Reliable Broadcasting in Logarithmic Time with Byzantine Link Failures

JOURNAL OF ALGORITHMS ARTICLE NO.

22, 199]211 Ž1997.

AL960810

Reliable Broadcasting in Logarithmic Time with Byzantine Link Failures Piotr Berman Computer Science Department, The Pennsyl¨ ania State Uni¨ ersity, Uni¨ ersity Park, Pennsyl¨ ania 16802

Krzysztof Diks* Instytut Informatyki, Uni¨ ersytet Warszawski, Banacha 2, 02-097 Warsaw, Poland

and Andrzej Pelc † Departement d’Informatique, Uni¨ ersite´ du Quebec ´ ´ a` Hull, C.P. 1250, Succursale B, Hull, Quebec J8X 3X7, Canada Received May 4, 1993

Broadcasting is a process of transmitting a message held in one node of a communication network to all other nodes. Links of the network are subject to randomly and independently distributed faults with probability 0 - q - 12 ; faults are permanent and Byzantine, while all nodes are fault-free. In a unit of time, each node can communicate with at most one other node. We present a broadcasting algorithm which works for n nodes in time O Žlog n. with probability of correctness exceeding 1 y 1rn, for sufficiently large n. Q 1997 Academic Press

1. INTRODUCTION Broadcasting is a process of transmitting a message held in one node of a communication network Žcalled the source. to all other nodes. Many authors have studied broadcasting Žand gossiping, which is closely related. * Partly supported by NSERC International Fellowship and Grant KBN 2-2043-92-03. † Partly supported by NSERC Grant OGP 0008136. 199 0196-6774r97 $25.00 Copyright Q 1997 by Academic Press All rights of reproduction in any form reserved.

200

BERMAN, DIKS, AND PELC

in networks whose links are subject to failures w2]13, 17, 18x Žsee also w15x for an extensive bibliography of the domain.. Two types of failures are usually considered: crash failures, when faulty links stop transmitted messages but do not alter them w2, 4, 6]13, 18x, and Byzantine failures, when the behavior of faulty links is arbitrary, even malicious w3, 5, 17x. While the classical approach imposes an upper bound on the number of faults and assumes their worst case location w2, 11]13x, in the probabilistic models, which recently have received growing attention w3]10, 17, 18x, faults are assumed to occur randomly, independent of one another. Under this scenario the aim is to construct broadcasting algorithms working correctly with high probability. In this paper we assume that nodes of the network are fault-free and links fail independently with constant probability 0 - q - 12 . Faults are permanent Žlinks do not change fault status during broadcasting. and Byzantine Žfaulty links may behave arbitrarily .. Since we consider the most general type of faults, our results have a wide range of applications: broadcasting working correctly in the presence of Byzantine failures works also for any type of faults. We assume that in a unit of time each node can communicate with at most one other node. We work in complete networks, i.e., it is assumed that every node can communicate directly with every other node. It will be seen, however, that much sparser networks, in fact some networks of logarithmic degree, can also support our broadcasting algorithm. The aim of this paper is the construction of a broadcasting algorithm working for n-node networks in time O Žlog n. Žwe count total execution time, including message transmissions and local processing. with probability of correctness exceeding 1 y 1rn. This improves a result from w3x where O Žlog 2 n. broadcasting was proposed. Our algorithm uses a specific type of expander graph which is known to exist but whose explicit construction has not been given to date. Our algorithm is synchronous Ža global clock is assumed. and nonadaptive: all transmissions are scheduled before execution is started. For simplicity of presentation we assume that the initial message held in the source is one bit; this can be easily generalized for arbitrary size messages. Transmissions are scheduled in such a way that, at each time unit, each node knows on which link it should expect a message and along what route this message should have travelled. This makes it possible to ignore values coming on faulty links at unexpected times. On the other hand, if at time t a node w expects a message from ¨ to come via path p, any value coming at this time on the final link of p is stored in w as the Žpossibly distorted. message coming from ¨ via path p. If no message comes on this link at the expected time, a default value is stored.

201

BROADCASTING WITH BYZANTINE LINK FAILURES

The paper is organized as follows. In Section 2 we give some preliminary notions and results used throughout the paper. Section 3 is devoted to the description of our algorithm under the additional assumption that link failure probability q is less than some small specified constant q0 ; first we give an informal high-level presentation and then we specify more detailed subroutines and compute their execution time. In Section 4 we prove that our broadcasting algorithm works correctly with probability exceeding 1 y 1rn, for sufficiently large n. Finally, in Section 5 we show how to enhance our algorithm for arbitrary link failure probability q - 12 using techniques from w3x.

2. PRELIMINARIES For any finite set X, < X < denotes the number of elements of X. For a real x, u x v denotes the smallest integer greater or equal than x, and ? x @ denotes the largest integer less or equal than x. We use log x for the logarithm with base 2. For any graph G and any set X of nodes of G, G Ž X . denotes the set of all neighbors of nodes from X. If G s Ž A, B, E . is a bipartite graph with sets of nodes A, B and set of edges E, the graph G is called an Ž a , b , n, d .-expander if < A < s < B < s n, the degree of each node is d and, for all X ; A such that < X < F a n, we have < G Ž X .< G b < X <. The following result can be obtained by a simple counting argument. PROPOSITION 2.1. For e¨ ery integer d ) 1 and for e¨ ery b - d y 1, there exists 1 G a ) 0 such that for all n G d there exists an Ž a , b , n, d .-expander. Explicit constructions of Ž a , b , n, d .-expanders are known for b F drŽŽ d y 4. a q 4., where d is a successor of a prime number Žcf. w1, 16x.. We will use the following estimates of the probability that at least Žresp. at most. k successes are obtained in a series of n Bernoulli trials with success probability p. Let X denote the number of successes in such a series. PROPOSITION 2.2. Ža. PrŽ X G k . F n p k , for 0 F k F n, 0 F p F 1. k 2 Žb. PrŽ X F Ž1 y d . pn. F eyd n p r2 for 0 F d F 1, 0 F p F 1.

ž/

The first of the above inequalities is straightforward and the second can be found in w14x. Finally, the following well-known inequalities will be used. PROPOSITION 2.3.

For all 1 F k F n, Ž nrk . k F

n k

ž / F Ž enrk. . k

202

BERMAN, DIKS, AND PELC

3. DESCRIPTION OF THE BROADCASTING ALGORITHM In this section we describe our broadcasting algorithm under the additional assumption that link failure probability q is less than q0 , where q0 is a positive constant less than 12 , to be determined in Section 4. Later, in Section 5, we will show how this assumption can be removed. We first present the idea of our broadcasting algorithm. Let c be any constant greater than 2 and let A be the set of all n y 1 nodes except the source s. Let m s u c logŽ n y 1.v. For simplicity we assume that m divides n y 1; the construction and the arguments can easily be modified in the general case. Partition A into k s Ž n y 1.rm subsets of size m and arrange them in a complete binary tree T. The terms level, root, branch, left child, right child, and parent will be used with respect to this tree; the vertices of T will be called groups. We denote by ROOT the group which is the root of T and by lcŽ X . and rcŽ X . the left and right child of the group X. The root is on level 0. For 0 - g F 1, we say that the correct message is g-dominating in a group at some point of the algorithm execution if at least g m elements of the group have computed the correct message at this point. The algorithm works in three stages. In Stage 1 the source informs nodes in ROOT. The aim of this stage is to make the correct message Ž1 y l.-dominating in ROOT, with probability at least 1 y 2ym , for some constant l which will be determined in Section 4. In Stage 2 the message is transmitted along branches of T. The aim of this stage is that the correct message becomes Ž1 y l.-dominating in each group. In consecutive steps the message is transmitted from a group to each of its children along edges of an appropriate bipartite expander. This is done in such a way that, if the correct message was Ž1 y l.-dominating in a group, then the probability that it becomes Ž1 y l.-dominating in the child is at least 1 y 2ym . A similar approach was used in w1x to construct fault-tolerant sorting networks. Stage 3 is devoted to spreading the correct message in parallel inside groups. If the correct message was Ž1 y l.-dominating in a given group at the end of Stage 2, it becomes 1-dominating with probability at least 1 y 2ym upon completion of Stage 3, that is, all nodes in the group have the correct message, with this probability. We now describe subroutines used to execute the above stages of the algorithm. For every node u, X u denotes the content of register X in this node. In the beginning, the original message is held in register M of the source. Also, for every node u, the bit that it computes during the execution of the algorithm and considers at a given stage to be the correct message is stored in its register M. Each node changes the content of this register at most once during the algorithm execution. The final value of

BROADCASTING WITH BYZANTINE LINK FAILURES

203

M x is what node x outputs as its version of the source message. We will use an elementary procedure SEND Ž u, X, ¨ , Y ., for distinct nodes u, ¨ , which consists of u sending X u to ¨ and ¨ assigning the received value to its register Y. If the link x y y is fault-free, the effect of SEND Ž u, X, ¨ , Y . is the same as the assignment Y¨ ¤ X u ; otherwise an arbitrary value is assigned to Y¨ . The first subroutine, executing Stage 1 of our algorithm, is very simple. The source sends its message sequentially to all nodes in ROOT. Execution time of this procedure is O Ž m.. Procedure SOURCE-TO-ROOT for all ¨ g ROOT do SEND Ž s, M, ¨ , M .. The aim of the second subroutine, used in Stage 2, is message transmission between two disjoint sets of equal size m. We assume that constants a and d are such that there exists a Ž a , dr2 q 2, m, d .-expander. Let G s Ž Y, X, E . be such a bipartite expander and let P i : X ª Y, i s 1, 2, . . . , d, be bijections from X onto Y such that P i Ž x . / P j Ž x ., for all x g X and i / j, and such that  x, P i Ž x .4 : x g X, i F d4 s E Žthat is, bijections P i form a decomposition of G into edge-disjoint perfect matchings.. For a fixed expander G and bijections P 1 , . . . , P d , the following subroutine transmits the message from X to Y via d edge-disjoint perfect matchings Žeach matching in parallel., upon which each node computes the majority value. The execution time of this procedure is constant Ždoes not depend on m.. Procedure GROUP-TO-GROUP Ž X, Y . for i ¤ 1 to d do for all u g X in parallel do SENDŽ u, M, P i Ž u., V w u x. for all ¨ g Y in parallel do M¨ ¤

½

0, 1,

if <  u g G Ž  ¨ 4 . : V¨ w u x s 0 4 < ) dr2 otherwise

The final subroutine is used to spread the correct message in each group, by exchanging messages Žstored in register M of each node. among nodes and computing the majority value at each node. This value is considered correct and is stored in register M of each node. Message exchange is executed in m steps using m edge-disjoint matchings L1 , . . . , L m which cover all edges in the complete graph on m vertices. The procedure takes time O Ž m.. For every group X we fix a sequence L1 , . . . , L m of matchings as above.

204

BERMAN, DIKS, AND PELC

Procedure SPREADŽ X . for i ¤ 1 to m do for all  x, y4 g L i in parallel do SENDŽ x, M, y, W w x x. SENDŽ y, M, x, W w y x. for all x g X in parallel do Mx ¤

½

0, 1,

if  y g X _  x 4 : Wx w y x s 0 4 ) Ž m y 1 . r2 otherwise

Using the above subroutines, the entire broadcasting algorithm can be written as follows. Algorithm BROADCAST SOURCE-TO-ROOT for i ¤ 0 to ?log k @ y 1 do for all groups X on level i of T in parallel do if lcŽ X . exists then do GROUP-TO-GROUPŽ X, lcŽ X .. if rcŽ X . exists then do GROUP-TO-GROUPŽ X, rcŽ X .. for all groups X in parallel do SPREADŽ X . Since k g O Ž n., the algorithm is executed in time O Ž m q log k . s O Žlog n..

4. PROBABILITY OF CORRECTNESS In this section we prove that if link failure probability q is less than some constant q0 to be determined later, then the algorithm BROADCAST works correctly for n nodes with probability exceeding 1 y 1rn, where n is sufficiently large. Take any integer d ) 6. ŽFor simplicity of presentation we assume that d is even.. Then dr2 q 2 - d y 1 and hence, by Proposition 2.1, there exists an a ) 0 such that an Ž a , dr2 q 2, m, d .-expander exists for all m G d. Consider n sufficiently large to guarantee m G d. Let l be a positive constant less than ar3. LEMMA 4.1. There exists a positi¨ e constant q1 - 1r2 such that, if link failure probability q is less than q1 , then the correct message becomes Ž1 y l.dominating in ROOT with probability at least 1 y 2ym Ž for sufficiently large m. upon completion of procedure SOURCE-TO-ROOT.

205

BROADCASTING WITH BYZANTINE LINK FAILURES

Proof. If a node in ROOT gets incorrect message, the link joining it to the source must be faulty. Using Proposition 2.2.a and Proposition 2.3, the probability that at least l m nodes in ROOT get incorrect message, can be estimated as follows, for sufficiently large m, m

Ý

is u l m v

m my i m i q Ž1 y q. F ? q u lmv F u lmv i

ž

ž /

/

e

2l

m

?q

l

žž / / l

,

which is less than 2ym for q - q1 s Ž lre . 2r2 1r l. LEMMA 4.2. There exists a positi¨ e constant q2 F 1r2 such that, if link failure probability q is less than q2 and the correct message was Ž1 y l.dominating in group X, then it becomes Ž1 y l.-dominating in group Y, with probability at least 1 y 2ym , for sufficiently large m, upon completion of procedure GROUP-TO-GROUP Ž X, Y .. Proof. During the execution of procedure GROUP-TO-GROUP Ž X, Y ., dm operations SEND are performed. Let m s lrŽ2 d .. Similarly as in Lemma 4.1, the probability that at least m dm of these operations involve incorrect links, can be estimated Žfor sufficiently large m. as dm

Ý

is u m dm v

m dm d myi 2md dm i q Ž1 y q. F q u m d m v F Ž Ž erm . ? q dm . , u m dm v i

ž

ž /

/

which is less than 2ym for q - q2 s Ž mre . 2r2 1rŽ m d. s Ž lrŽ2 de .. 2r41r l. Let E be the event that less than m dm of these operations involve incorrect links. Denote by Z the set of those nodes in Y which assigned an incorrect message to their register M during the execution of GROUPTO-GROUP Ž X, Y .. These nodes could get an incorrect message either from a node in X which had such a message or via an incorrect link. Moreover, in order to assign a wrong bit to its register M, a node in Z must have gotten at least dr2 incorrect messages. Since the correct message was Ž1 y l.-dominating in X, it follows that if the event E holds, the size of Z can be estimated as
l dm q m dm dr2

s m Ž 2 l q 2 m . - 3 l m - a m.

Suppose that < Z < G l m. Let < Z < s d m for d G l. Every element z g Z got the correct message via at most dr2 links. Hence the total number of links via which the correct message has been received in Z does not exceed d d mr2. On the other hand, < G Ž Z .< G Ž dr2 q 2. d m, by the definition of expander. At most l m nodes in G Ž Z . held an incorrect message in their register M. The rest of nodes sent the correct message to nodes in Z, each

206

BERMAN, DIKS, AND PELC

via at least one link. At most m dm of those links are faulty, assuming that event E holds. Hence the total number of links via which the correct message has been received in Z is at least

ž

d 2

q 2 d m y l m y m dm s d d mr2 q Ž d y l . m

/

q d m y m dm ) d d mr2 because d G l and m s lrŽ2 d . - lrd. This contradiction implies that, if the event E holds, then < Z < - l m and hence the correct message becomes Ž1 y l.-dominating in Y upon completion of procedure GROUP-TO-GROUP Ž X, Y .. This concludes the proof in view of PrŽ E . G 1 y 2ym . LEMMA 4.3. There exists a positi¨ e constant q3 - 12 such that, if link failure probability q is less than q3 and the correct message was Ž1 y l.dominating in group X, then for e¨ ery node in X, the probability that it computes the correct message, upon completion of procedure SPREAD Ž X ., is at least 1 y 2ym , for sufficiently large m. Proof. During the execution of SPREAD Ž X ., every node x in group X gets messages from m y 1 other nodes. At most l m of them send an incorrect message. If less than Ž m y 1.r2 y l m links incident to node x are faulty then x receives the correct message on the majority of links and consequently computes the correct bit as well. It remains to estimate the probability that at least Ž m y 1.r2 y l m links incident to x are faulty. For sufficiently large m, my1

m y lm G

2

y lm G

m 3

y lm

and hence, in view of Proposition 2.2.a and Proposition 2.3, the above probability can be estimated as my1

qiŽ1 y q.

Ý

my 1yi

is uŽ my1 .r2y l m v

F F F

ž ž

žž

m

Ž m y 1 . r2 y l m em

Ž m y 1 . r2 y l m e 1r3 y l

/ /

q uŽ my1.r2y l m v uŽ my1 .r2y l m v

m

1y l

/

q

1r3y l

/

,

q uŽ my1.r2y l m v

207

BROADCASTING WITH BYZANTINE LINK FAILURES

which is less than 2ym for q - q3 s

1 2 3rŽ1y3 l .

?

ž

1 y 3l 3e

Ž3y3 l .r Ž1y3 l .

/

.

Using the above lemmas we can now prove the main result of this section. THEOREM 4.4. There exists a positi¨ e constant q0 - 12 such that, if link failure probability q is less than q0 , then broadcasting for n nodes can be achie¨ ed in time O Žlog n. with probability of correctness exceeding 1 y 1rn, for sufficiently large n. Proof. Let q0 s minŽ q1 , q2 , q3 .. By Lemma 4.1, the probability that upon completion of procedure SOURCE-TO-ROOT, the correct message is not Ž1 y l.-dominating in ROOT does not exceed 2ym . By Lemma 4.2, the probability that upon completion of all GROUP-TO-GROUP procedures called by the algorithm, the correct message is not Ž1 y l.dominating in some group does not exceed 2ym q Ž n y 1.2ym . Finally, by Lemma 4.3, the probability that upon completion of all SPREAD procedures called by the algorithm, some node does not compute the correct message does not exceed 2ym q Ž n y 1 . 2ym q n2ym s 2 n ? 2yu c logŽ ny1.v , which is less than 1rn for sufficiently large n, because c ) 2. 5. MODIFICATIONS FOR ARBITRARY q -

1 2

In this section we show how our algorithm should be modified for link failure probability q in the range Ž q0 , 12 .. Our modification uses the result from w3x that for any link failure probability q - 21 and any r - 1, it is possible to transmit a message from node x to node y with probability of correctness exceeding r. Moreover, this transmission can be performed in time t, using a set A of g nodes as intermediaries, where t and g depend only on q and r. Taking r s 1 y q0 we can modify our algorithm as follows. Replace each instance of operation SEND Ž x, H, y, G . in all subroutines by the procedure TRANSMIT Ž x, H, y, G, A. which communicates H x to node y. Node y stores the computed bit which it considers to be the correct version of H x in its register G. Nodes in the set A, such that x, y f A, are intermediaries in this communication. The probability that, upon completion of TRANSMIT, Gy becomes H x is greater than r. Thus, TRANSMIT

208

BERMAN, DIKS, AND PELC

Ž x, H, y, G, A. has the same effect as SEND Ž x, H, y, G . with link failure probability q - q0 , and the previous analysis applies. The only other modification is to ensure that TRANSMIT procedures performed in parallel have disjoint sets A of intermediaries Žotherwise a node risks to have two different communications scheduled simultaneously .. This can be achieved by partitioning every series of TRANSMIT procedures to be performed in parallel into g subseries Žwhere g is the required size of set A. and choosing disjoint sets of intermediaries for procedures in a subseries. Intermediaries can be chosen from among nodes which are neither senders nor receivers of a TRANSMIT procedure in the subseries. Now procedures in each subseries can be performed in parallel. Since execution time of TRANSMIT does not depend on n and the above serializing adjustment increases overall execution time only by a constant factor, we conclude that the modified algorithm also works in time O Žlog n.. It remains to specify the procedure TRANSMIT from w3x and compute its probability of correctness. Let « s 12 y q and x, y f A. Procedure TRANSMIT Ž x, H, y, G, A. for a g A do SEND Ž x, H, a, W . SEND Ž a, W, y, X w ax. for a g A do for b g A do SEND Ž a, W, b, Y w ax. SEND Ž b, Y w ax, y, Z w a, b x. < < g¤ A

¡

0,

Gy ¤

~

¢

1,

if there exist sets Q, R ; A of size < Q < s < R < s u g Ž 1 q « . r2 v such that for all sets Q* ; Q, R* ; R of size < Q* < s < R* < s u « g v , either Q* l R* / B and for all a g Q* l R*, X w a x s 0

or Q* l R* s B and otherwise.

 Ž a, b . g Q* = R*: Z w a, b x s 0 4 ) u « g v 2r2

The following lemma shows that the procedure TRANSMIT achieves correct transmission between nodes x and y, with arbitrarily high probability, for a sufficiently large set A of intermediary nodes. Intuitively, Q is the set of nodes in A that receive correctly from x and R is the set of nodes in A that send correctly to y. If Q and R are chosen wrongly, this should be revealed by correct subsets Q* and R*. As the size of A increases, so does the probability that these sets have the sizes required in the condition computed by y. LEMMA 5.1. Let A be a set of size g and let x, y be distinct nodes outside of A. For e¨ ery link failure probability q - 12 and e¨ ery r - 1, the procedure

209

BROADCASTING WITH BYZANTINE LINK FAILURES

TRANSMIT Ž x, H, y, G, A. working for « s

1 2

y q satisfies

Pr Ž Gy s H x . ) r for sufficiently large g. Proof. Consider the following events. Ez Žfor z g  x, y4. }the event that at least u g Ž1 q « .r2v nodes in A are joined with node z by a fault-free link; FQ*, R* Žfor disjoint sets of nodes Q*, R* of size u « g v. }the event that the number of fault-free links joining nodes ¨ g Q* with nodes w g R* exceeds u « g v 2r2. By Proposition 2.2.b, taking d s «rŽ1 q 2 « ., Pr Ž Ez . G 1 y eyd

2

Ž1r2q « . g r2

s 1 y eyg «

2

rŽ4 q8 « .

.

The same lemma with d s 2 «rŽ1 q 2 « . implies that Pr Ž FQ*, R* . G 1 y eyd

2

Ž1r2q « .u « g v 2 r2

G 1 y eyg

2

« 4 rŽ1 q2 « .

.

Let E s Ex l E y

and

F s F  FQ*, R* : Q* l R* s B, < Q* < s < R* < s u « g v 4 . Hence Pr Ž E . G 1 y 2 eyg «

2

rŽ4 q8 « .

and Pr Ž F . G 1 y

g

g

u«gv

u«gv

ž /ž /

eyg

2

« 4 rŽ1q2 « .

.

Both PrŽ E . and PrŽ F . converge to 1 as g ª `; hence, for sufficiently large g, Pr Ž E l F . ) r . It is now sufficient to prove that if E l F holds then Gy s H x . Suppose that E l F holds. First let H x s 0. Let Q be a set of size u g Ž1 q « .r2v of nodes in A joined by fault-free links with x and let R be a set of size u g Ž1 q « .r2v of nodes in A joined by fault-free links with y. Such sets exist in view of E. Let Q* ; Q and R* ; R be any sets of size u « g v. If Q* l R* / B then, for all a g Q* l R*, links x]a and a]y are fault free,

210

BERMAN, DIKS, AND PELC

which implies that X w ax s 0. If Q* l R* s B, event F implies that the majority of links a]b, such that a g Q* and b g R*, are fault-free. Consequently, for the majority of pairs Ž a, b . g Q* = R*, all links x]a, a]b, b]y are fault-free and thus Z w a, b x s 0. According to the definition of Gy , this implies that Gy s 0. Next, suppose that H x s 1. Take any pair of sets Q, R ; A of size < Q < s < R < s u g Ž1 q « .r2v. Define Q9 to be a set of size u g Ž1 q « .r2v of nodes in A joined by fault-free links with x and R9 to be a set of size u g Ž1 q « .r2v of nodes in A joined by fault-free links with y. The existence of Q9 and R9 is again guaranteed by the event E. Thus < Q l Q9 < G u « g v and < R l R9 < G u « g v. Choose Q* ; Q l Q9 and R* ; R l R9 such that < Q* < s < R* < s u « g v. If Q* l R* / B and a g Q* l R* then links x]a and a]y are fault free; hence X w ax s 1. If Q* l R* s B then, in view of the event F, the majority of links a]b, for Ž a, b . g Q* = R* are fault-free. Consequently, for the majority of pairs Ž a, b . g Q* = R*, all links x]a, a]b, b]y are fault-free, which implies Z w a, b x s 1. It follows that the criterion for Gy s 0 is not satisfied and hence Gy s 1. Hence, in any case, Gy s H x . In view of the previous remarks, this concludes the proof of our main result. THEOREM 5.2. For e¨ ery link failure probability q - 12 , broadcasting for n nodes can be achie¨ ed in time O Žlog n. with probability of correctness exceeding 1 y 1rn, for sufficiently large n. It should be noticed that the order of magnitude O Žlog n. of execution time cannot be improved, since broadcasting requires time ulog n v even without faults. On the other hand, the assumption q - 12 is necessary: for q G 12 , at least one-half of all links incident to the source are faulty, with high probability, which precludes any reliable broadcasting for Byzantine faults. Let us finally observe that our broadcasting algorithm is also supported by some fairly sparse networks, indeed networks of logarithmic degree. The network obtained from the tree T of groups by joining every node of a group S to all other nodes in S and to all nodes in children of S, has logarithmic degree and supports our algorithm. The same network can indeed be used to broadcast from any node Žnot necessarily the source s .. In this case a preprocessing stage is needed. As in the algorithm BROADCAST, information is first sent to s along a branch of T. Then the algorithm BROADCAST is performed.

BROADCASTING WITH BYZANTINE LINK FAILURES

211

REFERENCES 1. S. Assaf and E. Upfal, Fault-tolerant sorting networks, SIAM J. Discrete Math. 4 Ž1991., 472]480. 2. K. A. Berman and M. Hawrylycz, Telephone problems with failures, SIAM J. Algebra Discrete Methods 7 Ž1986., 13]17. 3. P. Berman and A. Pelc, ‘‘Efficient Broadcasting and Gossiping with Byzantine Link Failures,’’ Rapport de Recherche RR 92r11-11, Universite ´ du Quebec ´ `a Hull, 1992. 4. D. Bienstock, Broadcasting with random faults, Discrete Appl. Math. 20 Ž1988., 1]7. 5. D. M. Blough and A. Pelc, Optimal communication in networks with randomly distributed Byzantine faults, Networks 23 Ž1993., 691]701. 6. B. S. Chlebus, K. Diks, and A. Pelc, Sparse networks supporting efficient reliable broadcasting, in Proceedings ICALP-93, Lecture Notes in Computer Science, Vol. 700, 388]397, Springer-Verlag, BerlinrNew York. 7. B. S. Chlebus, K. Diks and A. Pelc, Optimal broadcasting in faulty hypercubes, in ‘‘Digest of Papers, FTCS-21,’’ 1991, pp. 266]273. 8. K. Diks and A. Pelc, Reliable gossip schemes with random link failures, in ‘‘Proceedings 28th Annual Allerton Conference on Communication, Control and Computation, 1990,’’ pp. 978]987. 9. K. Diks and A. Pelc, Almost safe gossiping in bounded degree networks, SIAM J. Discrete Math. 5 Ž1992., 338]344. 10. U. Feige, D. Peleg, P. Raghavan, and E. Upfal, Randomized broadcast in networks, Random Structures Algorithms 1 Ž1990., 447]460. 11. L. Gargano, Tighter time bounds on fault-tolerant broadcasting and gossiping, Networks 22 Ž1992., 469]486. 12. L. Gargano and U. Vaccaro, Minimum time broadcast networks tolerating a logarithmic number of faults, SIAM J. Discrete Math. 5 Ž1992., 178]198. 13. R. W. Haddad, S. Roy, and A. A. Schaffer, On gossiping with faulty telephone lines, SIAM J. Algebraic Discrete Methods 8 Ž1987., 439]445. 14. T. Hagerup and C. Rub, A guided tour of Chernoff bounds, Inform. Process. Lett. 33 Ž1989r1990., 305]308. 15. S. M. Hedetniemi, S. T. Hedetniemi, and A. L. Liestman, A survey of gossiping and broadcasting in communication networks, Networks 18 Ž1988., 319]349. 16. A. Lubotzky, R. Phillips, and P. Sarnak, Explicit expanders and the Ramanujan conjectures, in ‘‘Proceedings 18th Annual ACM Symposium on Theory of Computing, 1986,’’ pp. 240]246. 17. A. Pelc, Reliable communication in networks with Byzantine link failures, Networks, 22 Ž1992., 441]459. 18. E. R. Scheinerman and J. C. Wierman, Optimal and near-optimal broadcast in random graphs, Discrete Appl. Math. 25 Ž1989., 289]297.