Research On Key Issues Of Pki System Based On Blockchain

In 2020,the development of new infrastructure will start a prairie fire in China,helping the country stabilize its economy and steady growth.With the development of new infrastructure,Chinese society is stepping into the intelligent era.With the rapid development of many Internet and related industries,a large number of core key technologies still face the risk of "being controlled by others".The public has some doubts about the security of China's Internet.The most representative question is "can the United States press the pause button of China's Internet?" Or something like that.As the most critical infrastructure in the Internet,the single point of failure caused by the highly centralized DNS(domain name system)has become the key point of Internet security.In this context,this paper makes a series of research on how to solve the problem of single point of failure in DNS system,and puts forward a self-designed solution for reference only.Based on the single point of failure problem of DNS,this paper first explores and analyzes the current domestic DNS system architecture,and discusses whether the DNS root mirror server in China has the ability to resist single point of failure.Then,a secure DNS system based on blockchain is designed by using the characteristics of decentralization,traceability and non tampering of blockchain technology to try to solve the single point of failure problem of DNS system.The main work of this paper is as follows(1)Starting from the network infrastructure and the current Internet system,this paper analyzes the threat and causes of single point failure in the current DNS system,and puts forward the exploration direction for solving the problem of single point failure in the DNS system.This paper analyzes the operation process of DNS root domain name server and the resolution process and independent operation ability of mirror root domain name server.Through the application of data theory and large-scale testing method,this paper analyzes whether the image of China can be as authoritative as the real root domain name server in this highly centralized system.(2)Starting from the current DNS system and focusing on the security requirements of DNS server,this paper designs a set of software based on DNS zone gateway,and puts forward a network topology DNS system management mode,resolution scheme and security strategy around DNS zone gateway.It improves the efficiency of system resolution,ensures the security of DNS server,and improves the security and controllability of DNS system.(3)This paper analyzes the relevant characteristics of blockchain technology,makes use of its unique advantages of decentralization and non tampering,and combines with the operation mode of DNS zone gateway to try to deploy the DNS system server as a mesh topology.The nroot chain running in the external network and the zone chain running in the internal network are designed.Based on this double-layer block chain mode,the regional secure DNS system is designed,and the system architecture and network topology are designed and analyzed in detail.The system reduces the dependence of the DNS system on the central node and the root domain name server,and tries to propose a solution to effectively solve the single point of failure problem in the traditional DNS system.