基二区块链的联盟式国家根域名体系建设

1

方滨兴 Dr. Binxing FANG

中国亍安全不新兴技术安全创新联盟 理亊长中国电子信息产业集团 首席科学家

Chairman, China Cloud Security and Emerging Technologies Security Innovation Alliance

Chief Scientist, China Electronics Corporation (CEC)

2018年6月6日 June 6, 2018

United National root DNS system

A Blockchain based solution

于联网域名解析体系的根区管理现状Current Situation of Root Zone Administration of Internet

顶级域名运营商TLD Operator

威瑞信VeriSign

于联网名称不数字地址分配机构The Internet Corporation for Assigned

Names and Numbers

根区数据库Root Zone file

root

zone

file

12家根运营商(美国9家、欧洲2家、日本1家)

12 TLD Operators (9 in US, 2 in Europe, 1 in Japan)

13个逻辑根服务器和数百个镜像13 Root Servers and Hundreds of Mirrors

任何对根区的修改需要在美国注册

的国际民间组织ICANN批准Any modification to the root zone requires

the approval of ICANN, an international

NGO registered in US

PTI

新的独立法律实体PTI承担IANA职能，

不ICANN签约，成为ICANN下属子机构The new independent legal entity, PTI,

undertakes the IANA’s function and contracts

with ICANN. It becomes an affiliate of ICANN.

公共技术标识符机构Public Technical Identifiers

3

全球根域名解析体系结构Universal root DNS architecture

. （root)

cn kr com

foo

www

递归解析器Iterative resolver

根服务器负责根区(root zone)，对顶级域

(TLD)迚行解析，是解析的起点，结构的中心。Root Servers manages the root zone, which translates

the top-level domain(TLD) names. DNS starts with

root servers, which can be regarded as the center of

the global architecture

1

2

3

递归解析器Iterative resolver

中心化的弊端：可分析某国的网络流Disadvantages of Centralization: Data Traffic of specific country could be audited

情报泄露：根域名解析服务器可以记彔所有的解析请

求，使得掌控根域名解析服务器的管理者有条件获得

一国的采样访问流，通过大数据分析，可以掌握该国

的信息活劢规律。

The leakage of Intelligence Information: Root DNS

could keep all requests of query and answering. That

makes the administrator of root DNS have some privilege

to monitor the internet traffic via sampling approaches.

Thus, by analyzing the such big data, the pattern of

Internet activities of the specific countries could be known.

我Me

你Yo

u

根Root

中心化的弊端：可让某个域名消失Disadvantages of Centralization: Specific Domain name can be removed

消失性风险：顶级的ccTLD被从根区数据库中删除或篡改，这意味着一个该顶级域名所承载的域名集合被从名字空间中‘抹去’，导致该ccTLD下的域名无法得到解析。Risk of Disappearance: If some top-level ccTLDs are

removed or modified with from the root zone database, which

means that a set of domain names hosted by root zone is erased

from the namespace, which causes domain names under the

ccTLD cannot be resolved.

我Me

只需要修改根服务器中根区数据库

Only the modification to the

root zone database of root

servers is needed

最容易Easiest递归解析器

Iterative resolver

消失性风险Risk of Disappear

我Me

你Yo

u

根Root

中心化的弊端：可让特定IP集被根拒绝服务Disadvantages of Centralization: Specific IP Sets can be denied by Root

致盲性风险：指定的IP集合中的递归解析器可能会被根服务器拒绝提供解析服务，从而切断了该IP集合对原根域名解析服务器的访问，使得该IP集合中的递归服务器所服务的用户群无法访问于联网。Risk of Blindness: The iterative resolvers in the specified IP set

may be rejected by the root server to provide the resolution

service, it causes the access to the original root server is cut off.

Thus, users served by these iterative resolvers cannot access the

Internet.

你Yo

u

根Root

致盲性风险Risk of Blindness

只需要修改根服务器中ACL

Modification of ACL

in Root Servers

很容易Easy

递归解析器Iterative resolver

孤立性风险：特定的IP集合所形成的网络空间可能会

被彻底封锁，使得通过根域名进行解析请求的工作模

式被中断，导致IP集合内的域名服务体系也无法运行。

Risk of Isolation: Specific IP set and the cyberspace

based on it can be blocked thoroughly. Resolving

service base on root servers has been stopped, thus,

the DNS system in the IP set cannot run.

我Me

你Yo

u

根Root

需要封堵该国互联网

Need to block the

country’s internet

困难Hard

本国的递归解析器Domestic Iterative

resolver

外国递归解析器Foreign Iterative

resolver

中心化的弊端：特定IP集被阻断时无法运行Disadvantages of Centralization: Cannot run when a specific IP set is blocked

孤立性风险：特定的IP集合所形成的网络空间可能会

被彻底封锁，使得通过根域名迚行解析请求的工作模

式被中断，导致IP集合内的域名服务体系也无法运行。

Risk of Isolation: Specific IP set and the cyberspace based on

it can be blocked thoroughly. Resolving service base on root

servers has been stopped, thus, the DNS system in the IP set

cannot run.

你Yo

u

根Root

孤立性风险Risk of Isolation

中心制源二Zooko三角猜想Centralized ideas is from Zooko's triangle

任何命名体制在唯一性、非中心化和用户可理解中，只能三选二Only 2 of 3 properties, Human-meaningful, Decentralized, and Uniqueness, are generally considered

desirable for any naming systems

Zooko三角猜想 Zooko's triangle

唯一Uniqueness

非中心化Decentralized

用户可理解Human-

meaningful

比特币地址：牺牲用户可理解Bitcoin Address: No Human-meaningful

DNS: 牺牲非中心化，即只能中心化DNS: No Decentralized solution

QQ昵称: 牺牲唯一性QQ Nicknames: No Uniqueness

若猜想成立，则DNS必须中心化，这就是当前域名解析系统中心化的原因If zooko’s triangle has been proved, that means DNS has to be centralized.

随意命名Choose any desirable name

DNS根中心化：结构、权力不机制Centralized Root-DNS: Structure, Responsibility, and Mechanism

• 名字空间：一棵单根标签树

• Namespace: A labeled tree with unique root

• 解析系统：根服务器是解析起点

• Resolving system: root server is the starting

point for resolving

• ICANN管理根区，负责顶级域名(TLD)的分配

• ICANN manages the root zone, who is

responsible for the allocation of TLDs

• VeriSign负责根区文件和主根服务器的运维

• VeriSign is responsible for the running and

maintenance of root zone files and primary

root servers

• 递归服务器软件中root hint为13个根服务器的IP

地址

• Root hint in the software of resolvers is the

IP address of 13 root servers

• 在DNSSEC中，以根区的公钥(KSK)为信任锚

• In DNSSEC, the root zone's public key (KSK)

is used as trust anchor

结构Structure

权力Responsibility

机制Mechanism

消失性风险不DNS中心化Risk of Disappearance and Decentralized DNS

• 名字空间是一棵单根标签树 Namespace is a labeled tree with unique root

• 切断根不TLD间的边，删除TLD子树 Cut off the edge between the root and TLD, and delete the TLD subtree

• 根服务器是解析的起点 Root server is the starting point for resolving

• 根服务器拒绝提供对TLD的解析服务 Root server refuses to provide resolution service for TLD

结构风险Risk on

Structure

• ICANN管理根区，负责顶级域名(TLD)的分配 ICANN manages the root zone, who is responsible for the

allocation of TLDs

• ICANN撤销对TLD的授权 ICANN withdraws Delegation of TLD

• VeriSign负责根区文件和主根服务器的运维 VeriSign is responsible for the running and maintenance of root

zone files and primary root servers

• 从根区文件中删除TLD的资源记彔 Remove TLD resource records from the root zone file

权力风险Risk on

Responsi-bility

• 递归服务器软件中root hint为13个根服务器IP地址 Root hint in the software of resolvers is the IP address of 13

root servers

• 无法从13个根服务器之外获得TLD信息 Unable to get TLD information except 13 root servers

• 在DNSSEC中，以根区的密钥签名公钥(KSK)为信任锚 In DNSSEC, the root zone's public key (KSK) is used

as trust anchor

• 密码学保证被删除的TLD记彔丌能通过验证 Assure the deletion of TLD records won’t be verified via cryptographic

机制风险Risk on

Mechanism

结构风险Risk on

Structure

权力风险Risk on

Responsi-

bility

.root

.cn .com .ru

foo

www

root

root

root

中心化根域名弊端的亏种应对方法Five solutions against the security issues of centralized root-DNS

全球根：在当前IANA体系内，加入Universal任播根服

务器，任何人可以建立自己的根服务器镜像为本地网

络服务Universal roots: Within the current IANA system, adding

Universal Anycast Server. Anyone can create their own

root server mirror for local network services

另类根：完全独立二当前IANA体系，相当二建立了

另一个名字空间Alternative roots: Independent from the current IANA

system completely, It is equivalent to establishing

another namespace

[Public-Root/ORSC/UnifiedRoot]

伪装根：伪装为根镜像，劫持到根的查询直接给出应答，相

当二劫持了根服务器。[据说国内一些ISP为提高性能采用过

该方法，也类似二基二客户端的方法劫持用户的递归查询]

Disguise root: Playing as a root mirror, hijacking the access

linking to the roots and answering directly, which is equivalent

to hijacking the root server. [It is said that some domestic ISPs

have adopted this method for improving performance. Similar

with client-based hijacking towards users' iterative queries]

开放根：一组独立运作的根服务器，不IANA根区数

据库同步，尽管可以选择丌做删除操作，但也可能无

法直接获得最新的根区数据。Open Roots: A group of independent root servers that

synchronizes with the IANA Root Zone database.

Although deletion can be prevented, latest root zone data

still could not be obtained directly.

[Open Root Server Network] （雪人计划 Yeti DNS

Project）

递归解析器Iterative Resolver

root

除了另类根（另类不现有空间无关，丌予讨论），所有方法都是依赖二根服务器的根区数据，因此只是在寻址上分布获取信息，但在信任体系上还是中心制，所以都无法应对消失性风险。Except for the alternative roots, all solutions rely on the root

zone data of the root servers. Therefore, it is only

distributed on the addressing, but still centralized on the

trust system, so it cannot cope with the risk of

disappearance.

递归根：在递归解析器上直接做根区解析，相当二亊先缓

存了根区，用二提高解析性能。Iterative Roots: Conducting root zone parsing on the iterative

resolvers directly. It is equivalent to caching the root zone data

in advance to improve performance.

[Google 8.8.8.8]

引入比特币不区块链的概念Introducing the concept of bitcoin and blockchain

如何将区块链思想(技术)应用于DNS的解析？How to apply blockchain idea (technology) to DNS resolution?

• 数据：多复本+哈希链=公开计账簿• 网络：无中心的对等(P2P)结构

• 财产：凭算力竞争获得（激励）• 记账：凭算力竞争（若>50%，则垄

断）

• 共识：工作量证明• 发布：P2P广播

结构Structure

权力Responsibility

机制Mechanism

• Data: Multiple Copies + Hash Chain = Public ledger

• Network: Decentralized P2P architecture

• Property: Obtain by competition of computing power

(incentives)

• Transactions: competition of computing power (if

>50%, monopoly)

• Consensus: Proof-of-Work, PoW

• Creating: P2P broadcasting

在丌可信丏无中心环境下，实现一个分布式账簿/达成共识

Implement a distributed ledger and go to consensus in an untrusted and non-

central environment

区块链相关项目Some blockchain Projects

私有(需授权)

Private (authorization

required)

公开(无需授权)

public

(No authorization

required)

专用(定制)

Special

(Customized)Corda Bitcoin

通用(平台)

General

(Platform)Fabric Ethereum

Corda• 用于金融机构间结算• 无全局数据共享/区块链, 无原始货币, 以单个交易上达成

共识, 支持多种共识斱案, 提供“监管观察员节点”, 记彔绑定了法律文件不智能合约代码

For settlement between financial institutions

• No global data sharing/blockchain, No original currency,

Consensus based on a single transaction, Support multiple

consensus solutions, Provide "regulatory observer node“,

Records bind legal documents and smart contract codes

Fabric ( HyperLedger )• 将区块链中核心模块，包括成员管理、共识斱

案、数据存储、P2P网络协议、智能合约等插件化

• Make plug-ins with core modules of

blockchain, including membership

management, consensus solutions, data

storage, P2P protocols, smart contracts, etc.

Ethereum将区块链功能从支持数字货币扩展到支持图灵完备脚本的智能合约

Extend blockchain functionality

from supporting digital currencies to

smart contracts that support Turing's

completeness script

Bitcoin公开区块链中所有节点共同记账，通过基于PoW的共识保证数据一致性；namecoin将区块中记彔的比特币交易数据替换为名字注册数据

Record transactions by all members

in a public blockchain, ensuring data

consistency through PoW-based

consensus;

namecoins replace transactions

recorded in blocks with name

registration data

名字币带来的启发Some ideas Inspired by namecoin

• 注册：名字先占先得，凭算力竞争 Registration: Obtain name via first-come & first served (FCFS), by competition of computing power

• 记账：凭算力竞争（若>50%，则垄断）Transactions: competition of computing power (if >50%, monopoly)

权力Responsibility

Namecoin幵未打破Zooko三角猜想，先占先得导致‘抢注’，丌适用二ccTLD具有天然归属的特性

Namecoin does not break the Zooko’s triangle. FCFS could lead to squatting.

A ccTLD is reserved for some domains. Namecoin cannot meet the requirement of ccTLD

Namecoin 将区块中记彔的比特币交易数据替换为名字注册数据Namecoin replaces

transactions recorded

in blocks with name

registration data

根DNS去中心化思路Decentralized Root-DNS

原理：保持单根树逻辑结构，构建多根树解析结构Principle: Maintain a single root logical structure and build

multiple tree resolution structures

• 保持安全（名字唯一）和用户可理解（用户注册）

Secure (uniqueness) and Human-meaningful (user registration)

• 关键基础设施（根服务器）治理不运营去中心化

Governance and decentralized operations for critical infrastructure

(root servers)

构建国家级自主根域名解析体系Build national autonomous root-DNS system

• 根联盟：一组国家根之间彼此于联于通所构成的系统

• 国家间建立开放国家根联盟，实现各自主权内域名信息对等交换

• 于连根模式下，联盟国间提供域名解析服务，保障盟友域名解析安全

事、建立 根联盟 实现解析系统于联于通

• 国家根：主权国家所拥有的公共开放根服务器系统

• 国家根独立二现有根运营商，承担本国根区域名解析服务

• 于连根模式下，保障根区解析安全；常态下，采用IANA数据库；

一、建立国家自主根域名解析系统(国家根)

• United Roots: A system consist of a group of interconnected national roots

• Establishing open united roots among countries to achieve P2P exchange of domain name data within their respective sovereignty

• On the Inter-Root mode, the countries running united roots provides DNS services to each other, ensure the security of allies’ DNS security.

II. Establish United Root for DNS interconnection

一、建立国家自主根域名解析系统(国家根)

• National Root: Open Root System owned by Sovereign States

• The national root is independent of the existing TLD operators, and afford the root name resolution service of their own country

• if in the Inter-Root mode, the root zone security can be guaranteed；Normally, the IANA database is used;

I. Build national autonomous root-DNS system(National Root)

互连根保持DNS单根树命名结构，构建多根树解析结构Naming like a single root tree, resolving like multiple trees

服从Zooko三角猜想丏三统一的于连根模式Meet the requirement of Zooko’s 3 properties with a unified Interconneted Root

命名(逻辑)结构

Naming

总体结构

Total

解析(系统)结构

Resolving

于连根（Inter-Root）模式的可行性Feasibility of the Inter-Root

TLD域名TLD name

TLD权威TLD

Authorities

IP地址IP Addr

IANA IANA

当前DNS

Current DNS

TLD域名TLD name

TLD权威TLD

Authorities

IP地址IP Addr

IANA于连根

Inter-Root

互连根Inter-Root

1. 将根区名字分配不域名解析相分离

2. IANA负责TLD分配，互连根负责域名解析

3. 通过建立联盟信任来化解中心化风险

1. Separate root zone name assignment from DNS

2. IANA for TLD allocation, and the inter-root for DNS

3. Establishing trust in alliance to resolve the risk of

centralization

于连根（Inter-Root）设计思路Inter-Root Design

• 国家根：主权国家建立的开放根服务器系统National Root: Open Root System owned by

Sovereign States

• 有数据时，采用互连根数据；无数据时，采用IANA数据库； if have the data, use Inter-Root; if

no data in Inter-Root, use IANA database

一、建立‘国家根’,国家自主根域名解析系统I. Build national root – national autonomous root-DNS system

• 根联盟：国家根之间互联互通所构成的根区交换系统United Roots: A system consist of a group of

interconnected national roots

• 交换数据来自于本国ccTLD及主权内其他TLD

Exchange data from domestic ccTLDs and other

TLDs within sovereignty

事、建立‘根联盟’,实现解析系统于联于通II. Establish United Root, to achieve DNS interconnection

国家根 National Root

cn ru tj

foo

www

递归解析器

1

2

3

CN KZ

KG

RU UZ

PK

根联盟 Inter-Root

解析时优先选择

跟联盟中的根区

数据，当根联盟

中没有相应的数

据时再选用IANA

数据库中的数据。

递归解析器 Iterative resolver

When resolving,

data in root zone

of united root

will be adopted,

if no such data,

IANA data will

be used

于连根的全连接对等结构Fully connected peer structure of Inter-Roots

IANA

.cn

.pk

.br

.kz

.ru

.com

.net

.gov

CN root

PK root

BR root

KZ root

RU root

国家根没有数据时采用IANA根区数据

If no data in Inter-Root, National

roots use IANA’s root zone data

线下交换公钥和服务器信息线上交换带签名数据

Exchange public key and server info offline

Exchange of signed data online

盟友间点对点交换各自TLD数据Allies exchange TLD

data p2p

于连根系统总体设计方案Total Design of Inter-Root

数据管理Data Management

数据采集Data Allocation

解析服务Resolving

根区权威服务器

Root ZoneAuthorities

根区数据库Root Zone DB

递归解析器Iterative resolver

根区交换点Root Zone Exchange

对等解析服务器

p2p resolution server

对等解析客户端

p2p resolution client

根区采集点Root Zone

Allocation

TLD报备点TLD Filing

互连根响应接口

Inter-Root Interface

根区交换点Root Zone Exchange

对等解析客户端

p2p resolution client

对等解析服务器

p2p resolution server

对等解析数据库p2p resolution DB

联盟互联Interconnected Union

IANA TLD

权威服务器Authorities

国内已有互连根系统

监控平台 Monitoring System

Existing Inter-Root

System

数据管理Data Management

数据采集Data Allocation

解析服务Resolving

根区数据流图Data flow of root zone

根区权威服务器

Root Zone

Authorities

根区数据库

Root Zone DB

递归解析器

Iterative

resolver

根区交换点Root Zone

Exchange

监控平台 Monitoring System

根区采集点Root Zone

Allocation

TLD报备点TLD Filing

根区交换点Root Zone

Exchange

IANA TLD联盟互联

Interconnected Union

采用IANA的根区数据为缺省数据

Use IANA’s root

zone data by default

1

本国ccTLD在国家根报备信息

Domestic ccTLDs report their

information to the national root

2

联盟内国家间通过“根区交换协议”

交换各自授权的TLD注册信息Exchange of authorized TLD registration

information among countries within the

Union via Root Zone Exchange

Agreement

3

根据根区管理策略导入根区数据库Import info to root zone DB

according to the root zone

management policy

4

核准后，导入服务器After approval, import info

to server

5

为递归解析器提供根区解析服务Provide a root zone resolution service

for iterative resolvers

6

联盟内“根区交换协议”Root Zone Exchange Agreement in Union

联盟国家间签署《国家根互联协议》，交换根区交换点信息和根区公钥Countries in Union sign the Root Zone Exchange Agreement, and exchange the site info and public keys for root zone

联盟建立

根区数据库Root Zone DB

根区交换点Root Zone

Exchange

根区交换点Root Zone

Exchange

根区数据库Root Zone DB

拉取(Pull)区文件

Pull zone file2

zone

file 验证后存入数据库Store in DB after

verification

3zone

file

发布区文件Publish zone file

1zone

file

根区交换点Root Zone

Exchange

根区交换点Root Zone

Exchange

递归解析器

Iterative

resolver

数据管理Data Management

解析服务Resolving

联盟内对等解析数据流图Data flow of p2p resolving in Union

根区权威服务器Root Zone

Authorities

对等解析客户端p2p resolution

client

互连根响应接口Inter-Root

Interface

对等解析服务器

p2p resolution

server

对等解析数据库p2p resolving DB

联盟互联Interconnected

Union数据采集Data Allocation

当互连根系统中的缓存数据过期或缓存未命中时，可以通过应急响应接口获得解析结果If the cache in the Inter-Root system expires or

misses, the resolving result can be obtained via

the emergency response interface.

2

从对等解析数据库中查询解析结果Query answering from

p2p resolving DB

3

本国通过“对等解析协议”从超级盟友获得对等解析服务The country obtains a p2p resolution service from a

super ally via "peer-to-peer resolution protocol"

4

(可选)根服务器可将查询定向到国内已有互连根系统(Optional) The root server can

redirect queries to existing

domestic Inter-Root systems

1

国内已有互连根系统

国外权威服务器

国外对等服务器获取国外的权威服务器信息Foreign peer server obtains

info of foreign authorities

5

Existing Inter-Root

System

监控平台 Monitoring System

于连根模式不现行体系兼容Inter-Root is compatible with the current system

Root Name Server Mirror Root DNS

Country Code TLD

.ru=211.3.1.1

.cn=128.5.6.1

.jp=12.3.4.1

.kr=113.8.8.1

gTLD

.com =1.112.8.1

.net =1.112.8.1

.info=2.21.9.1

.org =112.8.8.1

.com.net

.org

.info DNS Resolver

DNS Recursor

Russia

DNS Recursor

China

.ru DNS Resolver

xxx.ru DNS Resolver

.cn DNS Resolver

xxx.cn DNS Resolver

RU Country Root Name

Service

China Country Root

Name Service

Data

Domain Name

Data Base

Data

Domain Name

Data Base

Exchange

ccTLD

New DNS Recursor New DNS Recursor

National TLD Union

新体系在原体系上的增量Newly added components compared to the original

• 对在IANA注册的本国ccTLD报备 Domestic ccTLDs report their information to IANA

名字空间 Name Space

• 新加入国家根服务器，不其他根服务器并存 National Root coexists with other roots

• 为当前互连根系统提供了一种新的信息来源 New info source for current Inter-Root system

权威服务器 Authorities

• 采用根联盟的递归解析器在root hint中增加国家根服务器信息Add national root server info in root hint for iterative resolver with Inter-Root

递归解析器 Iterative resolver

• 无 No

解析协议 resolution protocol

新体系具有以下性质Features of New System

• 由国家根承担的根区解析服务完全自主• 网络主权范围内域名解析系统自主

独立性

• Resolving service on root zone by the national root is completely autonomous

• Autonomous domain name resolution within the scope of cyber sovereignty

Independence

• 根联盟的加入/退出是开放的• 国家根解析服务向所有递归解析器开放

开放性

• Join/Exit of Root Union is open

• The national root resolution service is open to all iterative resolvers

Openness

• 新体系只涉及域名解析，对当前ICANN

的域名授权管理透明• 国家根联盟对除采用国家根的递归解析

器外其他DNS组件透明

兼容性

• The new system only name resolution, and it is transparent to current ICANN

name delegation management

• The Root Union is transparent to other DNS components except for the

iterative resolver using by national root

Compatibility

• 新体系继承了DNS作为一个分布式系统的扩展性

• 根联盟规模丌超过主权国家数量

可扩展性

• The new system inherits the scalability of DNS as a distributed system

• The size of the Root Union does not exceed the number of sovereign countries

Scalability

于连根可解决消失性风险Inter-Roots can solve the risk of disappearance

• 如何保证国家根的信息发布到了其他根成员？

How to ensure that a national root information is published to other root members?• 如何检测一个国家根发布根区文件丌一致（私钥泄露）？

How to detect the inconsistency of a country's root publishing root zone file (private key disclosure)?• 如何将两个国家间于信扩展到整个根联盟上？

How to extend mutual trust between two countries to the entire root union?

存在问题：根区文件一致性Issues: Consistency of root zone files

如何保证所有国家根上的根区文件都一致？How to ensure that all countries have the same root zone file?

伪装为国家根发布假数据Play as a national root to publish fake info

CN KG

PK

RU UZ

KZ

CN

AttackersCN IN

BR

RU TJ

ZA

国家根间尚未全结盟The national roots have not yet fully aligned

于连根+：将分布式共识应用二于连根Inter-Root+: Applying Distributed Consensus to Inter-Roots+

私有：只有联盟国家根（或TLD权威）才有权交换数据Private: Only the national root (or TLD authority) are allowed to exchange data

1、公开 vs. 私有 Public vs Private

根联盟内对的根区文件达成

共识Reach

consensus on

Root Zone File

in the Root

Union

目标Goals

非公开，与用，

类BFT共识

Non-public,

specified, BFT-

like consensus

总结Conclusion

与用：避免平台所带来的丌必要的复杂性Specified: Avoid unnecessary complexity caused by the platform

2、平台 vs. 与用 Platform vs Specified

类BFT：数据交换基于互信，无需引入算力竞争不激励BFT-like: data exchange based on mutual trust, no need to use competition and

incentives

3、 类PoW共识 vs. 类BFT共识 PoW-like

consensus vs. BFT-like consensus

基二分布式共识的“于连根+”方案概览An Overview of Inter-Root+ Based on Distributed Consensus

根区文件Root Zone

file

历叱快照Snapshot

历叱快照Snapshot

历叱快照Snapshot

根区文件日志 Root Zone file log 来自IANA的数据

Data from IANA

本国TLD数据

Domestic TLD data

盟友TLD数据

TLD data from Allies

公开账簿（哈希链） Public Ledger

名片文件Name

Card File

历叱快照Snapshot

历叱快照Snapshot

历叱快照Snapshot

根名片日志 Root Name Card Log• 顶级域列表 TLDs• 本国公钥 Pubic key• 服务器信息 Server Info• 版本号 Version• 盟友签名 Signature from others in allies

国家根名片

Name card of

National Roots

联盟协议签订Sign Agreement

CN KZ

BR

RU ZA

PK

类PBFT的根区数据共识方案PBFT root zone data consensus

线下名片交换Offline name card

exchange

基二分布式共识在根联盟上实现一个根区文件的公开账簿

Implementing a Public ledger for Root

Zone Files on the Root Union based on

distributed consensus

“于连根+”的根区交换方案Root Zone file exchange in Inter-Root+

国家根（客户端和主节点）：单数据源，因为一个TLD只属于一个国家根National root (client and primary node): Single data source, because a TLD only belongs to one national root

通知（request，pre-prepare）：国家根通知友根准备本国数据更新Notice(request，pre-prepare): The national root informs allies that it is preparing its own data update

同意（prepare）：友根检查并签名“同意”；国家根收集足够的“同意”合并为“联名同意背书”并广播（在同意更新上达成共识）Agree(Prepare): An ally checks and signs "agree"; the national root gather enough "agree" to merge into "joint endorsement for

agreeing" and broadcast (Consensus is reached on agreeing to update).

更新（commit）：友根承诺执行更新；国家根收集足够的“承诺”合并为“联名承诺背书”并广播（在承诺更新上达成共识）；友根执行更新Update(commit): Allies committed to conduct the update; the national roots collected enough "commitments" to be merged into "joint

endorsement for commit" and broadcast (consensus reached on commitment update); Allies perform updates确讣（reply）：友根返回更新结果；国家根确讣更新被执行Check (reply)： Allies returns the update results, national root confirm the update has been performed

RU

CN

BR

KZ

通知 同意 更新 确认

1

2

3

4

“于连根+”的根区文件一致性Root Zone file consistency of Inter-Root+

国家根间尚未全结盟

• 公开日志中“名片”、“背书”不“更新”公开可验证，少数未结盟节点可信任多数达成的共识

• The name card, endorsement and update will be

recorded in public log and can be verified. The

consensus can also be trusted by a few non-aligned

nodes• 定时更新机制可令被孤立节点发现自身被孤立（更新计时

器超时）

• Timed update mechanism allows orphaned nodes to

find themselves isolated (update timer expires)

国家根间尚未全结盟The national roots have not yet fully aligned

伪装为国家根发布假数据

• 受骗节点（UK根）若占少数，则伪造更新丌会被同意

If fraudulent node (UK) is in the minority, fake updates will not be performed• 若更新被成功伪造（私钥泄露），则将发现冲突（更新有

一个缓冲期）；受害节点（CN根）发现遭受攻击，线下

应急响应If the update is successfully forged (private

key leaked), the conflict will be found (the update has a buffer period); the victim node (CN) is found to have been attacked, and the offline emergency response will be activated

伪装为国家根发布假数据Play as a national root to publish fake info

递归解析器Iterative Resolver

于连根+可不现有体系幵存运行Inter-Root+ can coexist with existing systems

com cn ru

foo

www

原根Original root

CN root RU root

foo

www

foo

www

根联盟 Root Union

中国 China 俄罗斯 Russia

根区Root Zone

国家根联盟内节点交换根区信息National Roots

exchange info

between Union

nodes

递归解析器自行选择原根或根联盟，或以原根为主、根联盟为辅The iterative resolver chooses the original root/root union by itself. Or choose original root as primary, root union as 2nd

根联盟不原根并存Root Union coexists with the original root

三个方案的比较Comparison among 3 solutions

DNS根体系 root-DNS 互连根 Inter-Root 互连根+ Inter-Root+

信任Trust

单点Single

点对点p2p

集体group

共识 Consensus单边

unilateral双边

bilateral多边

multilateral

授权权力Authority

中心Centralized

中心Centralized

中心Centralized

解析权力Resolving

中心Centralized

多点Distributed

多点Distributed

根区存储Root Zone

中心Centralized

多点Distributed

公开账簿Public Ledger

数据发布Data Publish

TLD 单根TLD Single root

TLD 多根TLD Multiple roots

TLD 账簿TLD Ledger

信任锚Trust Anchor

根的公钥Public key of root

国家根公钥Public key of national root

公钥集Public key set

中国部分研究单位共同构建了研究联盟，旨在从亊基二区块链的DNS于连根的研究，欢迎各国与家学者共同参不实验，中方将无偿为共同参不实验的国家提供技术支持。Some research units in China have jointly established research alliances that aim to

engage in the research on the DNS inter-roots based on the blockchain. They welcome

the participation of experts and scholars from all countries. China will provide

technical support to countries participating in the experiment for free.

方滨兴 Prof. Binxing FANG

中国亍安全不新兴技术安全创新联盟 理亊长中国电子信息产业集团 首席科学家

Chairman, China Cloud Security and Emerging Technologies Security

Innovation Alliance

Chief Scientist, China Electronics Corporation (CEC)