Vol.129, No.1, 2021, pp.299-322, doi:10.32604/cmes.2021.016839
IDV: Internet Domain Name Verification Based on Blockchain
  • Ning Hu1, Yu Teng2, Yan Zhao1, Shi Yin1, Yue Zhao3,*
1 Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, 510006, China
2 Zhong Zi Hua Ke Traffic Construction Technology Co., Ltd., Beijing, 100195, China
3 Science and Technology on Communication Security Laboratory, Chengdu, 610041, China
* Corresponding Author: Yue Zhao. Email:
(This article belongs to this Special Issue: Blockchain Security)
Received 11 March 2021; Accepted 24 June 2021; Issue published 24 August 2021
The rapid development of blockchain technology has provided new ideas for network security research. Blockchain-based network security enhancement solutions are attracting widespread attention. This paper proposes an Internet domain name verification method based on blockchain. The authenticity of DNS (Domain Name System) resolution results is crucial for ensuring the accessibility of Internet services. Due to the lack of adequate security mechanisms, it has always been a challenge to verify the authenticity of Internet domain name resolution results. Although the solution represented by DNSSEC (Domain Name System Security Extensions) can theoretically solve the domain name verification problem, it has not been widely deployed on a global scale due to political, economic, and technical constraints. We argue that the root cause of this problem lies in the significant centralization of the DNS system. This centralized feature not only reduces the efficiency of domain name verification but also has the hidden risks of single point of failure and unilateral control. Internet users may disappear from the Internet due to the results of fake, subverted, or misconfigured domain name resolution. This paper presents a decentralized DNS cache verification method, which uses the consortium blockchain to replace the root domain name server to verify the authenticity of the domain name. Compared with DNSSEC's domain name verification process, the verification efficiency of this method has increased by 30%, and there is no single point of failure or unilateral control risk. In addition, this solution is incrementally deployable, and even if it is deployed on a small number of content delivery network servers, satisfactory results can be obtained.
Blockchain-based network security; DNS security; DNS decentralization; CDN
Cite This Article
Hu, N., Teng, Y., Zhao, Y., Yin, S., Zhao, Y. (2021). IDV: Internet Domain Name Verification Based on Blockchain. CMES-Computer Modeling in Engineering & Sciences, 129(1), 299–322.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.