Tags:availability, blockchain, consistency, DNS, name resolution architecture and root zone management
Abstract:
The domain name system (DNS) is the infrastructure of many services and applications, thus the availability and consistency of the domain name resolution process are crucial but have long troubled DNS. The availability problem is caused by a denial-of-service (DoS) attack or a single point of failure (SPOF). The consistency problem originates from the lack of a forced data synchronization mechanism between authoritative server replicas or between parent/child authoritative servers. We proposed a novel blockchain-based domain name resolution and management architecture named FI-DNS to solve the above problems fundamentally. FI-DNS solves availability and consistency problems in the name resolution process from the mechanism level and guarantees the authenticity and integrity of name resolution results by using public-key cryptography. FI-DNS also supports root zone collaborative management based on smart contracts, which is compatible with the current governance model led by Internet Corporation for Assigned Names and Numbers (ICANN). We implemented the prototype system to prove the feasibility and effectiveness of the FI-DNS architecture. We built an experimental environment with real domain name data, evaluated the name resolution performance and stability of the FI-DNS prototype system, and compared the prototype system with DNS.
A secure domain name resolution and management architecture based on blockchain