Research On Domain Name System Technique Based On Fabric And IPFS

The DNS domain name resolution service is the basic service of the Internet.With the development of the Internet,the network becomes more and more complex,and various attacks are also generated.Protecting the security of the DNS and providing a better experience for users to access the Internet is the goal of Internet development.With the blockchain such distributed encryption technology entering people's attention,some scholars have pioneered the combination of blockchain technology and domain name resolution.This paper uses IPFS and Fabric two blockchain technologies to solve the single point failure and consistency problems in the domain name resolution service.This paper studies the combination of blockchain and domain name resolution techniques as follows:This paper proposes a new two-layer domain name resolution structure,which retains the root domain and top-level domain in the traditional domain name resolution system,reducing the number of queries.The domain name resolution file is stored in the IPFS network.Because the IPFS unique support for the concurrent download of the Bitswap protocol and the hash fingerprint search based on the file content,the parsing file can be quickly transmitted and downloaded between the nodes.Aiming at the problem of domain name resolution delay caused by the excessive top-level domain file,this paper proposes a hash block algorithm,which can effectively shorten the time for file download and query resource record.Based on the domain name resolution service,this paper adds a two-layer signature verification mechanism to the IPFS network based on the asymmetric key encryption algorithm.The top-level domain is signed by the root domain private key,and the root domain private key signs itself,forming a signature pattern that is interlocked from the superior to the lower level.The authenticity and integrity of the domain name resolution file are guaranteed by the signature relationship between files.This paper combines IPFS and Fabric two blockchain networks.IPFS has the characteristics of concurrent processing of big data and fast transmission speed.However,files stored in IPFS networks cannot guarantee authenticity and integrity.The fabric blockchain has a verification mechanism and a consensus mechanism to ensure data integrity and consistency,but Fabric's security is at the cost of time.Fabric is the database of the root zone file,which stores the hash values of all the top-level domain files.The fabric network contains the CA authentication mechanism as a trusted third party.The CA verifies the public key of the root zone file to ensure the authenticity of the public key,which forms a chain of trust covering the entire domain name resolution process.The root zone file public key acts as a trust anchor..IPFS is a database of top-level domain files that store all resource records.After the verification succeeds in the fabric,the analytical data can be read from the IPFS network.The experimental results of IPFS-based domain name resolution,domain name resolution based on IPFS with signature verification mechanism,and domain name resolution based on Fabric and IPFS are compared and analyzed,and the factors affecting the delay of each domain name resolution are tested.Finally,the system concurrent processing performance is tested.The results show that the domain name resolution scheme based on fabric and IPFS can reach the second-level domain name resolution time.This paper innovatively applies two blockchain technologies to domain name resolution,which ensures the authenticity,integrity and usability of resource records,while reducing the parsing delay to some extent.