We study the problem of reaching agreement in a synchronous distributed system by $n$ autonomous parties, when the communication links from/to faulty parties can omit messages. The faulty parties are selected and controlled by an adaptive, full-information, computationally unbounded adversary. We design a randomized algorithm that works in $O(\sqrt{n}\log^2 n)$ rounds and sends $O(n^2\log^3 n)$ communication bits, where the number of faulty parties is $\Theta(n)$. Our result is simultaneously tight for both these measures within polylogarithmic factors: due to the $\Omega(n^2)$ lower bound on communication by Abraham et al. (PODC'19) and $\Omega(\sqrt{n/\log n})$ lower bound on the number of rounds by Bar-Joseph and Ben-Or (PODC'98). We also quantify how much randomness is necessary and sufficient to reduce time complexity to a certain value, while keeping the communication complexity (nearly) optimal. We prove that no MC algorithm can work in less than $\Omega(\frac{n^2}{\max\{R,n\}\log n})$ rounds if it uses less than $O(R)$ calls to a random source, assuming a constant fraction of faulty parties. This can be contrasted with a long line of work on consensus against an {\em adversary limited to polynomial computation time}, thus unable to break cryptographic primitives, culminating in a work by Ghinea et al. (EUROCRYPT'22), where an optimal $O(r)$-round solution with probability $1-(cr)^{-r}$ is given. Our lower bound strictly separates these two regimes, by excluding such results if the adversary is computationally unbounded. On the upper bound side, we show that for $R\in\tilde{O}(n^{3/2})$ there exists an algorithm solving consensus in $\tilde{O}(\frac{n^2}{R})$ rounds with high probability, where tilde notation hides a polylogarithmic factor. The communication complexity of the algorithm does not depend on the amount of randomness $R$ and stays optimal within polylogarithmic factor.

翻译：我们研究了在一个由$n$个自治参与方组成的同步分布式系统中达成一致的问题，其中故障参与方的通信链路可能遗漏消息。故障参与方由一个自适应的、全信息的、计算能力无界的对手选择和操控。我们设计了一种随机化算法，该算法在$O(\sqrt{n}\log^2 n)$轮内完成，并发送$O(n^2\log^3 n)$比特的通信量，其中故障参与方数量为$\Theta(n)$。我们的结果在多项式对数因子内同时在这两个度量上达到紧界：这是由于Abraham等人(PODC'19)提出的$\Omega(n^2)$通信下界，以及Bar-Joseph和Ben-Or (PODC'98)提出的$\Omega(\sqrt{n/\log n})$轮数下界。我们还量化了需要多少随机性才能将时间复杂度降低到某个特定值，同时保持通信复杂度（近乎）最优。我们证明，如果MC算法调用随机源的次数少于$O(R)$次，则它无法在少于$\Omega(\frac{n^2}{\max\{R,n\}\log n})$轮内工作，假设故障参与方比例恒定。这可以与一系列针对{\em 仅限于多项式计算时间的对手}的共识研究工作形成对比，此类对手无法破解密码学原语，最终在Ghinea等人(EUROCRYPT'22)的工作中给出了一个最优的$O(r)$轮解决方案，成功概率为$1-(cr)^{-r}$。我们的下界严格区分了这两种情况，排除了在对手计算无界时此类结果的可能性。在上界方面，我们证明对于$R\in\tilde{O}(n^{3/2})$，存在一个算法能以高概率在$\tilde{O}(\frac{n^2}{R})$轮内解决共识问题，其中波浪号表示隐藏多项式对数因子。该算法的通信复杂度不依赖于随机性$R$的大小，并在多项式对数因子内保持最优。