbara Liskov, Samuel Madden: Tolerating Byzantine Faults in Transaction Processing Systems Using Commit Barrier Scheduling. SOSP 2007: 59-72

Cryptographic algorithms for storage integrity

Systems providing storage integrity

Grade and Exam

There will be an oral final exam.

The grade will respect the quality of the paper presentations and the grade in the exam.

Last updated: 23 Nov. 2009.