Research And Implementation Of The Decentralized Blockchain-Based Domain Name System

At present,DNS has become the most important basic service in the Internet.But its centralized design leads to many problems in terms of security,fairness,privacy and so on.Optimizations for DNS,such as Domain Name System Security Extensions,tend to focus on only one of these aspects and can not solve all the problems thoroughly.This paper studies the related technologies of DNS and blockchain,designs NameChain suitable for DNS services by improving the mainstream blockchain technology.A new decentralized DNS system DBDNS is designed on the basis of NameChain.Firstly,this paper designs the block structure and transaction of NameChain,so that it can save and modify the state of DNS and support DNS related operations.Also,it protects the privacy of DNS information.NameChain uses the Merkle-Patricia tree structure to store transaction and state data.Then,a two-stage consensus mechanism is designed to defend against 51% attacks.In the first stage,POA consensus mechanism is used to accumulate computing power as a transition,and in the second stage,memory-hard POW consensus mechanism is used to meet the decentralization requirements.In order to strengthen security,a fast convergent algorithm for block size adjustment is designed to resist the blockchain DOS attacks.In addition,in order to ensure that NameChain can stably create blocks using the POW consensus mechanism,a new difficulty adjustment algorithm using the average block creating time and the parent block creating time is designed in this paper.The DBDNS system designed in this paper is a hierarchical structure,which consists of blockchain layer,caching layer,control layer and application interface layer from bottom to top.Blockchain layer is composed of NameChain,which can be subdivided into storage layer and logic processing layer,corresponding to block data storage and transaction execution,consensus mechanism,P2 P Network Communication and other functions.Caching layer contains double cache queues,using the cache replacement algorithms designed in this paper for divergent data.And the cache replacement algorithms are named DLFU and DFIFO.The major function of control layer is logical control,which plays a role of hierarchical segmentation.Application interface layer includes interface layer and presentation layer,the former provides programming interface,the latter directly provides services to users.In terms of deployment,using light nodes as service nodes for normal users,which requires less resources.Finally,a prototype system is implemented and several nodes are deployed based on virtualization technology.Through usability experiments,stability experiments,caching experiments and DNS update experiments,it is found that: 1)the service of DBDNS can achieve the desired effect and is compatible with the current DNS service;2)the light node stores 1 million orders of block header data,which occupies less than 100 MB disk space,having a high utilization rate of space;3)NameChain can still serve normally when facing blockchain DOS attack,and the transactions in blockchain will not be discarded as a result of the transaction memory pool overflow,and the block size is adjusted to equilibrium state after the creation of dozens of blocks in the experiment;4)NameChain can adjust rapidly and create blocks stably in the case of fluctuation of system computing power,and the average time to create a new block is 16 seconds in the experiment with low initial difficulty and 29 seconds in the experiment with high initial difficulty;5)the caching layer of DBDNS is optimized by DLFU algorithm and DFIFO algorithm,and the cache hit rate is as high as 83%;6)most DNS updates can take effect in one minute,and the longest one is not more than 500 seconds,which is much faster than the global effective time of current DNS;7)even if half of the nodes are downtime instantaneously,DNS updates can still take effect in 500 seconds.In summary,the decentralized system DBDNS solves the problems of security,fairness,privacy and long time for DNS update to take effect,and has good compatibility and expansibility.