1 \documentclass[11pt]{article}
\r
2 \newcommand{\tuple}[1]{\ensuremath \langle #1 \rangle}
\r
6 \usepackage{graphicx}
\r
7 \usepackage{mathrsfs}
\r
8 \usepackage{algpseudocode}% http://ctan.org/pkg/algorithmicx
\r
10 \newtheorem{theorem}{Theorem}
\r
11 \newtheorem{prop}{Proposition}
\r
12 \newtheorem{lem}{Lemma}
\r
13 \newtheorem{defn}{Definition}
\r
14 \newcommand{\note}[1]{{\color{red} \bf [[#1]]}}
\r
15 \newcommand{\push}[1][1]{\hskip\dimexpr #1\algorithmicindent\relax}
\r
21 Each device has: user id + password
\r
24 hash1(user id), hash1(password)
\r
26 Symmetric Crypto keys is:
\r
27 hash2(user id | password)
\r
29 Server has finite length queue of entries + max\_entry\_identifier +
\r
32 \subsection{Entry layout}
\r
35 \item Sequence identifier
\r
36 \item Random IV (if needed by crypto algorithm)
\r
37 \item Encrypted payload
\r
42 \item Sequence identifier
\r
43 \item Machine id (most probably something like a 64-bit random number
\r
44 that is self-generated by client)
\r
45 \item HMAC of previous slot
\r
47 \item HMAC of current slot
\r
50 A data entry can be one of these:
\r
52 \item All or part of a Key-value entry
\r
53 \item Slot sequence entry: Machine id + last message identifier
\r
54 \newline {The purpose of this is to keep the record of the last slot
\r
55 from a certain client if a client's update has to expunge that other
\r
56 client's last entry from the queue. This is kept in the slot until
\r
57 the entry owner inserts a newer update into the queue.}
\r
58 \item Queue state entry: Includes queue size \newline {The purpose
\r
59 of this is for the client to tell if the server lies about the number
\r
60 of slots in the queue, e.g. if there are 2 queue state entry in the queue,
\r
61 e.g. 50 and 70, the client knows that when it sees 50, it should expect
\r
62 at most 50 slots in the queue and after it sees 70, it should expect
\r
63 50 slots before that queue state entry slot 50 and at most 70 slots.
\r
64 The queue state entry slot 70 is counted as slot number 51 in the queue.}
\r
65 \item Collision resolution entry: message identifier + machine id of a
\r
67 \newline {The purpose of this is to keep keep track of the winner of
\r
68 all the collisions until all clients have seen the particular entry.}
\r
71 \subsection{Live status}
\r
73 Live status of entries:
\r
75 \item Key-Value Entry is dead if either (a) there is a newer key-value pair or (b) it is incomplete.
\r
77 \item Slot sequence number (of either a message version data
\r
78 or user-level data) is dead if there is a newer slot from the same machine.
\r
80 \item Queue state entry is dead if there is a newer queue state entry.
\r
81 {In the case of queue state entries 50 and 70, this means that queue state
\r
82 entry 50 is dead and 70 is live. However, not until the number of slots reaches
\r
83 70 that queue state entry 50 will be expunged from the queue.}
\r
85 \item Collision resolution entry is dead if this entry has been seen
\r
86 by all clients after a collision happens.
\r
89 When data is at the end of the queue ready to expunge, if:
\r
91 \item The key-value entry is not dead, it must be reinserted at the
\r
92 beginning of the queue.
\r
94 \item If the slot sequence number is not dead, then a message sequence
\r
95 entry must be inserted.
\r
97 \item If the queue state entry is not dead, it must be reinserted at the
\r
98 beginning of the queue.
\r
103 Client sends a sequence number. Server replies with either: all data
\r
104 entries or all newer data entries.
\r
106 \paragraph{Writes:}
\r
107 Client sends slot, server verifies that sequence number is valid,
\r
108 checks entry hash, and replies with an accept message if all checks
\r
109 pass. On success, client updates its sequence number. On failure,
\r
110 server sends updates slots to client and client validates those slots.
\r
112 \paragraph{Local state on each client:}
\r
113 A list of machines and the corresponding latest sequence numbers.
\r
115 \paragraph{Validation procedure on client:}
\r
117 \item Decrypt each new slot in order.
\r
118 \item For each slot:
\r
119 (a) check its HMAC, and
\r
120 (b) check that the previous entry HMAC field matches the previous
\r
122 \item Check that the last-message entry for our machine matches the stored HMAC of our last message sent.
\r
123 \item For all other machines, check that the latest sequence number is
\r
124 at least as large (never goes backwards).
\r
125 \item That the queue has a current queue state entry.
\r
126 \item That the number of entries received is consistent with the size
\r
127 specified in the queue state entry.
\r
130 Key-value entries can span multiple slots. They aren't valid until
\r
133 \subsection{Resizing Queue}
\r
134 Client can make a request to resize the queue. This is done as a write that combines:
\r
135 (a) a slot with the message, and (b) a request to the server. The queue can only be expanded, never contracted; attempting to decrease the size of the queue will cause future clients to throw an error.
\r
137 \subsection{Server Algorithm}
\r
138 $s \in SN$ is a sequence number\\
\r
139 $sv \in SV$ is a slot's value\\
\r
140 $slot_s = \tuple{s, sv} \in SL \subseteq SN \times SV$ \\ \\
\r
142 \textit{SL = set of live slots on server} \\
\r
143 \textit{max = maximum number of slots (input only for resize message)} \\
\r
144 \textit{n = number of slots} \\ \\
\r
145 \textbf{Helper Function} \\
\r
146 $MaxSlot(SL_s)= \tuple{s, sv} \mid \tuple{s, sv}
\r
147 \in SL_s \wedge \forall \tuple{s_s, sv_s} \in SL_s, s \geq s_s$ \\
\r
148 $MinSlot(SL_s)= \tuple{s, sv} \mid \tuple{s, sv}
\r
149 \in SL_s \wedge \forall \tuple{s_s, sv_s} \in SL_s, s \leq s_s$ \\
\r
150 $SeqN(\tuple{s, sv})=s$ \\
\r
151 $SlotVal(\tuple{s, sv})=sv$ \\
\r
153 \begin{algorithmic}[1]
\r
154 \Function{GetSlot}{$s_g$}
\r
155 \State \Return{$\{\tuple{s, sv} \in SL \mid s \geq s_g\}$}
\r
159 \begin{algorithmic}[1]
\r
160 \Function{PutSlot}{$s_p,sv_p,max'$}
\r
161 \If{$(max' \neq \emptyset)$} \Comment{Resize}
\r
162 \State $max \gets max'$
\r
164 \State $\tuple{s_n,sv_n} \gets MaxSlot(SL)$\Comment{Last sv}
\r
165 \State $s_n \gets SeqN(\tuple{s_n,sv_n})$
\r
166 \If{$(s_p = s_n + 1)$}
\r
168 \State $\tuple{s_m,sv_m} \gets MinSlot(SL)$\Comment{First sv}
\r
169 \State $SL \gets SL - \{\tuple{s_m,sv_m}\}$
\r
170 \Else \Comment{$n < max$}
\r
171 \State $n \gets n + 1$
\r
173 \State $SL \gets SL \cup \{\tuple{s_p,sv_p}\}$
\r
174 \State \Return{$(true,\emptyset)$}
\r
176 \State \Return{$(false,\{\tuple{s,sv}\in SL \mid
\r
182 \subsection{Client Algorithm}
\r
183 \subsubsection{Reading Slots}
\r
184 \textbf{Data Entry} \\
\r
185 $de$ is a data entry \\
\r
186 $k$ is key of entry \\
\r
187 $v$ is value of entry \\
\r
188 $kv$ is a key-value entry $\tuple{k,v}$, $kv \in DE$ \\
\r
189 $ss$ is a slot sequence entry $\tuple{id,s_{last}}$,
\r
190 id + last s of a machine, $ss \in DE$ \\
\r
191 $qs$ is a queue state entry (contains $max$ size of queue), $qs \in DE$ \\
\r
192 $cr$ is a collision resolution entry $\tuple{s_{col},id_{col}}$,
\r
193 s + id of a machine that wins a collision, $cr \in DE$ \\
\r
194 $DE$ is a set of all data entries, possibly of different types, in a single message \\
\r
195 $s \in SN$ is a sequence number \\
\r
196 $id$ is a machine ID\\
\r
197 $hmac_p$ is the HMAC value of the previous slot \\
\r
198 $hmac_c$ is the HMAC value of the current slot \\
\r
199 $Dat_s = \tuple{s,id,hmac_p,DE,hmac_c}$ \\
\r
200 $sv_s = \tuple{s, E(Dat_s)} =
\r
201 \tuple{s, E(\tuple{s,id,hmac_p,DE,hmac_c})}$ \\ \\
\r
204 \textit{$id_{self}$ = machine Id of this client} \\
\r
205 \textit{$max_g$ = maximum number of slots (initially $max_g > 0$)} \\
\r
206 \textit{m = number of slots stored on client (initially $m = 0$)} \\
\r
207 \textit{$sl_{last}$ = info of last slot in queue =
\r
208 $\tuple{s_{last},sv_{last},id_{last}}$ (initially $\emptyset$)} \\
\r
209 \textit{DT = set of $\tuple{k,v}$ on client} \\
\r
210 \textit{MS = associative array of $\tuple{id, s_{last}}$ of all clients on client
\r
211 (initially empty)} \\
\r
212 \textit{$MS_g$ = set MS to save all $\tuple{id, s_{last}}$ pairs while
\r
213 traversing DT after a request to server (initially empty)} \\
\r
214 \textit{SK = Secret Key} \\
\r
215 \textit{$SM$ = associative array of $\tuple{s, id}$ of all slots in a previous read
\r
216 (initially empty)} \\ \\
\r
218 \textbf{Helper Functions} \\
\r
219 $MaxSlot(SL_s)= \tuple{s, sv}$ \textit{such that} $\tuple{s, sv}
\r
220 \in SL_s \wedge \forall \tuple{s_s, sv_s} \in SL_s, s \geq s_s$ \\
\r
221 $MinSlot(SL_s)= \tuple{s, sv}$ \textit{such that} $\tuple{s, sv}
\r
222 \in SL_s \wedge \forall \tuple{s_s, sv_s} \in SL_s, s \leq s_s$ \\
\r
223 $Slot(SL_s,s_s)= \tuple{s, sv}$ \textit{such that} $\tuple{s, sv}
\r
224 \in SL_s \wedge \forall \tuple{s_s, sv_s} \in SL_s, s = s_s$ \\
\r
225 $SeqN(\tuple{s, sv})=s$ \\
\r
226 $SlotVal(\tuple{s, sv})=sv$ \\
\r
227 $CreateLastSL(s,sv,id)=\tuple{s,sv,id}=sl_{last}$ \\
\r
228 $Decrypt(SK_s,sv_s)=Dat_s=\tuple{s,id,hmac_p,DE,hmac_c}$ \\
\r
229 $GetSeqN(Dat_s = \tuple{s,id,hmac_p,DE,hmac_c})=s$ \\
\r
230 $GetMacId(Dat_s = \tuple{s,id,hmac_p,DE,hmac_c})=id$ \\
\r
231 $GetPrevHmac(Dat_s = \tuple{s,id,hmac_p,DE,hmac_c})=hmac_p$ \\
\r
232 $GetCurrHmac(Dat_s = \tuple{s,id,hmac_p,DE,hmac_c})=hmac_c$ \\
\r
233 $GetDatEnt(Dat_s = \tuple{s,id,hmac_p,DE,hmac_c})=DE$ \\
\r
234 $GetKV($key-value data entry$)=\tuple{k_s,v_s}$ \\
\r
235 $GetSS($slot-sequence data entry$)=\tuple{id,s_{last}}$ \\
\r
236 $GetQS($queue-state data entry$)=qs_s$ \\
\r
237 $GetCR($collision-resolution data entry$)=\tuple{s_s,id_s}$ \\
\r
238 $GetS(\tuple{s, id})=s$ \\
\r
239 $GetId(\tuple{s, id})=id$ \\
\r
240 $GetKey(\tuple{k, v})=k$ \\
\r
241 $GetVal(\tuple{k, v})=v$ \\
\r
242 $GetKeyVal(DT_s,k_s)= \tuple{k, v}$ \textit{such that} $\tuple{k, v}
\r
243 \in DT_s \wedge \forall \tuple{k_s, v_s} \in DT_s, k = k_s$ \\
\r
244 $MaxLastSeqN(MS_s)= s_{last}$ \textit{such that} $\tuple{id, s_{last}} \in MS_s
\r
245 \wedge \forall \tuple{id_s, s_{s_{last}}} \in MS_s, s_{last} \geq s_{s_{last}}$ \\
\r
246 $MinLastSeqN(MS_s)= s_{last}$ \textit{such that} $\tuple{id, s_{last}} \in MS_s
\r
247 \wedge \forall \tuple{id_s, s_{s_{last}}} \in MS_s, s_{last} \leq s_{s_{last}}$ \\
\r
249 \begin{algorithmic}[1]
\r
250 \Procedure{Error}{$msg$}
\r
251 \State $Print(msg)$
\r
256 \begin{algorithmic}[1]
\r
257 \Function{ValidHmac}{$DE_s,SK_s,hmac_{stored}$}
\r
258 \State $hmac_{computed} \gets Hmac(DE_s,SK_s)$
\r
259 \State \Return {$hmac_{stored} = hmac_{computed}$}
\r
263 \begin{algorithmic}[1]
\r
264 \Function{ValidPrevHmac}{$s_s,DE_s,hmac_{p_s},hmac_{p_{sto}}$}
\r
265 \If{$s_s = 0 \land hmac_{p_s} = \emptyset$}\Comment{First slot - no previous HMAC}
\r
266 \State \Return $true$
\r
268 \State \Return {$hmac_{p_{sto}} = hmac_{p_s}$}
\r
273 \begin{algorithmic}[1]
\r
274 \Function{GetQueSta}{$Dat_s$}
\r
275 \State $DE_s \gets GetDatEnt(DE_s)$
\r
276 \State $de_{qs} \gets de_s$ \textit{such that} $de_s \in DE_s,
\r
277 de_s \in D \land de_s = qs$
\r
278 \If{$de_{qs} \neq \emptyset$}
\r
279 \State $qs_{ret} \gets GetQS(de_{qs})$
\r
281 \State $qs_{ret} \gets \emptyset$
\r
283 \State \Return{$qs_{ret}$}
\r
287 \begin{algorithmic}[1]
\r
288 \Function{GetSlotSeq}{$Dat_s$}
\r
289 \State $DE_s \gets GetDatEnt(Dat_s)$
\r
290 \State $de_{ss} \gets de_s$ \textit{such that} $de_s \in DE_s,
\r
291 de_s \in D \land de_s = ss$
\r
292 \If{$de_{ss} \neq \emptyset$}
\r
293 \State $\tuple{id_{ret},s_{last_{ret}}} \gets GetSS(de_{ss})$
\r
295 \State $\tuple{id_{ret},s_{last_{ret}}} \gets \emptyset$
\r
297 \State \Return{$\tuple{id_{ret},s_{last_{ret}}}$}
\r
301 \begin{algorithmic}[1]
\r
302 \Function{GetColRes}{$Dat_s$} %\Comment{At most 2 $cr$ entries in a slot}
\r
303 \State $DE_s \gets GetDatEnt(Dat_s)$
\r
304 \State $de_{cr} \gets de_s$ \textit{such that} $de_s \in DE_s,
\r
305 de_s \in D \land de_s = cr$
\r
306 \If{$de_{cr} \neq \emptyset$}
\r
307 \State $\tuple{s_{ret},id_{ret}} \gets GetCR(de_{cr})$
\r
309 \State $\tuple{s_{ret},id_{ret}}
\r
312 %\State $de_{r_{cr}} \gets de_s$ \textit{such that} $de_s \in DE_s,
\r
313 % de_s \in D \land de_s = cr \land de_s \neq de_{cr}$
\r
314 %\If{$de_{r_{cr}} \neq \emptyset$}
\r
315 % \State $\tuple{s_{r_{ret}},id_{r_{ret}}} \gets GetCR(de_{r_{cr}})$
\r
317 % \State $\tuple{s_{r_{ret}},id_{r_{ret}}}
\r
320 %\State \Return{$\{\tuple{s_{ret},id_{ret}},\tuple{s_{r_{ret}},id_{r_{ret}}}\}$}
\r
321 \State \Return{$\{\tuple{s_{ret},id_{ret}}\}$}
\r
325 \begin{algorithmic}[1]
\r
326 \Function{UpdateLastSeqN}{$id_s,s_s,MS_s$}
\r
327 \State $s_t \gets MS_s[id_s]$
\r
328 \If{$s_t = \emptyset$}
\r
329 \State $MS_s[id_s] = s_s$ \Comment{First occurrence}
\r
331 \State $MS_S[id_s] \gets max(s_t, s_s)$
\r
333 \State \Return{$MS_s$}
\r
337 \begin{algorithmic}[1]
\r
338 \Procedure{CheckLastSeqN}{$MS_s,MS_t$}\Comment{Check $MS_t$ based on the newer $MS_s$}
\r
339 \For {$\tuple{id, s_t}$ in $MS_t$}
\r
340 \State $s_s \gets MS_s[id]$
\r
341 \If{$s_s = \emptyset$}
\r
342 \Call{Error}{'No $s$ for machine $id$'}
\r
343 \ElsIf{$id = id_{self}$ and $s_s \neq s_t$}
\r
344 \State \Call{Error}{'Invalid last $s$ for this machine'}
\r
345 \ElsIf{$id \neq id_{self}$ and $s_{s_{last}} < s_{t_{last}}$}
\r
346 \State \Call{Error}{'Invalid last $s$ for machine $id$'}
\r
348 \State $MS_t[id] \gets s_s$
\r
354 \begin{algorithmic}[1]
\r
355 \Procedure{CheckCollision}{$MS_s,SM_s,\tuple{s_s,id_s}$}
\r
356 \If{$\tuple{s_s,id_s} \neq \emptyset$}
\r
357 \State $s_s \gets GetS(\tuple{s_s,id_s})$
\r
358 \State $id_s \gets GetId(\tuple{s_s,id_s})$
\r
359 \State $s_{s_{last}} \gets GetLastSeqN(MS_s,id_s)$
\r
360 \If{$s_{s_{last}} < s_s$}
\r
361 \State $\Call{CheckColRes}{SM_s,\tuple{s_s,id_s}}$
\r
367 \begin{algorithmic}[1]
\r
368 \Procedure{CheckColRes}{$SM_s,\tuple{s_t,id_t}$}\Comment{Check $id_s$ in $SM_s$}
\r
369 \State $id_s \gets SM_s[s_t]$
\r
370 \If{$id_s \neq id_t$}
\r
371 \State \Call{Error}{'Invalid $id_s$ for this slot update'}
\r
376 \begin{algorithmic}[1]
\r
377 \Function{StoreLastSlot}{$MS_s,sl_l,s_s,sv_s,id_s$}
\r
378 \State $s_{min} \gets MinLastSeqN(MS_s)$
\r
379 \If{$s_{min} \neq \emptyset \land s_{min} = s_s$}\Comment{$MS$ initially empty}
\r
380 \State $sl_l \gets CreateLastSL(s_s,sv_s,id_s)$
\r
382 \State \Return{$sl_l$}
\r
386 \begin{algorithmic}[1]
\r
387 \Function{UpdateDT}{$DT_s,Dat_s$}
\r
388 \State $DE_s \gets GetDatEnt(Dat_s)$
\r
389 \ForAll{$de_s \in DE_s$}
\r
390 \If{$de_s$ \textit{such that} $de_s \in D \land de_s = kv$}
\r
391 \State $\tuple{k_s,v_s} \gets GetKV(de_s)$
\r
392 \State $\tuple{k_s,v_t} \gets GetKeyVal(DT_s,k_s)$
\r
393 \If{$\tuple{k_s,v_t} = \emptyset$}
\r
394 \State $DT_s \gets DT_s \cup \{\tuple{k_s,v_s}\}$
\r
396 \State $DT_s \gets (DT_s - \{\tuple{k_s,v_t}\}) \cup
\r
397 \{\tuple{k_s,v_s}\}$
\r
401 \State \Return{$DT_s$}
\r
405 \begin{algorithmic}[1]
\r
406 \Procedure{ProcessSL}{$SL_g$}
\r
407 \State $MS_g \gets \emptyset$
\r
408 \State $SM_{curr} \gets \emptyset$
\r
409 \State $\tuple{s_{g_{max}},sv_{g_{max}}} \gets MaxSlot(SL_g)$
\r
410 \State $\tuple{s_{g_{min}},sv_{g_{min}}} \gets MinSlot(SL_g)$
\r
411 \For{$s_g \gets s_{g_{min}}$ \textbf{to} $s_{g_{max}}$}\Comment{Process slots
\r
412 in $SL_g$ in order}
\r
413 \State $\tuple{s_g,sv_g} \gets Slot(SL_g,s_g)$
\r
414 \State $SM_{curr} \gets SM_{curr} \cup \{\tuple{s_g,sv_g}\}$
\r
415 \State $Dat_g \gets Decrypt(SK,sv_g)$
\r
416 \State $s_{g_{in}} \gets GetSeqN(Dat_g)$
\r
417 \If{$s_g \neq s_{g_{in}}$}
\r
418 \State \Call{Error}{'Invalid sequence number'}
\r
420 \State $DE_g \gets GetDatEnt(Dat_g)$
\r
421 \State $hmac_{p_{stored}} \gets GetPrevHmac(Dat_g)$
\r
422 \If{$\neg \Call{ValidPrevHmac}{s_g,DE_g,hmac_{p_g},hmac_{p_{stored}}}$}
\r
423 \State \Call{ReportError}{'Invalid previous HMAC value'}
\r
425 \State $hmac_{c_g} \gets GetCurrHmac(Dat_g)$
\r
426 \If{$\neg \Call{ValidHmac}{DE_g,SK,hmac_{c_g}}$}
\r
427 \State \Call{Error}{'Invalid current HMAC value'}
\r
429 \State $hmac_{p_g} \gets Hmac(DE_g,SK)$\Comment{Update $hmac_{p_g}$ for next check}
\r
430 \State $qs_g \gets \Call{GetQueSta}{Dat_g}$\Comment{Handle qs}
\r
431 \If{$qs_g \neq \emptyset \land qs_g > max_g$}
\r
432 \State $max_g \gets qs_g$
\r
434 %Check for last s in Dat
\r
435 \State $id_g \gets GetMacId(Dat_g)$\Comment{Handle last s}
\r
436 \State $MS_g \gets \Call{UpdateLastSeqN}{id_g,s_g,MS_g}$
\r
437 %Check for last s in DE in Dat
\r
438 \State $\tuple{id_d,s_{d_{last}}} \gets \Call{GetSlotSeq}{Dat_g}$\Comment{Handle ss}
\r
439 \If{$\tuple{id_d,s_{d_{last}}} \neq \emptyset$}
\r
440 \State $MS_g \gets \Call{UpdateLastSeqN}{id_d,s_{d_{last}},MS_g}$
\r
442 %\State $\{\tuple{s_e,id_e},\tuple{s_f,id_f}\} \gets
\r
443 % \Call{GetColRes}{Dat_g}$\Comment{Handle cr}
\r
444 \State $\{\tuple{s_e,id_e}\} \gets \Call{GetColRes}{Dat_g}$\Comment{Handle cr}
\r
445 \State $\Call{CheckCollision}{MS,SM,\tuple{s_e,id_e}}$\Comment{From normal slot}
\r
446 %\State $\Call{CheckCollision}{MS,SM,\tuple{s_f,id_f}}$\Comment{From reinsertion}
\r
447 \State $sl_{last} \gets \Call{StoreLastSlot}{MS,sl_{last},s_g,sv_g,id_g}$
\r
448 \State $DT \gets \Call{UpdateDT}{DT,Dat_g}$
\r
450 \State $SM \gets SM_{curr}$
\r
451 \If{$m + |SL_g| \leq max_g$}\Comment{Check actual size against $max_g$}
\r
452 \State $m \gets m + |SL_g|$
\r
454 \State \Call{Error}{'Actual queue size exceeds $max_g$'}
\r
456 \State $\Call{CheckLastSeqN}{MS_g,MS}$
\r
460 \begin{algorithmic}[1]
\r
461 \Procedure{GetKVPairs}{}
\r
462 \State $s_g \gets GetLastSeqN(MS,id_{self}) + 1$
\r
463 \State $SL_c \gets \Call{GetSlot}{s_g}$
\r
464 \State $\Call{ProcessSL}{SL_c}$\Comment{Process slots and update DT}
\r
468 \begin{algorithmic}[1]
\r
469 \Function{GetValFromKey}{$k_g$}
\r
470 \State $\tuple{k_s,v_s} \gets \tuple{k,v}$ \textit{such that} $\tuple{k,v}
\r
471 \in DT \land k = k_g$
\r
472 \State \Return{$v_s$}
\r
476 \subsubsection{Writing Slots}
\r
477 \textbf{Data Entry} \\
\r
478 $k$ is key of entry \\
\r
479 $v$ is value of entry \\
\r
480 $kv$ is a key-value entry $\tuple{k,v}$\\
\r
481 $D = \{kv,ss,qs,cr\}$ \\
\r
482 $DE = \{de \mid de \in D\}$ \\
\r
483 $Dat_s = \tuple{s,id,hmac_p,DE,hmac_c}$ \\
\r
484 $sv_s = \tuple{s, E(Dat_s)} =
\r
485 \tuple{s, E(\tuple{s,id,hmac_p,DE,hmac_c})}$ \\ \\
\r
487 \textit{$cp$ = data entry $DE$ maximum size/capacity} \\
\r
488 \textit{$cr_p$ = saved cr entry $\tuple{s,id}$ on client if there is a collision
\r
489 (sent in the following slot)} \\
\r
490 \textit{$cr_{p_{last}}$ = saved cr entry $\tuple{s,id}$ on client if there is a
\r
491 collision in reinserting the last slot (sent in the following slot)} \\
\r
492 \textit{$ck_p$ = counter of $kv \in KV$ for putting pairs (initially 0)} \\
\r
493 \textit{$ck_g$ = counter of $kv \in KV$ for getting pairs (initially 0)} \\
\r
494 \textit{$hmac_{c_p}$ = the HMAC value of the current slot} \\
\r
495 \textit{$hmac_{p_p}$ = the HMAC value of the previous slot
\r
496 ($hmac_{p_p} = \emptyset$ for the first slot)} \\
\r
497 \textit{$id_{self}$ = machine Id of this client} \\
\r
498 \textit{$sl_{last}$ = info of last slot in queue =
\r
499 $\tuple{s_{last},sv_{last},id_{last}}$ (initially $\emptyset$)} \\
\r
500 \textit{$th_p$ = threshold number of dead slots for a resize to happen} \\
\r
501 \textit{$m'_p$ = offset added to $max$ for resize} \\
\r
502 \textit{$KV$ = set of $\tuple{ck, \tuple{k,v}}$ of kv entries on client} \\
\r
503 \textit{$SL_p$ = set of returned slots on client} \\
\r
504 \textit{SK = Secret Key} \\ \\
\r
505 \textbf{Helper Functions} \\
\r
506 $CreateDat(s,id,hmac_p,DE,hmac_c)=Dat_s=\tuple{s,id,hmac_p,DE,hmac_c}$ \\
\r
507 $CreateCR(s,id)=\tuple{s,id}$ \\
\r
508 $CreateQS(max')=qs$ \\
\r
509 $CreateSS(id,s_{last})=\tuple{id,s_{last}}$ \\
\r
510 $Encrypt(Dat_s,SK_s)=sv_s$ \\
\r
511 $GetStatus(\tuple{status,SL})=status$ \\
\r
512 $GetSL(\tuple{status,SL})=SL$ \\
\r
513 $GetLastS(sl = \tuple{s,sv,id})=s$ \\
\r
514 $GetSV(sl = \tuple{s,sv,id})=sv$ \\
\r
515 $GetID(sl = \tuple{s,sv,id})=id$ \\
\r
516 $GetColSeqN(SL_s,s_s)= \tuple{s, sv}$ \textit{such that} $\tuple{s, sv}
\r
517 \in SL_s \wedge \forall \tuple{s_s, sv_s} \in SL_s, s = s_s$ \\
\r
518 $GetKV(KV_s,k_s)= \tuple{ck,\tuple{k, v}}$ \textit{such that}
\r
519 $\tuple{ck,\tuple{k, v}} \in KV_s \wedge
\r
520 \forall \tuple{ck_s,\tuple{k_s, v_s}} \in KV_s, k = k_s$ \\
\r
522 \begin{algorithmic}[1]
\r
523 \Function{PutKVPair}{$\tuple{k_s,v_s}$}
\r
524 \State $\tuple{ck_s,\tuple{k_s,v_t}} \gets GetKV(KV,k_s)$
\r
525 \If{$\tuple{ck_s,\tuple{k_s,v_t}} = \emptyset$}
\r
526 \State $KV \gets KV \cup \{\tuple{ck_p, \tuple{k_s,v_s}}\}$
\r
527 \State $ck_p \gets ck_p + 1$
\r
529 \State $KV \gets (KV - \{\tuple{ck_s, \tuple{k_s,v_t}}\}) \cup
\r
530 \{\tuple{ck_s, \tuple{k_s,v_s}}\}$
\r
532 \State \Return{$KV_s$}
\r
536 \begin{algorithmic}[1]
\r
537 \Function{CheckResize}{$MS_s,th_s,max'_t,m'_s$}
\r
538 \State $s_{last_{min}} \gets MinLastSeqN(MS_s)$
\r
539 \State $s_{last_{max}} \gets MaxLastSeqN(MS_s)$
\r
540 \State $n_{live} \gets s_{last_{max}} - s_{last_{min}}$\Comment{Number of live slots}
\r
541 \State $n_{dead} \gets max'_t - n_{live}$
\r
542 \If{$n_{dead} \leq th_s$}
\r
543 \State $max'_s \gets max'_t + m'_s$
\r
545 \State $max'_s \gets \emptyset$
\r
547 \State \Return{$max'_s$}
\r
551 \begin{algorithmic}[1]
\r
552 \Function{CheckNeedSS}{$MS_s,max'_t$}\Comment{Check if $ss$ is needed}
\r
553 \State $s_{last_{min}} \gets MinLastSeqN(MS_s)$
\r
554 \State $s_{last_{max}} \gets MaxLastSeqN(MS_s)$
\r
555 \State $n_{live} \gets s_{last_{max}} - s_{last_{min}}$\Comment{Number of live slots}
\r
556 \State $n_{dead} \gets max'_t - n_{live}$
\r
557 \State \Return {$n_{dead} = 0$}
\r
561 \begin{algorithmic}[1]
\r
562 \Function{HandleCollision}{$SL_s$}
\r
563 \State $\tuple{s_{col},sv_{col}} \gets GetColSeqN(SL_s,s_s)$
\r
564 \State $Dat_{col} \gets Decrypt(SK,sv_{col})$
\r
565 \State $id_{col} \gets GetMacId(Dat_{col})$
\r
566 \State $\tuple{s_{col},id_{col}} \gets CreateCR(s_{col},id_{col})$
\r
567 \State $cr_s \gets \tuple{s_{col},id_{col}}$
\r
568 \State $\Call{ProcessSL}{SL_s}$
\r
569 \State \Return{$cr_s$}
\r
573 \begin{algorithmic}[1]
\r
574 \Function{ReinsertLastSlot}{$MS_s,SK_s,sl_{s_{last}},max'_s,hmac_{p_s}$}
\r
575 \State $s_s \gets MaxLastSeqN(MS_s)$
\r
576 \State $sv_s \gets GetSV(sl_{s_{last}})$
\r
577 \State $Dat_s \gets Decrypt(SK,sv_s)$
\r
578 \State $DE_s \gets GetDatEnt(Dat_s)$
\r
579 \State $hmac_{c_s} \gets Hmac(DE_s,SK_s)$
\r
580 \State $Dat_s \gets CreateDat(s_s,id_{self},hmac_{p_s},DE_p,hmac_{c_s})$
\r
581 \State $hmac_{p_s} \gets hmac_{c_s}$
\r
582 \State $\tuple{stat_s,SL_s} \gets \Call{PutSlot}{s_s,sv_s,max'_s}$
\r
583 \State $cr_s \gets \Call{HandleCollision}{\tuple{stat_s,SL_s}}$
\r
584 \State \Return{$\tuple{cr_s,hmac_{p_p}}$}
\r
587 \note{Shouldn't this function do something pretty sophisticated about seeing what data we actually need to keep from the last slot and not just insert the entire thing?}
\r
589 \begin{algorithmic}[1]
\r
590 \Function{AddSlotSeq}{$DE_s,sl_s,cp_s$}\Comment{Insert a $ss$}
\r
591 \State $DE_{ret} \gets \emptyset$
\r
592 \State $id_s \gets GetID(sl_s)$
\r
593 \State $s_{s_{last}} \gets GetLastS(sl_s)$
\r
594 \State $ss_s \gets CreateSS(id_s,s_{s_{last}})$
\r
595 \State $DE_{ret} \gets DE_s \cup ss_s$
\r
596 \State $cp_s \gets cp_s - 1$
\r
597 \State \Return{$\tuple{DE_{ret},cp_s}$}
\r
601 \begin{algorithmic}[1]
\r
602 \Function{AddQueSta}{$DE_s,max'_s,cp_s$}\Comment{Insert a $qs$}
\r
603 \State $DE_{ret} \gets \emptyset$
\r
604 \State $qs_s \gets max'_s$
\r
605 \State $DE_{ret} \gets DE_s \cup qs_s$
\r
606 \State $cp_s \gets cp_s - 1$
\r
607 \State \Return{$\tuple{DE_{ret},cp_s}$}
\r
611 \begin{algorithmic}[1]
\r
612 \Function{AddCollRes}{$DE_s,cr_p,cp_s$}\Comment{Insert a $cr$}
\r
613 \State $DE_{ret} \gets \emptyset$
\r
614 \State $DE_{ret} \gets DE_s \cup cr_p$
\r
615 \State $cp_s \gets cp_s - 1$
\r
616 \State \Return{$\tuple{DE_{ret},cp_s}$}
\r
620 \begin{algorithmic}[1]
\r
621 \Function{GetKVPairs}{$DE_s,KV_s,cp_s$}
\r
622 \State $DE_{ret} \gets \emptyset$
\r
623 \If{$|KV_s| \leq cp$}\Comment{$KV$ set can span multiple slots}
\r
624 \State $DE_{ret} \gets DE_s \cup
\r
625 \{\tuple{k_s,v_s} \mid \tuple{ck_s,\tuple{k_s,v_s}} \in KV_s\}$
\r
627 \State $DE_{ret} \gets DE_s \cup
\r
628 \{\tuple{k_s,v_s} \mid \tuple{ck_s,\tuple{k_s,v_s}} \in KV_s,
\r
629 ck_g \leq ck_s < ck_g + cp_s\}$
\r
631 \State \Return{$DE_{ret}$}
\r
635 \begin{algorithmic}[1]
\r
636 \Procedure{PutDataEntries}{$th_p,m'_p$}
\r
637 \State $success \gets false$
\r
638 \While{$\neg success$}
\r
639 \State $DE_p \gets \emptyset$
\r
640 \State $s_p \gets MaxLastSeqN(MS)$
\r
641 \State $cp_p \gets cp$
\r
642 \State $max'_p \gets \Call{CheckResize}{MS,th_p,max'_g,m'_p}$
\r
643 \If{$max'_p \neq \emptyset$}
\r
644 \State $\tuple{DE_p,cp_p} \gets \Call{AddQueueState}{DE_p,max'_p,cp_p}$\Comment{Add qs}
\r
646 \State $need_p \gets \Call{CheckNeedSS}{MS,max'_g}$
\r
648 \State $\tuple{DE_p,cp_p} \gets \Call{AddSlotSequence}{DE_p,sl_{last},cp_p}$\Comment{Add ss}
\r
650 \State $DE_p \gets \Call{GetKVPairs}{DE_p,KV,cp_p}$\Comment{Add kv pairs}
\r
651 \State $hmac_{c_p} \gets Hmac(DE_p,SK)$
\r
652 \State $Dat_p \gets CreateDat(s_p,id_{self},hmac_{p_p},DE_p,hmac_{c_p})$
\r
653 \State $hmac_{p_p} \gets hmac_{c_p}$
\r
654 \State $sv_p \gets Encrypt(Dat_p,SK)$
\r
655 \State $\tuple{stat_p,SL_p} \gets \Call{PutSlot}{s_p,sv_p,max'_p}$
\r
656 \State $success \gets stat_p$
\r
657 \If{$\neg success$}
\r
658 \State $cr_p \gets \Call{HandleCollision}{SL_p}$
\r
661 % \State $\tuple{cr_{p_{last}},hmac_{p_p}} \gets
\r
662 % \Call{ReinsertLastSlot}{MS,SK,sl_{last},max'_p,hmac_{p_p}}$
\r
665 \If{$|DE_p| = cp$}\Comment{Check and advance $ck_g$}
\r
666 \State $ck_g \gets ck_g + cp_s$\Comment{Middle of KV set}
\r
668 \State $ck_g \gets 0$\Comment{End of KV set}
\r
670 \State $MS \gets \Call{UpdateLastSeqN}{id_{self},s_p,MS}$
\r
674 \note{Lots of problems with PutDataEntries: (1) What happens if lose network connectivity after adding the key value pair, but before reinserting the last slot? You probably need to create space first and then insert your data entry... (2) What if reinsertlastslot kicks something else important out? What if the server rejects our update because it is out of date? At the very least, any putdataentries function w/o a loop is wrong!}
\r
676 \note{General comments... Work on structuring things to improve
\r
677 readability... This include names of functions/variables, how
\r
678 things are partitioned into functions, adding useful comments,...}
\r
680 \note{Also Missing liveness state definition in algorithm...}
\r
683 \subsection{Definitions for Formal Guarantees}
\r
686 \item Equality: Two messages $t$ and $u$ are equal if their sequence numbers, senders, and contents are exactly the same.
\r
687 \item Message: A message $t$, is the tuple $t = (i(t), s(t), contents(t))$ containing the sequence number, machine ID of the sender, and contents of $t$ respectively.
\r
688 \item Parent: A parent of a message $t$ is the message $A(t)$, unique by the correctness of HMACs, such that $HMAC_C(t) = HMAC_P(A(t))$.
\r
689 \item Partial message sequence: A partial message sequence is a sequence of messages, no two with the same sequence number, that can be divided into disjoint chains, where a chain of messages with length $n \ge 1$ is a message sequence $(t_i, t_{i+1}, ..., t_{i+n-1})$ such that for every index $i < k \le i+n-1$, $t_k$ has sequence number $k$ and is the parent of $t_{k-1}$.
\r
690 \item Total message sequence: A total message sequence $T$ with length $n$ is a chain of messages that starts at $i = 1$.
\r
691 \item Path: The path of a message $t$ is the total message sequence whose last message is $t$.
\r
692 \item Consistency: A partial message sequence $P$ is consistent with a total message sequence $T$ of length $n$ if for every message $p \in P$ with $i(p) < n$, $T_{i(p)} = p$. This implies that $\{p \in P | i(p) \le n\}$ is a subsequence of T.
\r
693 \item Transitive closure set at index $n$: A set $\mathscr{S}$ of clients comprising a connected component of an undirected graph, where two clients are connected by an edge if they both received the same message $t$ with index $i(t) > n$.
\r
697 \subsection{Formal Guarantee}
\r
699 \begin{prop} Every client $J$ who sends a message $t$ has $A(t)$ as its latest stored message, and $i(t) = i(A(t)) + 1$. \end{prop}
\r
700 \begin{proof} True by definition, because $J$ sets $HMAC_P(t) = HMAC_C(A(t))$ and $i(t) = i(A(t)) + 1$ when a message is sent. \end{proof}
\r
702 \begin{prop} If a rejected message entry is added to the RML at index $i$, the message will remain in the RML until every client has seen it. \end{prop}
\r
703 \begin{proof} Every RML entry $e$ remains in the queue until it reaches the tail, and is refreshed by the next sender $J$ at that time if $min(MS) > i(e)$; that is, until every client has sent a message with sequence number greater than $i(e)$. Because every client who sends a message with index $i$ has the state of the queue at $i - 1$, this client will have seen the message at $i(e)$. \end{proof}
\r
707 \xymatrix{ & & S \\
\r
708 \dots \ar[r] & q \ar[dr]_{J} \ar[r]^{K} & S_1 \ar[r] & S_2 \ar[r] & \dots \ar[r] & p \ar[r] & \dots \ar[r] & S_n = u \\
\r
709 & & R_1 \ar[r] & R_2 \ar[r] & \dots \ar[r] & R_m = t \\
\r
711 \save "2,3"."2,8"*+\frm{^\}}
\r
712 \save "3,3"."3,6"*+\frm{_\}}
\r
716 \caption{By Lemma 1, receiving $u$ after $t$ is impossible.}
\r
719 \begin{lem} Two packets are received without errors by a client $C$; call them $t$ and $u$ such that $i(t) \le i(u)$. Then $t$ is in the path of $u$. \end{lem}
\r
721 Clearly $C$ will throw an error if $i(t) = i(u)$. So $i(t) < i(u)$. Additionally, if $C$ receives $u$ before $t$, this will cause it to throw an error, so $t$ is received before $u$.
\r
723 Assume that $t$ is not in the path of $u$. Take $u$ to be the packet of smallest index for which this occurs, and $t$ be the packet with largest index for this $u$. We will prove that an error occurs upon receipt of $u$.
\r
725 Let $R_1$ be the earliest member of the path of $t$ that is not in the path of $u$, and $q$ be its parent. $q$, the last common ancestor of $t$ and $u$, must exist, since all clients and the server were initialized with the same state. Let $S_1$ be the successor of $q$ that is in the path of $u$; we know $S_1 \neq R_1$. Let $R = (R_1, R_2, \dots, R_m = t)$ be the distinct portion of the path of $t$, and similarly let $S$ be the distinct portion of the path of $S_n = u$.
\r
727 Let $J = s(R_1)$, and $K = s(S_1)$. Because no client can send two messages with the same index, and $i(R_1) = i(S_1) = i(q) + 1$, we know that $J \neq K$.
\r
729 There are two cases:
\r
732 \item Case 1: $J$ did not send a message in $S$. Then $v_J(t) > v_J(q) = v_J(u)$.
\r
734 \item Case 1.1: $C$ receives a sequence of messages between $t$ and $u$ with contiguous sequence numbers. In particular, there is some packet $w$ such that $i(w) = i(u) - 1$. If $w$ is the parent of $u$, messages $t$ and $w$ are a violation of this lemma such that $p$ has a smaller sequence number than $u$; but this contradicts our assumption that $u$ had the smallest sequence number. If $t$ is not the parent of $u$, $HMAC_p(u) \neq HMAC_c(t)$, causing $C$ to error.
\r
735 \item Case 1.2: Case 1.1 does not occur; therefore, $C$ must update its slot sequence list at some point between receiving $t$ and $u$. The latest index of $J$ decreases during this time, which means it must decrease when some message is received, which means C throws an error in the $CheckLastSeqN$ subroutine.
\r
738 \item Case 2: $J$ sent at least one message in $S$. Call the first one $p$. We know that $i(p) > i(R_1)$, since $J \neq K$ and $p \neq S_1$. $R_1$ must be sent either before or after $p$.
\r
740 \item Case 2.1: Client $J$ sends $p$, and then $R_1$. Before sending $p$, the greatest sequence number of a message that $J$ has received, ${s_{last}}_j$, must be equal to $i(p) - 1 \ge i(R_1)$. Since ${s_{last}}_j$ never decreases, Client $J$ cannot then send a message with sequence number $i(R_1)$, a contradiction.
\r
741 \item Case 2.2: Client $J$ sends $R_1$, and then $p$. Let $X = (R_1, \dots )$ be the list of messages $J$ sends starting before $R_1$ and ending before $p$.
\r
743 \item Case 2.2.1: Some message in $X$ was accepted. In this case, before sending $p$, $J$'s value for its own latest index would be strictly greater than $v_J(q)$. ($J$ could not have sent a message with index less than $i(q)$ after receiving $q$). When preparing to send $p$, $J$ would have received its own latest index as at most $v_J(q)$. $J$ throws an error before sending $p$, because its own latest index decreases.
\r
744 \item Case 2.2.2: All messages in $X$ were rejected. Client $J$ will always add the latest rejected message to the rejected-message list in the next update; so for every $i$, $1 \leq i < |X|$, the $i$th element of $X$ will be recorded in the RML of all further elements of $X$; and every element of $X$ will be recorded in $RML(p)$. Since every rejected message in $RML(p)$ will be in $RML(C, u)$, and $u$ is the first message that $C$ sees which does not have $t$ in its path, $R_1$ will be recorded in $RML(C, p)$. When $C$ receives $u$, $C$ will throw an error from the match $(J, iq+1)$ in $RML(C, p)$.
\r
752 Suppose that there is a transitive closure set $\mathscr{S}$ of clients, at index $n$. Then there is some total message sequence $T$ of length $n$ such that every client $C$ in $\mathscr{S}$ sees a partial sequence $P_C$ consistent with $T$. \end{theorem}
\r
755 The definition of consistency of $P_C$ with $T$ is that every message $p \in P_C$ with index $i(p) \le n$ is equal to the message in that slot in $T$. Let $C_1$ be some client in the transitive closure set, with partial message sequence $P_{C_1}$, and let $u$ be some message with $i(u) > i$ that $C_1$ shares with another client. Then let $T$ be the portion of the path of $u$ ending at index $i$ and $t$ be the message at that index. Clearly, by Lemma 1, $P_{C_1}$ is consistent with $T$. We will show that, for every other client $D$ with partial sequence $P_D$, $P_D$ has some message whose path includes $t$. Because $D$ is in the transitive closure, there is a sequence of edges from $C_1$ to $D$. Call this $\mathscr{C} = (C_1, C_2, ..., D)$.
\r
757 We subsequently prove by induction that $D$ has a message whose path includes $t$.
\r
759 \item For the base case, $P_{C_1}$ includes $u$, whose path includes $t$.
\r
760 \item For the inductive step, suppose $P_{C_k}$ has a message $w$ with a path that includes $t$, and shares message $x$ with $P_{C_{k+1}}$ such that $i(x) > i$. If $i(w) = i(x)$, then $w = x$. If $i(w) < i(x)$, then, by Lemma 1, $w$ is in the path of $x$. If $i(w) > i(x)$, $x$ is in the path of $w$; note again that its index is greater than $i$. In any case, $t$ is in the path of $u_k+1$.
\r
761 \item Let $w$ the message of $D$ whose path includes $t$. By Lemma 1, every message in $P_D$ with index smaller than $i(w)$ is in the path of $w$. Since $t$ is in the path of $w$, every message in $P_D$ with smaller index than $i(t)$ is in $T$. Therefore, $P_D$ is consistent with $T$.
\r
765 \subsection{Future Work}
\r
766 \paragraph{Support Messages}
\r
767 A message is dead once receiving machine sends an entry with a newer
\r
768 sequence identifier
\r
770 \paragraph{Persistent data structures}
\r
771 Root object w/ fields
\r
772 Other objects can be reachable from root
\r
773 Each object has its own entries
\r
774 Dead objects correspond to dead
\r
776 \paragraph{Multiple App Sharing}
\r
778 Idea is to separate subspace of entries... Shared with other cloud...
\r
projects / iotcloud.git / blob