On Composition of Authenticated Byzantine Generals Or Should Not Hard Work Always Pay in All Environments?

Consider a player who diligently executes (only) the delegated protocol but the adversary steals some private information from him. Should such a player be considered faulty? In a stand alone execution model, the answer can be either yes or no depending on the context/settings. However, with respect to composition of protocols, we show that the answer has to be no even though the literature answers this as yes. We show that an affirmative answer to this question leads to several undesirable side effects. In light of these findings we propose a new model to study composition of protocols. For our study we use the problem of parallel composition of Authenticated Byzantine Generals (ABG) as a case study. In our model we show that in spite of using unique session identifiers, if n < 2t, there cannot exist any ABG protocol that composes in parallel even twice. Further, for n ≥ 2t, we design ABG protocols that compose for any number of parallel executions.