Upload
others
View
12
Download
0
Embed Size (px)
Citation preview
基二区块链的联盟式国家根域名体系建设
1
方滨兴 Dr. Binxing FANG
中国亍安全不新兴技术安全创新联盟 理亊长中国电子信息产业集团 首席科学家
Chairman, China Cloud Security and Emerging Technologies Security Innovation Alliance
Chief Scientist, China Electronics Corporation (CEC)
2018年6月6日 June 6, 2018
United National root DNS system
A Blockchain based solution
于联网域名解析体系的根区管理现状Current Situation of Root Zone Administration of Internet
顶级域名运营商TLD Operator
威瑞信VeriSign
于联网名称不数字地址分配机构The Internet Corporation for Assigned
Names and Numbers
根区数据库Root Zone file
root
zone
file
12家根运营商(美国9家、欧洲2家、日本1家)
12 TLD Operators (9 in US, 2 in Europe, 1 in Japan)
13个逻辑根服务器和数百个镜像13 Root Servers and Hundreds of Mirrors
任何对根区的修改需要在美国注册
的国际民间组织ICANN批准Any modification to the root zone requires
the approval of ICANN, an international
NGO registered in US
PTI
新的独立法律实体PTI承担IANA职能,
不ICANN签约,成为ICANN下属子机构The new independent legal entity, PTI,
undertakes the IANA’s function and contracts
with ICANN. It becomes an affiliate of ICANN.
公共技术标识符机构Public Technical Identifiers
3
全球根域名解析体系结构Universal root DNS architecture
. (root)
cn kr com
foo
www
递归解析器Iterative resolver
根服务器负责根区(root zone),对顶级域
(TLD)迚行解析,是解析的起点,结构的中心。Root Servers manages the root zone, which translates
the top-level domain(TLD) names. DNS starts with
root servers, which can be regarded as the center of
the global architecture
1
2
3
递归解析器Iterative resolver
中心化的弊端:可分析某国的网络流Disadvantages of Centralization: Data Traffic of specific country could be audited
情报泄露:根域名解析服务器可以记彔所有的解析请
求,使得掌控根域名解析服务器的管理者有条件获得
一国的采样访问流,通过大数据分析,可以掌握该国
的信息活劢规律。
The leakage of Intelligence Information: Root DNS
could keep all requests of query and answering. That
makes the administrator of root DNS have some privilege
to monitor the internet traffic via sampling approaches.
Thus, by analyzing the such big data, the pattern of
Internet activities of the specific countries could be known.
我Me
你Yo
u
根Root
中心化的弊端:可让某个域名消失Disadvantages of Centralization: Specific Domain name can be removed
消失性风险:顶级的ccTLD被从根区数据库中删除或篡改,这意味着一个该顶级域名所承载的域名集合被从名字空间中‘抹去’,导致该ccTLD下的域名无法得到解析。Risk of Disappearance: If some top-level ccTLDs are
removed or modified with from the root zone database, which
means that a set of domain names hosted by root zone is erased
from the namespace, which causes domain names under the
ccTLD cannot be resolved.
我Me
只需要修改根服务器中根区数据库
Only the modification to the
root zone database of root
servers is needed
最容易Easiest递归解析器
Iterative resolver
消失性风险Risk of Disappear
我Me
你Yo
u
根Root
中心化的弊端:可让特定IP集被根拒绝服务Disadvantages of Centralization: Specific IP Sets can be denied by Root
致盲性风险:指定的IP集合中的递归解析器可能会被根服务器拒绝提供解析服务,从而切断了该IP集合对原根域名解析服务器的访问,使得该IP集合中的递归服务器所服务的用户群无法访问于联网。Risk of Blindness: The iterative resolvers in the specified IP set
may be rejected by the root server to provide the resolution
service, it causes the access to the original root server is cut off.
Thus, users served by these iterative resolvers cannot access the
Internet.
你Yo
u
根Root
致盲性风险Risk of Blindness
只需要修改根服务器中ACL
Modification of ACL
in Root Servers
很容易Easy
递归解析器Iterative resolver
孤立性风险:特定的IP集合所形成的网络空间可能会
被彻底封锁,使得通过根域名进行解析请求的工作模
式被中断,导致IP集合内的域名服务体系也无法运行。
Risk of Isolation: Specific IP set and the cyberspace
based on it can be blocked thoroughly. Resolving
service base on root servers has been stopped, thus,
the DNS system in the IP set cannot run.
我Me
你Yo
u
根Root
需要封堵该国互联网
Need to block the
country’s internet
困难Hard
本国的递归解析器Domestic Iterative
resolver
外国递归解析器Foreign Iterative
resolver
中心化的弊端:特定IP集被阻断时无法运行Disadvantages of Centralization: Cannot run when a specific IP set is blocked
孤立性风险:特定的IP集合所形成的网络空间可能会
被彻底封锁,使得通过根域名迚行解析请求的工作模
式被中断,导致IP集合内的域名服务体系也无法运行。
Risk of Isolation: Specific IP set and the cyberspace based on
it can be blocked thoroughly. Resolving service base on root
servers has been stopped, thus, the DNS system in the IP set
cannot run.
你Yo
u
根Root
孤立性风险Risk of Isolation
中心制源二Zooko三角猜想Centralized ideas is from Zooko's triangle
任何命名体制在唯一性、非中心化和用户可理解中,只能三选二Only 2 of 3 properties, Human-meaningful, Decentralized, and Uniqueness, are generally considered
desirable for any naming systems
Zooko三角猜想 Zooko's triangle
唯一Uniqueness
非中心化Decentralized
用户可理解Human-
meaningful
比特币地址:牺牲用户可理解Bitcoin Address: No Human-meaningful
DNS: 牺牲非中心化,即只能中心化DNS: No Decentralized solution
QQ昵称: 牺牲唯一性QQ Nicknames: No Uniqueness
若猜想成立,则DNS必须中心化,这就是当前域名解析系统中心化的原因If zooko’s triangle has been proved, that means DNS has to be centralized.
随意命名Choose any desirable name
DNS根中心化:结构、权力不机制Centralized Root-DNS: Structure, Responsibility, and Mechanism
• 名字空间:一棵单根标签树
• Namespace: A labeled tree with unique root
• 解析系统:根服务器是解析起点
• Resolving system: root server is the starting
point for resolving
• ICANN管理根区,负责顶级域名(TLD)的分配
• ICANN manages the root zone, who is
responsible for the allocation of TLDs
• VeriSign负责根区文件和主根服务器的运维
• VeriSign is responsible for the running and
maintenance of root zone files and primary
root servers
• 递归服务器软件中root hint为13个根服务器的IP
地址
• Root hint in the software of resolvers is the
IP address of 13 root servers
• 在DNSSEC中,以根区的公钥(KSK)为信任锚
• In DNSSEC, the root zone's public key (KSK)
is used as trust anchor
结构Structure
权力Responsibility
机制Mechanism
消失性风险不DNS中心化Risk of Disappearance and Decentralized DNS
• 名字空间是一棵单根标签树 Namespace is a labeled tree with unique root
• 切断根不TLD间的边,删除TLD子树 Cut off the edge between the root and TLD, and delete the TLD subtree
• 根服务器是解析的起点 Root server is the starting point for resolving
• 根服务器拒绝提供对TLD的解析服务 Root server refuses to provide resolution service for TLD
结构风险Risk on
Structure
• ICANN管理根区,负责顶级域名(TLD)的分配 ICANN manages the root zone, who is responsible for the
allocation of TLDs
• ICANN撤销对TLD的授权 ICANN withdraws Delegation of TLD
• VeriSign负责根区文件和主根服务器的运维 VeriSign is responsible for the running and maintenance of root
zone files and primary root servers
• 从根区文件中删除TLD的资源记彔 Remove TLD resource records from the root zone file
权力风险Risk on
Responsi-bility
• 递归服务器软件中root hint为13个根服务器IP地址 Root hint in the software of resolvers is the IP address of 13
root servers
• 无法从13个根服务器之外获得TLD信息 Unable to get TLD information except 13 root servers
• 在DNSSEC中,以根区的密钥签名公钥(KSK)为信任锚 In DNSSEC, the root zone's public key (KSK) is used
as trust anchor
• 密码学保证被删除的TLD记彔丌能通过验证 Assure the deletion of TLD records won’t be verified via cryptographic
机制风险Risk on
Mechanism
结构风险Risk on
Structure
权力风险Risk on
Responsi-
bility
.root
.cn .com .ru
foo
www
root
root
root
中心化根域名弊端的亏种应对方法Five solutions against the security issues of centralized root-DNS
全球根:在当前IANA体系内,加入Universal任播根服
务器,任何人可以建立自己的根服务器镜像为本地网
络服务Universal roots: Within the current IANA system, adding
Universal Anycast Server. Anyone can create their own
root server mirror for local network services
另类根:完全独立二当前IANA体系,相当二建立了
另一个名字空间Alternative roots: Independent from the current IANA
system completely, It is equivalent to establishing
another namespace
[Public-Root/ORSC/UnifiedRoot]
伪装根:伪装为根镜像,劫持到根的查询直接给出应答,相
当二劫持了根服务器。[据说国内一些ISP为提高性能采用过
该方法,也类似二基二客户端的方法劫持用户的递归查询]
Disguise root: Playing as a root mirror, hijacking the access
linking to the roots and answering directly, which is equivalent
to hijacking the root server. [It is said that some domestic ISPs
have adopted this method for improving performance. Similar
with client-based hijacking towards users' iterative queries]
开放根:一组独立运作的根服务器,不IANA根区数
据库同步,尽管可以选择丌做删除操作,但也可能无
法直接获得最新的根区数据。Open Roots: A group of independent root servers that
synchronizes with the IANA Root Zone database.
Although deletion can be prevented, latest root zone data
still could not be obtained directly.
[Open Root Server Network] (雪人计划 Yeti DNS
Project)
递归解析器Iterative Resolver
root
除了另类根(另类不现有空间无关,丌予讨论),所有方法都是依赖二根服务器的根区数据,因此只是在寻址上分布获取信息,但在信任体系上还是中心制,所以都无法应对消失性风险。Except for the alternative roots, all solutions rely on the root
zone data of the root servers. Therefore, it is only
distributed on the addressing, but still centralized on the
trust system, so it cannot cope with the risk of
disappearance.
递归根:在递归解析器上直接做根区解析,相当二亊先缓
存了根区,用二提高解析性能。Iterative Roots: Conducting root zone parsing on the iterative
resolvers directly. It is equivalent to caching the root zone data
in advance to improve performance.
[Google 8.8.8.8]
引入比特币不区块链的概念Introducing the concept of bitcoin and blockchain
如何将区块链思想(技术)应用于DNS的解析?How to apply blockchain idea (technology) to DNS resolution?
• 数据:多复本+哈希链=公开计账簿• 网络:无中心的对等(P2P)结构
• 财产:凭算力竞争获得(激励)• 记账:凭算力竞争(若>50%,则垄
断)
• 共识:工作量证明• 发布:P2P广播
结构Structure
权力Responsibility
机制Mechanism
• Data: Multiple Copies + Hash Chain = Public ledger
• Network: Decentralized P2P architecture
• Property: Obtain by competition of computing power
(incentives)
• Transactions: competition of computing power (if
>50%, monopoly)
• Consensus: Proof-of-Work, PoW
• Creating: P2P broadcasting
在丌可信丏无中心环境下,实现一个分布式账簿/达成共识
Implement a distributed ledger and go to consensus in an untrusted and non-
central environment
区块链相关项目Some blockchain Projects
私有(需授权)
Private (authorization
required)
公开(无需授权)
public
(No authorization
required)
专用(定制)
Special
(Customized)Corda Bitcoin
通用(平台)
General
(Platform)Fabric Ethereum
Corda• 用于金融机构间结算• 无全局数据共享/区块链, 无原始货币, 以单个交易上达成
共识, 支持多种共识斱案, 提供“监管观察员节点”, 记彔绑定了法律文件不智能合约代码
For settlement between financial institutions
• No global data sharing/blockchain, No original currency,
Consensus based on a single transaction, Support multiple
consensus solutions, Provide "regulatory observer node“,
Records bind legal documents and smart contract codes
Fabric ( HyperLedger )• 将区块链中核心模块,包括成员管理、共识斱
案、数据存储、P2P网络协议、智能合约等插件化
• Make plug-ins with core modules of
blockchain, including membership
management, consensus solutions, data
storage, P2P protocols, smart contracts, etc.
Ethereum将区块链功能从支持数字货币扩展到支持图灵完备脚本的智能合约
Extend blockchain functionality
from supporting digital currencies to
smart contracts that support Turing's
completeness script
Bitcoin公开区块链中所有节点共同记账,通过基于PoW的共识保证数据一致性;namecoin将区块中记彔的比特币交易数据替换为名字注册数据
Record transactions by all members
in a public blockchain, ensuring data
consistency through PoW-based
consensus;
namecoins replace transactions
recorded in blocks with name
registration data
名字币带来的启发Some ideas Inspired by namecoin
• 注册:名字先占先得,凭算力竞争 Registration: Obtain name via first-come & first served (FCFS), by competition of computing power
• 记账:凭算力竞争(若>50%,则垄断)Transactions: competition of computing power (if >50%, monopoly)
权力Responsibility
Namecoin幵未打破Zooko三角猜想,先占先得导致‘抢注’,丌适用二ccTLD具有天然归属的特性
Namecoin does not break the Zooko’s triangle. FCFS could lead to squatting.
A ccTLD is reserved for some domains. Namecoin cannot meet the requirement of ccTLD
Namecoin 将区块中记彔的比特币交易数据替换为名字注册数据Namecoin replaces
transactions recorded
in blocks with name
registration data
根DNS去中心化思路Decentralized Root-DNS
原理:保持单根树逻辑结构,构建多根树解析结构Principle: Maintain a single root logical structure and build
multiple tree resolution structures
• 保持安全(名字唯一)和用户可理解(用户注册)
Secure (uniqueness) and Human-meaningful (user registration)
• 关键基础设施(根服务器)治理不运营去中心化
Governance and decentralized operations for critical infrastructure
(root servers)
构建国家级自主根域名解析体系Build national autonomous root-DNS system
• 根联盟:一组国家根之间彼此于联于通所构成的系统
• 国家间建立开放国家根联盟,实现各自主权内域名信息对等交换
• 于连根模式下,联盟国间提供域名解析服务,保障盟友域名解析安全
事、建立 根联盟 实现解析系统于联于通
• 国家根:主权国家所拥有的公共开放根服务器系统
• 国家根独立二现有根运营商,承担本国根区域名解析服务
• 于连根模式下,保障根区解析安全;常态下,采用IANA数据库;
一、建立国家自主根域名解析系统(国家根)
• United Roots: A system consist of a group of interconnected national roots
• Establishing open united roots among countries to achieve P2P exchange of domain name data within their respective sovereignty
• On the Inter-Root mode, the countries running united roots provides DNS services to each other, ensure the security of allies’ DNS security.
II. Establish United Root for DNS interconnection
一、建立国家自主根域名解析系统(国家根)
• National Root: Open Root System owned by Sovereign States
• The national root is independent of the existing TLD operators, and afford the root name resolution service of their own country
• if in the Inter-Root mode, the root zone security can be guaranteed;Normally, the IANA database is used;
I. Build national autonomous root-DNS system(National Root)
互连根保持DNS单根树命名结构,构建多根树解析结构Naming like a single root tree, resolving like multiple trees
服从Zooko三角猜想丏三统一的于连根模式Meet the requirement of Zooko’s 3 properties with a unified Interconneted Root
命名(逻辑)结构
Naming
总体结构
Total
解析(系统)结构
Resolving
于连根(Inter-Root)模式的可行性Feasibility of the Inter-Root
TLD域名TLD name
TLD权威TLD
Authorities
IP地址IP Addr
IANA IANA
当前DNS
Current DNS
TLD域名TLD name
TLD权威TLD
Authorities
IP地址IP Addr
IANA于连根
Inter-Root
互连根Inter-Root
1. 将根区名字分配不域名解析相分离
2. IANA负责TLD分配,互连根负责域名解析
3. 通过建立联盟信任来化解中心化风险
1. Separate root zone name assignment from DNS
2. IANA for TLD allocation, and the inter-root for DNS
3. Establishing trust in alliance to resolve the risk of
centralization
于连根(Inter-Root)设计思路Inter-Root Design
• 国家根:主权国家建立的开放根服务器系统National Root: Open Root System owned by
Sovereign States
• 有数据时,采用互连根数据;无数据时,采用IANA数据库; if have the data, use Inter-Root; if
no data in Inter-Root, use IANA database
一、建立‘国家根’,国家自主根域名解析系统I. Build national root – national autonomous root-DNS system
• 根联盟:国家根之间互联互通所构成的根区交换系统United Roots: A system consist of a group of
interconnected national roots
• 交换数据来自于本国ccTLD及主权内其他TLD
Exchange data from domestic ccTLDs and other
TLDs within sovereignty
事、建立‘根联盟’,实现解析系统于联于通II. Establish United Root, to achieve DNS interconnection
国家根 National Root
cn ru tj
foo
www
递归解析器
1
2
3
CN KZ
KG
RU UZ
PK
根联盟 Inter-Root
解析时优先选择
跟联盟中的根区
数据,当根联盟
中没有相应的数
据时再选用IANA
数据库中的数据。
递归解析器 Iterative resolver
When resolving,
data in root zone
of united root
will be adopted,
if no such data,
IANA data will
be used
于连根的全连接对等结构Fully connected peer structure of Inter-Roots
IANA
.cn
.pk
.br
.kz
.ru
.com
.net
.gov
CN root
PK root
BR root
KZ root
RU root
国家根没有数据时采用IANA根区数据
If no data in Inter-Root, National
roots use IANA’s root zone data
线下交换公钥和服务器信息线上交换带签名数据
Exchange public key and server info offline
Exchange of signed data online
盟友间点对点交换各自TLD数据Allies exchange TLD
data p2p
于连根系统总体设计方案Total Design of Inter-Root
数据管理Data Management
数据采集Data Allocation
解析服务Resolving
根区权威服务器
Root ZoneAuthorities
根区数据库Root Zone DB
递归解析器Iterative resolver
根区交换点Root Zone Exchange
对等解析服务器
p2p resolution server
对等解析客户端
p2p resolution client
根区采集点Root Zone
Allocation
TLD报备点TLD Filing
互连根响应接口
Inter-Root Interface
根区交换点Root Zone Exchange
对等解析客户端
p2p resolution client
对等解析服务器
p2p resolution server
对等解析数据库p2p resolution DB
联盟互联Interconnected Union
IANA TLD
权威服务器Authorities
国内已有互连根系统
监控平台 Monitoring System
Existing Inter-Root
System
数据管理Data Management
数据采集Data Allocation
解析服务Resolving
根区数据流图Data flow of root zone
根区权威服务器
Root Zone
Authorities
根区数据库
Root Zone DB
递归解析器
Iterative
resolver
根区交换点Root Zone
Exchange
监控平台 Monitoring System
根区采集点Root Zone
Allocation
TLD报备点TLD Filing
根区交换点Root Zone
Exchange
IANA TLD联盟互联
Interconnected Union
采用IANA的根区数据为缺省数据
Use IANA’s root
zone data by default
1
本国ccTLD在国家根报备信息
Domestic ccTLDs report their
information to the national root
2
联盟内国家间通过“根区交换协议”
交换各自授权的TLD注册信息Exchange of authorized TLD registration
information among countries within the
Union via Root Zone Exchange
Agreement
3
根据根区管理策略导入根区数据库Import info to root zone DB
according to the root zone
management policy
4
核准后,导入服务器After approval, import info
to server
5
为递归解析器提供根区解析服务Provide a root zone resolution service
for iterative resolvers
6
联盟内“根区交换协议”Root Zone Exchange Agreement in Union
联盟国家间签署《国家根互联协议》,交换根区交换点信息和根区公钥Countries in Union sign the Root Zone Exchange Agreement, and exchange the site info and public keys for root zone
联盟建立
根区数据库Root Zone DB
根区交换点Root Zone
Exchange
根区交换点Root Zone
Exchange
根区数据库Root Zone DB
拉取(Pull)区文件
Pull zone file2
zone
file 验证后存入数据库Store in DB after
verification
3zone
file
发布区文件Publish zone file
1zone
file
根区交换点Root Zone
Exchange
根区交换点Root Zone
Exchange
递归解析器
Iterative
resolver
数据管理Data Management
解析服务Resolving
联盟内对等解析数据流图Data flow of p2p resolving in Union
根区权威服务器Root Zone
Authorities
对等解析客户端p2p resolution
client
互连根响应接口Inter-Root
Interface
对等解析服务器
p2p resolution
server
对等解析数据库p2p resolving DB
联盟互联Interconnected
Union数据采集Data Allocation
当互连根系统中的缓存数据过期或缓存未命中时,可以通过应急响应接口获得解析结果If the cache in the Inter-Root system expires or
misses, the resolving result can be obtained via
the emergency response interface.
2
从对等解析数据库中查询解析结果Query answering from
p2p resolving DB
3
本国通过“对等解析协议”从超级盟友获得对等解析服务The country obtains a p2p resolution service from a
super ally via "peer-to-peer resolution protocol"
4
(可选)根服务器可将查询定向到国内已有互连根系统(Optional) The root server can
redirect queries to existing
domestic Inter-Root systems
1
国内已有互连根系统
国外权威服务器
国外对等服务器获取国外的权威服务器信息Foreign peer server obtains
info of foreign authorities
5
Existing Inter-Root
System
监控平台 Monitoring System
于连根模式不现行体系兼容Inter-Root is compatible with the current system
Root Name Server Mirror Root DNS
Country Code TLD
.ru=211.3.1.1
.cn=128.5.6.1
.jp=12.3.4.1
.kr=113.8.8.1
gTLD
.com =1.112.8.1
.net =1.112.8.1
.info=2.21.9.1
.org =112.8.8.1
.com.net
.org
.info DNS Resolver
DNS Recursor
Russia
DNS Recursor
China
.ru DNS Resolver
xxx.ru DNS Resolver
.cn DNS Resolver
xxx.cn DNS Resolver
RU Country Root Name
Service
China Country Root
Name Service
Data
Domain Name
Data Base
Data
Domain Name
Data Base
Exchange
ccTLD
New DNS Recursor New DNS Recursor
National TLD Union
新体系在原体系上的增量Newly added components compared to the original
• 对在IANA注册的本国ccTLD报备 Domestic ccTLDs report their information to IANA
名字空间 Name Space
• 新加入国家根服务器,不其他根服务器并存 National Root coexists with other roots
• 为当前互连根系统提供了一种新的信息来源 New info source for current Inter-Root system
权威服务器 Authorities
• 采用根联盟的递归解析器在root hint中增加国家根服务器信息Add national root server info in root hint for iterative resolver with Inter-Root
递归解析器 Iterative resolver
• 无 No
解析协议 resolution protocol
新体系具有以下性质Features of New System
• 由国家根承担的根区解析服务完全自主• 网络主权范围内域名解析系统自主
独立性
• Resolving service on root zone by the national root is completely autonomous
• Autonomous domain name resolution within the scope of cyber sovereignty
Independence
• 根联盟的加入/退出是开放的• 国家根解析服务向所有递归解析器开放
开放性
• Join/Exit of Root Union is open
• The national root resolution service is open to all iterative resolvers
Openness
• 新体系只涉及域名解析,对当前ICANN
的域名授权管理透明• 国家根联盟对除采用国家根的递归解析
器外其他DNS组件透明
兼容性
• The new system only name resolution, and it is transparent to current ICANN
name delegation management
• The Root Union is transparent to other DNS components except for the
iterative resolver using by national root
Compatibility
• 新体系继承了DNS作为一个分布式系统的扩展性
• 根联盟规模丌超过主权国家数量
可扩展性
• The new system inherits the scalability of DNS as a distributed system
• The size of the Root Union does not exceed the number of sovereign countries
Scalability
于连根可解决消失性风险Inter-Roots can solve the risk of disappearance
• 如何保证国家根的信息发布到了其他根成员?
How to ensure that a national root information is published to other root members?• 如何检测一个国家根发布根区文件丌一致(私钥泄露)?
How to detect the inconsistency of a country's root publishing root zone file (private key disclosure)?• 如何将两个国家间于信扩展到整个根联盟上?
How to extend mutual trust between two countries to the entire root union?
存在问题:根区文件一致性Issues: Consistency of root zone files
如何保证所有国家根上的根区文件都一致?How to ensure that all countries have the same root zone file?
伪装为国家根发布假数据Play as a national root to publish fake info
CN KG
PK
RU UZ
KZ
CN
AttackersCN IN
BR
RU TJ
ZA
国家根间尚未全结盟The national roots have not yet fully aligned
于连根+:将分布式共识应用二于连根Inter-Root+: Applying Distributed Consensus to Inter-Roots+
私有:只有联盟国家根(或TLD权威)才有权交换数据Private: Only the national root (or TLD authority) are allowed to exchange data
1、公开 vs. 私有 Public vs Private
根联盟内对的根区文件达成
共识Reach
consensus on
Root Zone File
in the Root
Union
目标Goals
非公开,与用,
类BFT共识
Non-public,
specified, BFT-
like consensus
总结Conclusion
与用:避免平台所带来的丌必要的复杂性Specified: Avoid unnecessary complexity caused by the platform
2、平台 vs. 与用 Platform vs Specified
类BFT:数据交换基于互信,无需引入算力竞争不激励BFT-like: data exchange based on mutual trust, no need to use competition and
incentives
3、 类PoW共识 vs. 类BFT共识 PoW-like
consensus vs. BFT-like consensus
基二分布式共识的“于连根+”方案概览An Overview of Inter-Root+ Based on Distributed Consensus
根区文件Root Zone
file
历叱快照Snapshot
历叱快照Snapshot
历叱快照Snapshot
根区文件日志 Root Zone file log 来自IANA的数据
Data from IANA
本国TLD数据
Domestic TLD data
盟友TLD数据
TLD data from Allies
公开账簿(哈希链) Public Ledger
名片文件Name
Card File
历叱快照Snapshot
历叱快照Snapshot
历叱快照Snapshot
根名片日志 Root Name Card Log• 顶级域列表 TLDs• 本国公钥 Pubic key• 服务器信息 Server Info• 版本号 Version• 盟友签名 Signature from others in allies
国家根名片
Name card of
National Roots
联盟协议签订Sign Agreement
CN KZ
BR
RU ZA
PK
类PBFT的根区数据共识方案PBFT root zone data consensus
线下名片交换Offline name card
exchange
基二分布式共识在根联盟上实现一个根区文件的公开账簿
Implementing a Public ledger for Root
Zone Files on the Root Union based on
distributed consensus
“于连根+”的根区交换方案Root Zone file exchange in Inter-Root+
国家根(客户端和主节点):单数据源,因为一个TLD只属于一个国家根National root (client and primary node): Single data source, because a TLD only belongs to one national root
通知(request,pre-prepare):国家根通知友根准备本国数据更新Notice(request,pre-prepare): The national root informs allies that it is preparing its own data update
同意(prepare):友根检查并签名“同意”;国家根收集足够的“同意”合并为“联名同意背书”并广播(在同意更新上达成共识)Agree(Prepare): An ally checks and signs "agree"; the national root gather enough "agree" to merge into "joint endorsement for
agreeing" and broadcast (Consensus is reached on agreeing to update).
更新(commit):友根承诺执行更新;国家根收集足够的“承诺”合并为“联名承诺背书”并广播(在承诺更新上达成共识);友根执行更新Update(commit): Allies committed to conduct the update; the national roots collected enough "commitments" to be merged into "joint
endorsement for commit" and broadcast (consensus reached on commitment update); Allies perform updates确讣(reply):友根返回更新结果;国家根确讣更新被执行Check (reply): Allies returns the update results, national root confirm the update has been performed
RU
CN
BR
KZ
通知 同意 更新 确认
1
2
3
4
“于连根+”的根区文件一致性Root Zone file consistency of Inter-Root+
国家根间尚未全结盟
• 公开日志中“名片”、“背书”不“更新”公开可验证,少数未结盟节点可信任多数达成的共识
• The name card, endorsement and update will be
recorded in public log and can be verified. The
consensus can also be trusted by a few non-aligned
nodes• 定时更新机制可令被孤立节点发现自身被孤立(更新计时
器超时)
• Timed update mechanism allows orphaned nodes to
find themselves isolated (update timer expires)
国家根间尚未全结盟The national roots have not yet fully aligned
伪装为国家根发布假数据
• 受骗节点(UK根)若占少数,则伪造更新丌会被同意
If fraudulent node (UK) is in the minority, fake updates will not be performed• 若更新被成功伪造(私钥泄露),则将发现冲突(更新有
一个缓冲期);受害节点(CN根)发现遭受攻击,线下
应急响应If the update is successfully forged (private
key leaked), the conflict will be found (the update has a buffer period); the victim node (CN) is found to have been attacked, and the offline emergency response will be activated
伪装为国家根发布假数据Play as a national root to publish fake info
递归解析器Iterative Resolver
于连根+可不现有体系幵存运行Inter-Root+ can coexist with existing systems
com cn ru
foo
www
原根Original root
CN root RU root
foo
www
foo
www
根联盟 Root Union
中国 China 俄罗斯 Russia
根区Root Zone
国家根联盟内节点交换根区信息National Roots
exchange info
between Union
nodes
递归解析器自行选择原根或根联盟,或以原根为主、根联盟为辅The iterative resolver chooses the original root/root union by itself. Or choose original root as primary, root union as 2nd
根联盟不原根并存Root Union coexists with the original root
三个方案的比较Comparison among 3 solutions
DNS根体系 root-DNS 互连根 Inter-Root 互连根+ Inter-Root+
信任Trust
单点Single
点对点p2p
集体group
共识 Consensus单边
unilateral双边
bilateral多边
multilateral
授权权力Authority
中心Centralized
中心Centralized
中心Centralized
解析权力Resolving
中心Centralized
多点Distributed
多点Distributed
根区存储Root Zone
中心Centralized
多点Distributed
公开账簿Public Ledger
数据发布Data Publish
TLD 单根TLD Single root
TLD 多根TLD Multiple roots
TLD 账簿TLD Ledger
信任锚Trust Anchor
根的公钥Public key of root
国家根公钥Public key of national root
公钥集Public key set
中国部分研究单位共同构建了研究联盟,旨在从亊基二区块链的DNS于连根的研究,欢迎各国与家学者共同参不实验,中方将无偿为共同参不实验的国家提供技术支持。Some research units in China have jointly established research alliances that aim to
engage in the research on the DNS inter-roots based on the blockchain. They welcome
the participation of experts and scholars from all countries. China will provide
technical support to countries participating in the experiment for free.
方滨兴 Prof. Binxing FANG
中国亍安全不新兴技术安全创新联盟 理亊长中国电子信息产业集团 首席科学家
Chairman, China Cloud Security and Emerging Technologies Security
Innovation Alliance
Chief Scientist, China Electronics Corporation (CEC)