Secure DNS Design Based On Blockchain Technology

The Domain Name System(DNS)is an extremely important service on the Internet.Many network applications need to rely on the DNS addressing service.However,due to historical reasons,the DNS is highly centralized in design,and the entire system is highly dependent on the central node.In terms of data security,the centralization ideology has led to contradictions in security and performance.As a result,the Domain Name System Security Extensions(DNSSEC)has been proposed for many years,but the popularity is still not very optimistic.This thesis mainly studies the Domain Name System,Blockchain technology and Content Addressable Network.In-depth study of the DNS security design ideas,and found the problems that exist.For the blockchain,the data structure of the blockchain and the consensus algorithm for ensuring data consistency are deeply understood.For the double spend problem of the blockchain network,this thesis also gives a detailed proof.Since the blockchain has strict restrictions on the data size of the block,in order to solve this limitation problem,the content-addressable network is introduced in this thesis,and the design principle is deeply explored.Through in-depth research on the Domain Name System,Blockchain technology and Content Addressable Network.This thesis proposes a decentralized design scheme based on blockchain technology,and separates the design of the zone data file and the data on the chain,which can be a good solution to the existing security problems and performance issues of the Domain Name System.At the same time,it also provides a solution to the privacy control of domain names.In terms of design,first,the decentralized design implementation was changed so that the new system does not have a single point of failure.Any individual or organization can comply with the blockchain network design rules in situations where strong security is required.Under the premise of participating in the blockchain network,authoritative data on the chain can be obtained to ensure the security and reliability of the domain name resolution data.Blockchain can support domain name transactions on the chain.In the domain name trading scheme on the chain,this thesis proposes a scheme fordouble-signature transactions.In the consensus algorithm,this paper proposes a POS signature competition algorithm to avoid the disadvantages of POW.At the same time,it can effectively and fairly perform node elections in distributed nodes,and can use the algorithm transparently for the election results.test.Finally,a simulation system was developed to verify the feasibility of the technical solution.