IDV: Internet Domain Name Verification Based on Blockchain

The rapid development of blockchain technology has provided new ideas for network security research. Blockchain-based network security enhancement solutions are attracting widespread attention. This paper proposes an Internet domain name verification method based on blockchain. The authenticity of DNS (Domain Name System) resolution results is crucial for ensuring the accessibility of Internet services. Due to the lack of adequate security mechanisms, it has always been a challenge to verify the authenticity of Internet domain name resolution results. Although the solution represented by DNSSEC (Domain Name System Security Extensions) can theoretically solve the domain name verification problem, it has not been widely deployed on a global scale due to political, economic, and technical constraints. We argue that the root cause of this problem lies in the significant centralization of the DNS system. This centralized feature not only reduces the efficiency of domain name verification but also has the hidden risks of single point of failure and unilateral control. Internet users may disappear from the Internet due to the results of fake, subverted, or misconfigured domain name resolution. This paper presents a decentralized DNS cache verification method, which uses the consortium blockchain to replace the root domain name server to verify the authenticity of the domain name. Compared with DNSSEC's domain name verification process, the verification efficiency of this method has increased by 30%, and there is no single point of failure or unilateral control risk. In addition, this solution is incrementally deployable, and even if it is deployed on a small number of content delivery network servers, satisfactory results can be obtained.