CN110061838B - Decentralized storage system for DNS resource records and implementation method thereof - Google Patents

Decentralized storage system for DNS resource records and implementation method thereof Download PDF

Info

Publication number
CN110061838B
CN110061838B CN201910350269.5A CN201910350269A CN110061838B CN 110061838 B CN110061838 B CN 110061838B CN 201910350269 A CN201910350269 A CN 201910350269A CN 110061838 B CN110061838 B CN 110061838B
Authority
CN
China
Prior art keywords
dns
contract
information
node
block chain
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910350269.5A
Other languages
Chinese (zh)
Other versions
CN110061838A (en
Inventor
胡宁
王文通
刘亚萍
吴纯青
张硕
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou University
Original Assignee
Guangzhou University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou University filed Critical Guangzhou University
Priority to CN201910350269.5A priority Critical patent/CN110061838B/en
Publication of CN110061838A publication Critical patent/CN110061838A/en
Application granted granted Critical
Publication of CN110061838B publication Critical patent/CN110061838B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/13File access structures, e.g. distributed indices
    • G06F16/137Hash-based
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates

Abstract

The invention discloses a decentralized storage system of DNS resource records and a realization method thereof, wherein the system comprises: the on-chain storage layer stores DNS resource records, indexes key DNS resource records in external storage and source-tracing DNS resource records by using an intelligent contract; the system comprises a down-link storage layer, a DNS resource record is stored by adopting IPFS, each IPFS node corresponds to a hash address of an identification identity, and the hash address of the identification identity and the hash value of record information are stored in a block chain, so that the authenticity and the integrity of the resource record are ensured; the user layer comprises a DNS administrator and a DNS user, wherein the DNS administrator is responsible for registering and updating DNS database information, synchronizing DNS key data into an external storage, writing related information into a block by using an intelligent contract, and the DNS user inquires a resource record corresponding to a domain name through a DNS client, inquires records in a block chain and the external storage, and verifies the authenticity and integrity of the records.

Description

Decentralized storage system for DNS resource records and implementation method thereof
Technical Field
The invention relates to the technical field of block chains, in particular to a decentralized storage system of DNS resource records based on a alliance chain and an implementation method thereof.
Background
The System structure of the current DNS (Domain Name System) System is a centralized hierarchical structure, a DNS root server is used as a control center of the entire DNS System and is responsible for DNS global management and resolution, resolution and verification of all Domain names require the DNS root server to participate, and this System structure increases the processing burden of the root server on one hand and has a hidden trouble of single point failure on the other hand. When the root server is inaccessible or fails, the entire internet domain name system will be disabled.
The existing DNS system with a centralized hierarchical structure has the hidden danger of unilateral control. At present, 10 of 13 services are located in the united states, 2 are located in europe, 1 is located in japan, and the distribution and number of DNS servers are severely unbalanced, so that there is a serious unilateral control phenomenon in the ownership of a network space, which mainly includes two aspects: one is the risk of domain name disappearance. This can be accomplished by simply deleting the top-level domain name record for a particular country in the root server and denying the registration of domain names provided to that country. The second is the risk of denying access. In the root server and its mirror server, the resolution request from the top domain name of a certain country is rejected. An access policy for a particular domain name and a subset thereof may also be set in the root server, thereby breaking the network ownership of the organization to which the domain name corresponds.
PKI (Public Key Infrastructure) based DNS security solutions are difficult to deploy widely. The currently proposed DNS security enhancements or alternatives are mostly based on digital signatures and PKI infrastructure, and such schemes require modifications to the DNS protocol, are not compatible with traditional DNS systems, and are therefore difficult to deploy on a large scale, for example: at present, DNSSEC (Domain Name System Security Extensions) is deployed in 89% of top-level Domain Name servers, but the deployment rate of the second-level Domain Name is only 3%, which makes DNSSEC difficult to play a role in practical application. In addition, the PKI infrastructure itself has unilateral control problems that make it difficult to deploy around the globe.
In summary, because the too obvious centralized feature of the DNS system is an important reason that the potential safety hazard of the DNS system is difficult to cure radically, the DNS decentralized direction becomes an important development direction. Therefore, the invention proposes a decentralized DNS resource record storage, retrieval and verification method under the condition of not changing a DNS protocol.
Disclosure of Invention
In order to overcome the defects in the prior art, the invention aims to provide a decentralized storage system of DNS resource records and an implementation method thereof, which utilize the characteristics of decentralized alliance chain, data distributed storage, non-falsification and collective maintenance to realize the decentralized storage and retrieval of DNS resource records based on the alliance chain, prevent the DNS resource records from being maliciously falsified and forged on the premise of not changing a DNS protocol, and improve the resolution and verification efficiency of a DNS system.
To achieve the above object, the present invention provides a decentralized storage system for DNS resource records, comprising:
the on-chain storage layer stores DNS resource records, indexes DNS resource records in external storage and source-tracing DNS resource records by using an intelligent contract;
the system comprises a down-link storage layer, a data processing layer and a data processing layer, wherein the down-link storage layer stores DNS resource records by adopting IPFS, each IPFS node corresponds to a hash address for identifying an identity, and the hash address for identifying the identity and the hash value of record information are stored in a block chain to ensure the authenticity and the integrity of the resource records;
the user layer comprises a DNS manager and DNS users, wherein the DNS manager is responsible for registering and updating DNS database information, synchronizing DNS key data into external storage, and writing DNS registration information, updating information, recorded hash values, signature information and external storage link addresses into a block by using an intelligent contract; the DNS user inquires the resource record corresponding to the domain name through the DNS client, and further inquires the record in the block chain and the external storage according to the address corresponding to the domain name, and verifies the authenticity and the integrity of the record.
Preferably, the on-chain storage layer writes the hash value of the domain name information, the resource record signature, the update information, the external storage link, and the public key information into the block by using an intelligent contract, and ensures that the records stored in each node in the block chain network are the same by using a consensus algorithm, so as to provide authenticity and integrity guarantee for the resource record, the on-chain storage layer is further configured to index the key DNS resource record in the external storage, store the link address of the key resource record in the external storage and the hash value of the record in the block by using an intelligent contract, so as to associate the block chain and the external storage, store the blocks in the block chain in a time sequence, store the address of the resource record in the external storage and the update record information of the resource record in each block, and trace the history information of a certain domain name through the block chain.
Preferably, the intelligent contracts include a consensus contract, a relation contract, an ownership contract, a history contract and a service contract, and the DNS hierarchy, the resource record and the history update information are written into the block chain through the consensus contract, the relation contract, the ownership contract, the history contract and the service contract.
Preferably, the consensus contract is responsible for writing user registration information, the relation contract is responsible for storing DNS hierarchical relations, the ownership contract is responsible for recording specific information of a domain name managed by a domain name server, the history contract is responsible for writing DNS zone file update information including DNS resource records into a block chain, and the service contract is responsible for recording service records of the domain name server.
Preferably, after each node in the block chain is agreed by the consensus algorithm, the node is authorized to join the block chain network, and the consensus contract writes the user registration information into the block chain.
In order to achieve the above object, the present invention further provides a method for implementing a DNS resource record decentralized storage system, including the following steps:
step S1, a block chain network is constructed in a mode of a alliance chain, a registration application of a registration node is processed by an intelligent contract, the registration application is authorized by a consensus algorithm and then is added into the block chain network, a DNS zone file containing DNS resource records is written into the block chain network through the intelligent contract, management is carried out in a mode of combining up-chain and down-chain, complete data is stored in an external storage under the chain, a file hash value of the domain name resource records, an external link address and public key information for verifying external data are stored in the block chain on the chain, authenticity and integrity of the DNS data are guaranteed through the block chain, and meanwhile, a storage space of the block chain is expanded by an external storage system;
step S2, when updating data, the resource records to be updated are stored in a synchronous link through the server node, and the link address, the recorded hash value, and the state information of the domain name configuration file are sent to the service contract, the updated domain name information is stored by using the service contract, a history contract is generated, and the updated state and the updated content are recorded.
Preferably, the step S1 further includes:
the registration node proposes a registration application to the blockchain network;
the consensus contract pushes the message to the voting pool node for confirmation;
the voting pool node checks whether the domain name information is legal and unregistered, if the domain name is legal and unregistered, the registration is successful, otherwise, the registration is failed;
the consensus contract processes the voting result, if the voting result is legal, a relation contract is created, otherwise, the registration information is discarded;
the consensus contract forwards the registration message to the relationship contract;
the relation contract transfers the registration message to the corresponding server node;
the superior server node agrees to authorize the node and sends the application information and the self signature to the relationship contract;
the relation contract compiles the registration information and the signature of the authorization server and creates a service contract;
the relation contract writes the registered information into the service contract;
the address of the service contract is returned to the registration node, and the registration node performs domain name information operation by using the service contract.
Preferably, the method further comprises:
in the initial stage of the system, the consensus is about null, the temporary administrator node adds the initial node as required, once a set number of complete nodes are added, the temporary administrator is allowed to be removed, and the process of the consensus is executed according to the consensus algorithm.
In order to achieve the above object, the present invention further provides a decentralized search method for DNS resource records, comprising the following steps:
step S1, when the end user searches the domain name information, it sends the inquiry request to the credible server;
step S2, the trusted server searches the cache, if the cache is not hit, the trusted server sends a query request to a service contract in the block chain, and the service contract records the server corresponding to each domain name and an external link address;
step S3, the service contract returns the external address and the record hash value of the zone file corresponding to the retrieved domain name to the trusted server;
and step S4, after receiving the external link address, the trusted server inquires the external zone file record, and calculates the external record hash and the service contract return record hash to compare, so as to prevent the external record from being tampered, and if the two hash values have the same result, the trusted server returns the retrieved information to the end user.
Preferably, the method further comprises:
and verifying the retrieval result, converting a DNS centralized verification mode into a distributed verification mode, changing the verification of DNS resource records into a mode of searching for a collectively maintained account book by a block chain technology, and ensuring the authenticity and integrity of the records by using a signature mechanism and a Hash algorithm to ensure the mode of searching for the records on the chain.
Compared with the prior art, the invention provides a decentralized storage system of DNS resource records and an implementation method thereof, DNS zone files are written into an EtherFang block chain through an intelligent contract, management is carried out by adopting a mode of combining chain up/chain down, complete data is stored in external storage under the chain, file hash values of domain name Resource Records (RR), external link addresses and public key information for verifying external data are stored in the block chain on the chain, the authenticity and integrity of the DNS resource records are ensured through the block chain, and meanwhile, the expandability of the system is improved by utilizing the storage space of the block chain expanded by an external storage system.
Drawings
FIG. 1 is a schematic structural diagram of a method for decentralized storage, retrieval and verification of DNS resource records according to the present invention;
FIG. 2 is a schematic diagram of an intelligent contract in an embodiment of the invention;
FIG. 3 is a flowchart illustrating steps of a method for implementing a decentralized storage system for DNS resource records according to the present invention;
FIG. 4 is a network diagram of a federation chain in accordance with an embodiment of the present invention;
FIG. 5 is a schematic diagram of a node adding process in an embodiment of the present invention;
FIG. 6 is a flow chart of a consensus algorithm in an embodiment of the present invention;
FIG. 7 is a flow chart of a data update process in an embodiment of the present invention;
FIG. 8 is a flowchart illustrating steps of a method for decentralized information retrieval of DNS resource records in accordance with the present invention;
FIG. 9 is a diagram illustrating a data retrieval process according to an embodiment of the present invention;
FIG. 10 is a block chain based DNS resource record retrieval and validation process in an embodiment of the present invention;
FIG. 11 is a flowchart illustrating a key update process according to an embodiment of the present invention;
FIG. 12 is a diagram illustrating a process of retrieving and verifying resource records according to an embodiment of the present invention.
Detailed Description
Other advantages and capabilities of the present invention will be apparent to those skilled in the art from the present disclosure by describing embodiments of the present invention with specific embodiments and by referring to the accompanying drawings. The invention is capable of other and different embodiments and its several details are capable of modification in various other respects, all without departing from the spirit and scope of the present invention.
Fig. 1 is a schematic structural diagram of a decentralized storage system for DNS resource records according to the present invention.
As shown in fig. 1, the decentralized storage system for DNS resource records includes:
and the on-chain storage layer 10 is used for storing DNS resource records, key DNS resource records in the external storage of the index and source-tracing DNS resource records. Specifically, the on-chain storage layer 10 writes the hash value of the domain name information, the resource record signature, the update information, the external storage link, and the public key information into the block using the smart contract, and using a consensus algorithm to ensure that the records stored in each node in the blockchain network are the same, providing authenticity and integrity guarantees for the resource records, the on-chain storage layer 10 is also used to index DNS resource records in external storage, namely, the link address recorded in the external storage and the recorded hash value of the key resource are stored in the block by using the intelligent contract, so as to associate the block chain with the external storage, since the blocks in the block chain are stored in time sequence, and the address of the resource record in the external storage and the update record information of the resource record are stored in each block, the storage layer 10 on the chain can trace the history information of a certain domain name.
And the down-link storage layer 20 is used for storing DNS resource records. In the embodiment of the present invention, the down-link storage layer 20 adopts an external storage System of an IPFS (Inter platform File System), the IPFS stores record information submitted by a DNS administrator each time, each IPFS corresponds to a hash address identifying an identity, and the hash address identifying the identity and a hash value of the record information are stored in a block chain, so as to ensure the authenticity and integrity of the resource record.
The user layer 30 mainly includes two types of users: the system comprises a DNS administrator and a searching user, wherein the DNS administrator is responsible for registering and updating DNS database information, synchronizes DNS key data into an external memory, and writes DNS registration information, updating information, recorded hash values, signature information and external memory link addresses into a block by using an intelligent contract; the DNS user uses the DNS client to inquire the resource record corresponding to the domain name, and verifies the authenticity and integrity of the record for the retrieved IP address, the inquired block chain and the record in the external storage.
In order to facilitate the writing of DNS resource records into a block chain, the invention constructs 5 intelligent contracts, which comprise: a Consensus Contract (CC), a Relationship Contract (RC), an Ownership Contract (OC) (not shown), a History Contract (HC), and a Service Contract (SC). The DNS hierarchy, resource records, and history update information are written into the blockchain by these 5 contracts. In order to make contracts between nodes independent of each other, contracts can only be created by means of a generated contract. Specifically, the intelligent contract used by the on-chain storage tier 10 is shown in fig. 2, and the intelligent contract is as follows:
(1) consensus Contract (CC): the consensus contract is responsible for writing user registration information, and the meaning of each field of the consensus contract is as follows:
ethereum Addr: ether house address for authorized user to join
Reonsible Domain: domain name space responsible for management
User Type: user types including querying user, domain name applicant
RC Addr: contract addresses responsible for storing hierarchical relationships
After each node in the block chain is agreed by the consensus algorithm, the node is authorized to be added into the block chain network, and the consensus contract writes the complaint information into the block chain.
For the user registration process, the consensus agreement CC is used for verifying whether the registration node is repeatedly registered or not, and an attacker is prevented from maliciously performing rush injection. In order to construct the hierarchical relationship between DNS servers, a superior server stores an authorized inferior server through a relationship contract RC, the address of the relationship contract is stored in a consensus contract of registered nodes, and a new registered node is authorized and then added through a consensus algorithm, so that the newly added node is prevented from threatening a system. It should be noted that the consensus contract CC will be empty at the beginning of the system. Thus, the temporary administrator node would need to add an initial node, such as a top level domain name server node as the initial joining node. Once enough complete nodes have been added, the temporary administrator is allowed to be removed and the process of negotiating consistency is performed according to a consensus algorithm.
2) Relationship Contract (RC): the relation contract is responsible for storing the DNS hierarchical relation, and the meaning of each field of the relation contract is as follows:
ethereum Addr: authorized next level server Etherhouse address
Reonsable Domain: name space for which authorized next-level servers are responsible
IP: IP address of server
Level: server hierarchy
HC Addr: relational contract addresses
Server Signature: information signature
For the name space authorized by the server, in order to record the hierarchical relationship, the upper level server stores the name space, the IP and the associated ether house address information managed by the authorized name server in the relationship contract RC associated with the consensus contract CC. There are multiple name spaces authorized by the upper level server, and the relationship contract is responsible for recording each authorization record. For each authorization server message, the information is recorded in the blockchain according to the time sequence for subsequent searching and tracing.
3) Ownership Contract (OC): the ownership contract is responsible for recording specific information of a domain name managed by a domain name server, and the meaning of each field of the ownership contract is as follows:
ethereum Addr: resource record manager address information
Domain Name: domain name responsible for management
IP Addr: IP address corresponding to domain name
External Link: linking of resource records to external storage
Hash: hashing of resource records
HC Addr: address of history contract
Because the storage space of each block is limited, if the complete resource record information is stored in the block chain, the length of the block chain can be rapidly increased, and the management and maintenance are not easy. Therefore, to facilitate fast lookup of domain name address information, the domain name and address are stored directly in each tile, with other resource records stored in external storage. The externally stored Link address is saved in the External Link field. In order to prevent the external resource record from being maliciously tampered, the Hash value of the resource record is stored in the Hash field. DNS resource record information can be updated in real time, and the updated information is stored by constructing a history record contract. The addresses of the history contracts are saved in the ownership contracts.
The complete DNS resource is stored in the IPFS, each domain name configuration (zone) file corresponds to a node ID in the IPFS, the node ID is unchangeable, and only a DNS server administrator owns the node ID and is responsible for updating the DNS domain name configuration (zone) file. The updated domain name configuration (zone) file will be written to the blockchain by the history contract.
4) History Contract (HC): the history contract is responsible for writing the DNS zone file updating information into the block chain, and the specific meanings of each field of the history contract are as follows:
ethereum Addr: zone file manager address
New _ Hash: updated zone file hashing
Condition: state, add, modify, delete
IPFS ID: identification of users in IPFS
For the change information of the zone file, writing the changed information into a block chain through a history record contract, for the information changed each time, saving a copy submitted each time in an external IPFS, and simultaneously storing the hash of the record in the block chain to ensure that the zone file information submitted each time is not tampered, and tracing the zone file information through the block chain and the external IPFS.
5) Service Contract (SC) (not shown): the service record of the domain name server is recorded, and the specific meaning of each field of the service contract is as follows:
ethereum Addr: zone file manager address
Service Record: service record
Condition: status, add, modify, delete
IPFS ID: identification of users in IPFS
That is to say, the invention writes the DNS zone file into the ethernet block chain through the intelligent contract, and manages in a manner of combining up-chain and down-chain. The method comprises the steps of storing complete data in an external storage under a chain, storing a file hash value of a domain name Resource Record (RR), an external link address and public key information for verifying the external data in a block chain on the chain, ensuring the authenticity and integrity of DNS data through the block chain, and simultaneously expanding the storage space of the block chain by using an external storage system to improve the expandability of the system.
FIG. 3 is a flowchart illustrating steps of a method for implementing a decentralized storage system for DNS resource records according to the present invention. As shown in fig. 3, the method for implementing a decentralized storage system for DNS resource records according to the present invention includes the following steps:
step S1, a block chain network is built by adopting a mode of a alliance chain, a registration application of a registration node is processed by an intelligent contract and added into the block chain network, a DNS zone file is written into the block chain network by the intelligent contract and is managed by adopting a mode of combining up-chain and down-chain, complete data is stored in an external storage under the chain, a file hash value of a domain name Resource Record (RR), an external link address and public key information for verifying the external data are stored in the block chain on the chain, authenticity and integrity of the DNS data are guaranteed by the block chain, and meanwhile, a storage space of the block chain is expanded by an external storage system.
In a particular embodiment of the invention, the intelligent contracts include consensus contracts CC, relational contracts RC, ownership contracts OC, history contracts HC, and service contracts SC. The block chain network is constructed in a manner of a federation chain, and the server node authorizes to join the federation chain network, and a network schematic diagram of the federation chain is shown in fig. 4. Assuming that the server node joining the system has installed the Ethereum client and created the Ethereum address, the node adding process is as shown in fig. 5, specifically, the node adding process of step S1 is as follows:
1) a registration node proposes a registration application to a block chain network, wherein the registration application comprises an Ethereum address, domain name information, a server hierarchy to which the registration node belongs and identity information;
2) the consensus contract pushes the message to the voting pool node for confirmation;
3) the voting pool node checks whether the domain name information is legal and unregistered, if the domain name is legal and unregistered, the registration is returned successfully, otherwise, the registration is returned unsuccessfully;
4) the consensus contract processes the voting result, if the voting result is legal, a relation contract is created, otherwise, the registration information is discarded;
5) the consensus contract forwards the registration message to the relationship contract;
6) the relation contract transfers the registration message to the corresponding server node;
7) the superior server node agrees to authorize the node and sends the application information and the self signature to the relationship contract;
8) the relation contract compiles the registration information and the signature of the authorization server and creates a service contract;
9) the relation contract writes the registered information into the service contract;
10) the address of the service contract is returned to the registration node, and the registration node performs domain name information operation by using the service contract.
It can be seen that, in the user registration process, the consensus contract CC verifies whether the registration node is repeatedly registered, so as to prevent an attacker from performing malicious remarking, in order to construct a hierarchical relationship between DNS servers, the upper level server stores an authorized lower level server through a relationship contract, and the address of the relationship contract is stored in the consensus contract of the registration node. And the newly registered node is authorized to be added through a consensus algorithm, so that the newly added node is prevented from threatening the system. It should be noted that in the start phase of the system, the consensus contract CC will be empty, and therefore the temporary administrator node will need to add an initial node, e.g. the top level domain name server node as the initial joining node. Once enough complete nodes have been added, the temporary administrator is allowed to be removed and the process of negotiation is performed according to a consensus algorithm.
The consensus algorithm (i.e., the consensus process for data update) used in the embodiments of the present invention is described below:
1) idea of algorithm
In consideration of the limitation of the PBFT (consensus algorithm) algorithm in terms of network bandwidth and node communication modes, the PBFT algorithm does not require that each message is sequenced first, each node only needs to complete the verification and confirmation of the message, the 3-time broadcasting process of the PBFT is reduced to 2 times, and the communication overhead of the network is reduced.
2) Symbol representation
If the number of the nodes participating in the consensus in the system is N and the maximum tolerable malicious node number is f, N must satisfy the formula N being more than or equal to 3f +1, the consensus nodes in the system participate in the accounting process, and the common nodes can see the consensus process but do not participate. The nodes participating in consensus are divided into two types: master node m, slave node s. In order to ensure the authenticity and integrity of the message, a signature mode is adopted in the message sending process, the function sigma is set as a signature function, msg is the message to be sent, hash is a hash function, and the signature value Sig is expressed as
Sigmsg=σ(hash(msg))
The data set needed in each round of consensus process is marked as view v, the sets are numbered from 0, if the current set does not achieve consensus, the next set needs to be entered until consensus is achieved. And numbering the nodes involved in the consensus process, selecting one node as a main node in each turn, and taking other nodes as slave nodes.
Assume that the nodes participating in the consensus initially have the same initial state, i.e. the initial block height h, the last block hash, and the version number are consistent. The relationship between the initial view number and the host node number is shown in formula (1)
Figure GDA0003679254280000111
If the non-common node receives the transaction information, the message is forwarded. The consensus node initiates a consensus request by the main node, the sub-consensus node verifies the correctness of the message when receiving the transaction message, if the message is verified to be correct, the information is stored, and consensus confirmation broadcast is sent, otherwise, view updating information is broadcast. When the consensus process is finished, the transaction information is deleted, the view and the block height are updated, and a new phase is prepared to be entered, specifically, the flow of the consensus algorithm is as shown in fig. 6. The consensus algorithm mainly comprises two aspects:
A. host node broadcasts consensus requests
The host node m broadcasts a consensus proposal message to other consensus nodes at the time t
{ConsensusRequest,h,v,m,Block,SigBlock}
Wherein, ConsensussRequest represents that the message type is a consensus request, h is the current Block height, v is the current view number, m is the master node number, the Block formed by the transaction in a Block period, SigBlockThe block information is signed.
B. Child node consensus confirmation phase
After each consensus process sub-node receives the broadcast message of the main node, the correctness of the message is verified in sequence, if the message is correct, the consensus confirmation information is broadcast:
<ConsensusConfirm,h,v,s,SigBlock>
wherein ConsenssConfirm represents that the message type is a consensus request, h is the current block height, v is the current view number, s is the child node number, SigBlockIs a block signature.
After each consensus node receives the broadcast message, the following processes are executed to judge the correctness of the message:
a. judging whether the format of the message is correct or not, wherein the format comprises the type of the message, the height of the current block, the number of the main node and the signature, and if not, carrying out a view updating process;
b. judging the correctness of the transaction in the current block, including whether the transaction exists, whether the verification script of the transaction is correct or not and whether repeated transaction is included or not, and if the transaction is incorrect, turning to the step d;
c. if both steps a and b are verified, then each transaction in the block is legal;
d. broadcasting a view change message;
if the received message is incorrect, a view change message is broadcast. If each consensus node receives the consensus confirmation message of at least 2f consensus nodes, the block is proved to be accepted by most nodes in the network, namely the consensus is achieved, the block is added to a block chain, and the block is broadcasted.
When the main node fails and does not broadcast the consensus request message within the specified time t or the view update message broadcast by the child node is not confirmed by 2f nodes, the view update operation is executed, and the update process is as follows:
a. first add v to view v +1
b. The child node sends a change view message
<ViewChange,h,v,s,v′,Sigmsg>
Wherein ViewChange represents that the message type is view update, h is the current block height, v is the current view number, s is the child node number, v is the new view number, SigmsgSigning messages
c. And if the number of the view updating broadcast messages received by the consensus node exceeds 2f, updating the view to v', updating the main node to m +1, and starting a new consensus process.
d. If the number of the received view updating messages is less than 2f, returning to the step a for continuous execution.
B. Setting of host node dead time t
When the master node network is unstable or the network fluctuates among the consensus nodes, frequent view changes may be caused, and network resources may be consumed. In order to avoid frequent triggering of view swapping due to network fluctuation, the time t for the master node to work should be increased along with the index of view updating, and when the view is updated frequently, the time t should be increased to indicate that the network fluctuates. The time t is set to satisfy the following function,
T(k)=2k·t,k=0,1,2,...
the function T is exponentially increased along with the view updating times, so that the waste of network resources caused by frequent view replacement due to network fluctuation can be avoided.
Step S2, when updating data, the server node stores the resource record to be updated in the synchronization link, sends the link address of the domain name configuration (zone) file, the recorded hash value, and the state information to the service contract, stores the updated domain name information using the service contract, generates a history contract, and records the updated state and the updated content. In the embodiment of the present invention, it is assumed that a server node that is to update a domain name configuration (zone) file is already registered in a system, a database management component of the server node synchronizes resource records to be updated to a linked storage, and sends a link address, a recorded hash value, and state information of the zone file in an IPFS to a service contract, it should be noted that the linked storage may also perform the same function using a database and a cloud storage, even if the IPFS is used, original data can still be accessed, and the IPFS has a decentralized feature, and the service contract stores updated domain name information and generates a contract history to record an updated state and updated content.
Specifically, as shown in fig. 7, the data update process is as follows:
(1) the server node database management component generates an update record;
(2) the database management component synchronizes the update record to an external IPFS system and generates an external storage link and a record hash value;
(3) the server node sends the link address, the recorded hash value and the state information to a service contract;
(4) the service contract records the updated domain name information and generates a history contract;
(5) the service contract sends the updated record and the state information to the historical contract;
(6) the history contract writes the update record and the state information into the block chain.
FIG. 8 is a flowchart illustrating the steps of a method for decentralized information retrieval of DNS resource records according to the present invention. In the present invention, the blockchain network is responsible for storing the index of the record and provides guarantees on the authenticity and integrity of the record. The block chain network is responsible for the writing and reading of records by contracts, and contracts are created by the existing contracts, so that the safety in the contract creation and data transmission process is ensured. The trusted domain consists of a local network or a trusted server node, and the end user retrieves domain name information through the trusted server. The complete domain name configuration (zone) file is stored in an external storage, and the link address and record hash of the external storage are saved in the block chain. As shown in fig. 8, the method for decentralized information retrieval of DNS resource records of the present invention includes the following steps:
step S601, when the end user retrieves the domain name information, a query request is sent to a trusted server;
step S602, the trusted server searches for a cache, if the cache is not hit, a query request is initiated to a service contract in the block chain, and the service contract records a server and an external link address corresponding to each domain name;
step S603, the service contract returns the external address and the record hash value of the zone file corresponding to the retrieved domain name to the trusted server;
step S604, after receiving the external link address, the trusted server inquires the external zone file record, and calculates the external record hash and the service contract return record hash to compare, so as to prevent the external record from being tampered, and if the two hash values have the same result, the trusted server returns the retrieved information to the end user.
Specifically, as shown in fig. 9, the information retrieval process is as follows:
(1) end user initiates query request
(2) The trusted server searches for a local cache record, and if the local cache record is not hit, a query request is initiated to a service contract in the block chain
(3) The service contract inquires the storage record, if the record stored in the domain name and the inquiry content is the corresponding IP address, the IP address is returned, and if the inquiry content is other records, the external storage address of the zone file is returned;
(4) the credible server receives the service contract return result, if the user inquiry content is the IP address corresponding to the domain name, the IP address is returned, and if the user inquiry content is other records, the server searches for the external storage
(5) The trusted server searches for external storage;
(6) calculating the hash of the external zone file and the hash of the service contract return record for comparison, if the two are the same, not tampering the external file, and retrieving the corresponding resource record;
(7) and returning a query result.
Preferably, the information retrieval method further includes the steps of:
and verifying the retrieval result. In the invention, a DNS centralized verification mode is converted into a distributed verification mode, namely, the verification of DNS resource records is changed into the mode of searching for a collectively maintained account book through a block chain technology, and the authenticity and the integrity of the records are ensured by utilizing a signature mechanism and a Hash algorithm to ensure the mode of searching for the records on a chain.
Fig. 10 is a schematic diagram illustrating a process of retrieving and verifying DNS resource records based on a block chain in an embodiment of the present invention. Specifically, the invention verifies a DNS system based on a block chain, stores each zone file of the DNS in an external database, stores zone file signatures, external indexes and public key information in the block chain, provides authenticity and integrity protection of the zone files by using the characteristics of decentralized block chain, collective maintenance and difficult tampering, takes verifying the authenticity of www.aa.com address records as an example, and only needs 2 times of query, namely querying the block chain to obtain an external link address, querying the external link address to obtain the address record, performing 1 time of hash operation and 1 time of encryption operation to verify the authenticity and integrity of the zone files.
1) Identity binding
Records in the blockchain can be retrieved by nodes in all blockchains, and if the public key of the user is directly bound with domain name information, identity information and public key information of the node can be revealed. Therefore, the present invention is designed to adopt the flow of fig. 11 for the secret key of the user under the condition of solving the binding between the secret key and the identity information and protecting the privacy of the user.
And the data is updated through verifying the authenticity and the integrity of the public key issued in the block chain, and the off-line stored private key is responsible for updating the public key in the block chain. The user locally generates a pair of offline keys, and the online keys are generated by the offline private key and the online public key generated in the previous step by using a function F, as shown in formula (2).
(skn,pkn)=F(skf,pkn-1), (2)
When the user updates the information, the public key is used for signing, and the identity information is ensured to be separated from the secret key information associated with the real identity.
When the server sends the key information to the block chain, the server sends the key registration broadcast information:
<key_register,id,values=(pk,σ)>
the key _ register is used for registering a message type as a secret key, id is an identity, sigma is sig (sk, id), and sigma is a signature of the identity id by using a private key sk, so that the node is proved to have the private key sk corresponding to the public key pk.
2) Key updating
The updating of the online public key is completed by sending the new and old public keys to the block chain and attaching the signature. Through digital signature, a new public key is generated by a holder of a corresponding private key of an old public key, and a sender of a message is ensured to be the owner of the old public key.
The server sends the key to update the broadcast information:<key_update,id,values=(pkold,pknew,σ1,σ2)>
wherein key _ update is the message type of key update, id is the ID, σ 1 ═ sig (sk)old,(id,pknew) σ 1 is the signature of the identity and the new public key with the old key signature, which proves that the node has the old public key pkoldCorresponding private key skoldAnd pknewAnd the new public key corresponding to the node id. Sigma 2 sig (sk)newId), σ 2 is the new private key sknewThe signature of the identity id proves that the node has the new public key pknewCorresponding to the new private key sknew
3) Verification process
A. Key update verification
After each accounting node receives the key updating request, the following verification is carried out:
judging whether the id identification is associated with pk in the block chain or notoldMatching the corresponding id;
whether the signature σ 1 is correct;
whether the signature σ 2 is correct.
If one of the items fails verification, the transaction is discarded, otherwise the message is packaged into blocks and a confirmation of the message is broadcast.
B. Resource record retrieval and validation
The process of retrieving the authentication domain for a resource record is shown in fig. 12. If the domain name D has no record in the block chain summary, returning no record, ending the retrieval process, and if the block chain has the retrieval record, firstly retrieving the link file and carrying out the following verification:
a, judging whether the hash value of the file stored in the block chain is the same as the file value in the external memory or not
b, judging whether the signature in the block chain is the same as the signature value of the external file by using the public key in the block chain
c if the two items are different, returning an error, otherwise, returning a correct query result.
In summary, the decentralized storage system of DNS resource records and the implementation method thereof of the present invention write a DNS zone file into an ethernet block chain through an intelligent contract, manage in a manner of combining chain up/chain down, store complete data in external storage under a chain, store a file hash value of a domain name Resource Record (RR), an external link address, and public key information for verifying external data in the block chain on the chain, ensure authenticity and integrity of DNS data through the block chain, and improve system expandability by expanding a storage space of the block chain by using an external storage system.
Compared with the prior art, the invention has the following advantages:
1) the system can be deployed gradually, does not need to change a DNS protocol, and can be compatible with a DNS system;
2) the DNS zone file is subjected to decentralized storage and management, the DNS zone file and a alliance chain are combined by utilizing an alliance chain idea and an intelligent contract technology, and the characteristics of decentralized storage, distributed management and collective maintenance of a block chain are utilized to ensure the safe and reliable decentralized storage of the DNS zone file;
3) the domain name information decentralized retrieval and verification utilizes a block chain decentralized consensus mechanism and a signature mechanism to ensure the correctness of a retrieval result and complete domain name verification while domain name retrieval.
The foregoing embodiments are merely illustrative of the principles and utilities of the present invention and are not intended to limit the invention. Modifications and variations can be made to the above-described embodiments by those skilled in the art without departing from the spirit and scope of the present invention. Therefore, the scope of the invention should be determined from the following claims.

Claims (5)

1. A system for decentralized storage of DNS resource records, comprising:
the on-chain storage layer stores DNS resource records, indexes DNS resource records in external storage and source-tracing DNS resource records by using an intelligent contract;
the system comprises a down-link storage layer, a data processing layer and a data processing layer, wherein the down-link storage layer stores DNS resource records by adopting IPFS, each IPFS node corresponds to a hash address for identifying an identity, and the hash address for identifying the identity and the hash value of record information are stored in a block chain to ensure the authenticity and the integrity of the resource records;
the user layer comprises a DNS manager and DNS users, wherein the DNS manager is responsible for registering and updating DNS database information, synchronizing DNS key data into external storage, and writing DNS registration information, updating information, recorded hash values, signature information and external storage link addresses into a block by using an intelligent contract; a DNS user inquires a resource record corresponding to a domain name through a DNS client, and further inquires a block chain and a record in an external storage according to an address corresponding to the domain name, so as to verify the authenticity and the integrity of the record;
the on-chain storage layer writes a hash value of a domain name resource record, a resource record signature, update information, an external storage link and public key information into a block by using an intelligent contract, ensures that records stored in each node in a block chain network are the same by using a consensus algorithm, and provides authenticity and integrity guarantee for the resource record;
the intelligent contracts comprise but are not limited to consensus contracts, relation contracts, ownership contracts, history records contracts and service contracts, and DNS hierarchy relations, resource records and history updating information are written into the block chain through the consensus contracts, the relation contracts, the ownership contracts, the history records contracts and the service contracts;
and after each node in the block chain is agreed by a consensus algorithm, authorizing the node to join the block chain network, and writing the user registration information into the block chain by the consensus contract.
2. The decentralized storage system according to claim 1, wherein: the consensus contract is responsible for writing user registration information, the relation contract is responsible for storing a DNS hierarchical relation, the ownership contract is responsible for recording specific information of a domain name managed by a domain name server, the history record contract is responsible for writing DNS zone file updating information into a block chain, and the service contract is responsible for recording service records of the domain name server.
3. A method for implementing the decentralized storage system of DNS resource records, which is applied to the decentralized storage system of DNS resource records according to any one of claims 1 to 2, the method comprising the steps of:
step S1, a block chain network is constructed in a mode of a alliance chain, a registration application of a registration node is processed by an intelligent contract, the registration application is authorized by a consensus algorithm and then is added into the block chain network, a DNS zone file containing DNS resource records is written into the block chain network through the intelligent contract, management is carried out in a mode of combining up-chain and down-chain, complete data is stored in an external storage under the chain, a file hash value of the domain name resource records, an external link address and public key information for verifying external data are stored in the block chain on the chain, authenticity and integrity of the DNS data are guaranteed through the block chain, and meanwhile, a storage space of the block chain is expanded by an external storage system;
step S2, when updating data, the resource records to be updated are stored in a synchronous link through the server node, and the link address, the recorded hash value, and the state information of the domain name configuration file are sent to the service contract, the updated domain name information is stored by using the service contract, a history contract is generated, and the updated state and the updated content are recorded.
4. The method as claimed in claim 3, wherein the step S1 further comprises:
the registration node proposes a registration application to the blockchain network;
the consensus contract pushes the message to the voting pool node for confirmation;
the voting pool node checks whether the domain name information is legal and unregistered, if the domain name is legal and unregistered, the registration is successful, otherwise, the registration is failed;
the consensus contract processes the voting result, if the voting result is legal, a relation contract is created, otherwise, the registration information is discarded;
the consensus contract forwards the registration message to the relationship contract;
the relation contract transfers the registration message to the corresponding server node;
the superior server node agrees to authorize the node and sends the application information and the self signature to the relationship contract;
the relation contract compiles the registration information and the signature of the authorization server and creates a service contract;
the relation contract writes the registered information into a service contract;
the address of the service contract is returned to the registration node, and the registration node performs domain name information operation by using the service contract.
5. The method of claim 4, wherein the method further comprises:
in the initial stage of the system, the consensus is about null, the temporary administrator node adds the initial node as required, once a set number of complete nodes are added, the temporary administrator is allowed to be removed, and the process of the consensus is executed according to the consensus algorithm.
CN201910350269.5A 2019-04-28 2019-04-28 Decentralized storage system for DNS resource records and implementation method thereof Active CN110061838B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910350269.5A CN110061838B (en) 2019-04-28 2019-04-28 Decentralized storage system for DNS resource records and implementation method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910350269.5A CN110061838B (en) 2019-04-28 2019-04-28 Decentralized storage system for DNS resource records and implementation method thereof

Publications (2)

Publication Number Publication Date
CN110061838A CN110061838A (en) 2019-07-26
CN110061838B true CN110061838B (en) 2022-07-19

Family

ID=67321357

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910350269.5A Active CN110061838B (en) 2019-04-28 2019-04-28 Decentralized storage system for DNS resource records and implementation method thereof

Country Status (1)

Country Link
CN (1) CN110061838B (en)

Families Citing this family (53)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110492997B (en) * 2019-08-09 2020-12-01 华南理工大学 Encryption system, method, device and storage medium based on super account book
CN112468603B (en) * 2019-09-06 2022-01-11 傲为信息技术(江苏)有限公司 Domain name query system and method based on block chain
CN112468525B (en) * 2019-09-06 2022-06-28 傲为有限公司 Domain name management system based on block chain
CN111031086B (en) * 2019-10-08 2022-11-08 安徽华博胜讯信息科技股份有限公司 Block chain data storage method and system
WO2021071421A1 (en) * 2019-10-10 2021-04-15 Standard Chartered Bank (Singapore) Limited Methods, systems, and devices for managing digital assets
WO2020035090A2 (en) * 2019-11-08 2020-02-20 Alipay (Hangzhou) Information Technology Co., Ltd. Lightweight decentralized application platform
CN110880966B (en) * 2019-11-22 2022-05-06 哈尔滨工业大学 Domain name resolution system building and domain name query method
CN111460489B (en) * 2019-12-09 2023-06-06 重庆锐云科技有限公司 IPFS-based block chain customer perpetual storage method
CN110737668B (en) * 2019-12-17 2020-12-22 腾讯科技(深圳)有限公司 Data storage method, data reading method, related device and medium
CN111210223A (en) * 2019-12-17 2020-05-29 广东文储区块链科技有限公司 Method and system for clearing block chain of decentralized storage area
CN111200642B (en) * 2019-12-26 2022-08-23 下一代互联网关键技术和评测北京市工程研究中心有限公司 Authoritative DNS server information distribution method and system
CN111144578B (en) * 2019-12-27 2023-07-28 创新奇智(重庆)科技有限公司 Artificial intelligence model management system and management method in distributed environment
CN111061698B (en) * 2019-12-30 2023-09-05 语联网(武汉)信息技术有限公司 Method and device for storing Ethernet contract data
CN111310238A (en) * 2020-02-12 2020-06-19 腾讯科技(深圳)有限公司 File management method and device
SG11202012921XA (en) * 2020-02-14 2021-01-28 Alipay Hangzhou Inf Tech Co Ltd Data authorization based on decentralized identifiers
CN111343267B (en) * 2020-02-24 2022-08-12 深圳木成林科技有限公司 Configuration management method and system
CN111031076B (en) * 2020-03-06 2020-07-10 南京畅洋科技有限公司 Internet of things block chain consensus method based on timing mechanism
CN111445245A (en) * 2020-03-27 2020-07-24 北京瑞卓喜投科技发展有限公司 Certificate index updating method and device for security type general certificate
CN111177277B (en) * 2020-04-10 2020-08-04 支付宝(杭州)信息技术有限公司 Data storage method, transaction storage method and device
CN111901447B (en) * 2020-05-27 2022-09-20 伏羲科技(菏泽)有限公司 Domain name data management method, device, equipment and storage medium
CN111885212B (en) * 2020-06-03 2023-05-30 山东伏羲智库互联网研究院 Domain name storage method and device
EP3837617B1 (en) * 2020-06-08 2023-08-02 Alipay Labs (Singapore) Pte. Ltd. Distributed storage of custom clearance data
CN111835884B (en) * 2020-07-13 2022-11-04 北京好扑信息科技有限公司 Virtual address generation method for block chain
CN112187900B (en) * 2020-09-18 2022-03-01 中国科学院计算技术研究所 DNS data updating method and system based on block chain shared cache
US11757652B2 (en) * 2020-09-25 2023-09-12 Wickr Inc. Decentralized system for securely resolving domain names
CN112241435A (en) * 2020-10-23 2021-01-19 山西特信环宇信息技术有限公司 Cone block chain storage system and consensus storage method
CN112286881B (en) * 2020-10-28 2024-04-05 金蝶云科技有限公司 Document authentication tracing method and device
CN112214456B (en) * 2020-11-05 2022-05-10 深圳市瀚兰区块链地产有限公司 House property data processing method and device and electronic equipment
CN112437089A (en) * 2020-11-26 2021-03-02 交控科技股份有限公司 Train control system key management method and device based on block chain
CN112702390B (en) * 2020-12-07 2022-04-15 北京大学 Block chain-based networking method and device for intelligent contract resources
CN112686673A (en) * 2020-12-18 2021-04-20 上海黑犇互联网科技有限公司 Article traceability system based on IPFS and ETH
CN112637330B (en) * 2020-12-22 2022-05-10 山东大学 Block chain large file copy address selection method, system, equipment and storage medium
CN112529581A (en) * 2020-12-23 2021-03-19 广州大学 Domain name data storage system based on block chain and data transaction implementation method thereof
CN112822279B (en) * 2021-01-13 2023-03-24 精英数智科技股份有限公司 Monitoring method and device based on intelligent sensing and trusted storage
CN112948847A (en) * 2021-02-02 2021-06-11 山东伏羲智库互联网研究院 Data sharing system based on block chain and data correctness verification method
CN112818038A (en) * 2021-02-02 2021-05-18 山东伏羲智库互联网研究院 Data management method based on combination of block chain and IPFS (Internet protocol file system) and related equipment
CN113064886B (en) * 2021-03-04 2023-08-29 广州中国科学院计算机网络信息中心 Method for storing and marking management of identification resource
CN113127811B (en) * 2021-03-09 2024-03-19 西北大学 Cultural relic digital resource safe sharing method, system and information data processing terminal
CN113098941B (en) * 2021-03-25 2022-07-01 浙江大学 Virtual reality content distributed management method and system based on integral excitation
CN113064876A (en) * 2021-03-25 2021-07-02 芝麻链(北京)科技有限公司 IPFS file processing method
CN113064898A (en) * 2021-04-06 2021-07-02 北京瑞卓喜投科技发展有限公司 Retrieval method and device based on miniature index of contract on chain and electronic equipment
CN113067836B (en) * 2021-04-20 2022-04-19 哈尔滨工业大学 Intelligent contract system based on decentralized DNS root zone management
CN113157698B (en) * 2021-04-23 2022-10-28 上海和数软件有限公司 Data query verification method and system based on block chain technology
KR102650336B1 (en) * 2021-05-04 2024-03-22 계명대학교 산학협력단 Method and apparatus for providing lightweight blockchain using external strorage and pbft consensus algorithm
CN113312640B (en) * 2021-05-31 2022-05-24 天津理工大学 Software data integrity multi-party consensus method based on trusted computing
CN113422767B (en) * 2021-06-21 2022-04-19 哈尔滨工业大学 Domain name registration management method and system based on block chain
CN114629631B (en) * 2021-07-21 2024-01-09 国网河南省电力公司信息通信公司 Data trusted interaction method and system based on alliance chain and electronic equipment
CN113538149B (en) * 2021-07-28 2024-02-27 浙江数秦科技有限公司 Multi-source data fusion platform based on block chain
CN113608703A (en) * 2021-08-24 2021-11-05 上海点融信息科技有限责任公司 Data processing method and device
CN113657899A (en) * 2021-10-19 2021-11-16 支付宝(杭州)信息技术有限公司 Method, device and system for transferring property right
CN114185997B (en) * 2022-02-17 2022-05-13 天津眧合数字科技有限公司 Pet information credible storage system based on block chain
CN114666277B (en) * 2022-05-05 2023-10-24 中国互联网络信息中心 Domain name based data processing method and device
CN115174385B (en) * 2022-06-15 2024-04-02 桂林电子科技大学 Firmware software updating method for industrial Internet of things equipment based on blockchain

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106910051A (en) * 2017-01-11 2017-06-30 中国互联网络信息中心 A kind of DNS resource record notarization method and system based on alliance's chain
CN108023894A (en) * 2017-12-18 2018-05-11 苏州优千网络科技有限公司 Visa information system and its processing method based on block chain

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107273410B (en) * 2017-05-03 2020-07-07 上海点融信息科技有限责任公司 Block chain based distributed storage
EP3631659A4 (en) * 2017-05-22 2021-03-17 Haventec PTY LTD System for blockchain based domain name and ip number register
CN107563905A (en) * 2017-07-20 2018-01-09 西安电子科技大学 A kind of academic platform service system and method for building up based on block chain
CN107613041B (en) * 2017-09-22 2020-06-05 中国互联网络信息中心 Domain name management system, domain name management method and domain name resolution method based on block chain
CN109034833B (en) * 2018-06-16 2021-07-23 复旦大学 Product tracing information management system and method based on block chain
CN109491968B (en) * 2018-11-13 2021-01-22 恒生电子股份有限公司 File processing method, device, equipment and computer readable storage medium
CN109327562B (en) * 2018-12-10 2022-05-13 中共中央办公厅电子科技学院 Domain name storage system and method based on block chain

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106910051A (en) * 2017-01-11 2017-06-30 中国互联网络信息中心 A kind of DNS resource record notarization method and system based on alliance's chain
CN108023894A (en) * 2017-12-18 2018-05-11 苏州优千网络科技有限公司 Visa information system and its processing method based on block chain

Also Published As

Publication number Publication date
CN110061838A (en) 2019-07-26

Similar Documents

Publication Publication Date Title
CN110061838B (en) Decentralized storage system for DNS resource records and implementation method thereof
CN108124502B (en) Top-level domain name management method and system based on alliance chain
CN110268677B (en) Cross-chain interaction using domain name scheme in blockchain system
CN108064444B (en) Domain name resolution system based on block chain
CN108681965B (en) Block chain network transaction processing method and device for offline node
US11368450B2 (en) Method for bidirectional authorization of blockchain-based resource public key infrastructure
KR20090015026A (en) Peer-to-peer contact exchange
CN113824563B (en) Cross-domain identity authentication method based on block chain certificate
US11729175B2 (en) Blockchain folding
WO2022134951A1 (en) Data synchronization method and apparatus, and device and computer-readable storage medium
CN101771537A (en) Processing method and certificating method for distribution type certificating system and certificates of certification thereof
Wang et al. ConsortiumDNS: A distributed domain name service based on consortium chain
CN110149335B (en) Method and equipment for establishing private area for block chain data privacy protection
CN105007302A (en) Mobile terminal data storage method
CN113269546B (en) User identity card system and method based on block chain
CN112116349B (en) High-throughput-rate-oriented random consensus method and device for drawing account book
CN111737352B (en) Supply chain information collaborative management method based on block chain
Wang et al. Blockzone: A blockchain-based dns storage and retrieval scheme
CN109918451B (en) Database management method and system based on block chain
Liu et al. A comparative study of blockchain-based dns design
CN108876378B (en) Public link data encryption backup method
CN110673966A (en) Data interaction method based on block chain up-link down cooperation
CN109067849A (en) Method of data synchronization based on block
WO2023221719A1 (en) Data processing method and apparatus, computer device, and readable storage medium
CN114930770A (en) Certificate identification method and system based on distributed ledger

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant