Blockchain Application for Distributed Data

Blockchain Application for Distributed Data

Blockchain technology is a type of distributed database that uses a series of data blocks that are sequentially ordered, and secured with a series of successive cryptographic hashes. All holders of the database possess the entire database and can verify it by verifying the historical cryptographic hashes. In this presentation, we present a method for using blockchain databases to distribute domain name system data throughout a network, leading to a more resilient and stable system capable of withstanding concerted cyber attacks from well-funded adversaries. Beyond the method, we provide a working implementation that interacts seamlessly with the existing Internet naming system and provides examples of other mechanisms blockchain technology can secure critical infrastructure.

57359d5660f4866840da4a5916c1d0e3?s=128

James P. Howard, II

January 18, 2019
Tweet

Transcript

  1. 1.

    Blockchain Applications for Distributed Data 2019 Joint Mathematics Meeting Baltimore,

    Maryland—January 18, 2019 James P. Howard, II <james.howard@jhu.edu> Johns Hopkins Applied Physics Laboratory
  2. 2.

    Challenge and Objective • Can blockchain-based solutions supplement the existing

    name service infrastructure?  Provide greater resilience than DNS?  Preserve existing benefits of DNS?  Cooperate with existing DNS services? B • Blockchain  Blockchain is the underlying technology for Bitcoin  Name services have been implemented on blockchain before • The Blockchain is a sequential list of every transaction that has ever occurred • Each block contains user transactions and a pointer to the previous block  Quite literally, it’s a chain of blocks • Mining is the process of adding new blocks 18 January 2019 Blockchain Applications for Distributed Data 2
  3. 3.

    Technical Approach • Ethereum  Freely-available blockchain system § Provides

    “smart contracts” § Multiple independent implementations • Python  Scripting glue to hold system together 18 January 2019 Blockchain Applications for Distributed Data Python Server UDP DNS packets Network Name server host machine HTTP (TCP) Remote Procedure Calls Geth (Go Ethereum) Ethereum Blockchain File I/O Blockchain is synchronized across all Ethereum nodes in cluster Client Machines Client OS networking stack Query Response 3
  4. 4.

    Process-Flow for BANNS 18 January 2019 Blockchain Applications for Distributed

    Data DNS Query Against BANNS-Enabled DNS Server User BANNS Server Conventional DNS Server Blockchain-Assured Network Name Service DNS Query Return Query Response Is domain in BANNS? Prepare Query Response Yes Query Conventional DNS Servers No Is domain known? Return Response Return Unknown Response Yes No Receive DNS Response 4
  5. 5.

    Results • We run an Ethereum smart contract • Functions:

     Register(domain, ipAddress, open/closed) § Changes the state of the chain to register the domain o Domain Name o IP Address o Open/Closed o Expiration block number o Domain Owner • Query(domain)  Returns the IP address corresponding to the domain • Utilities  Reverse lookups, query for other properties of domain, string utilities • DNS Side Implementation  Can process queries from clients  If the domain is present in the blockchain database, return the IP address  If the domain is not present, the query is relayed to the traditional DNS system § Return the IP address pulled from DNS  Supports both open and closed domains § Open allows registrations under the domain by anyone with access to the blockchain § Closed prohibits registration by everyone but the owner o Like the traditional DNS system 18 January 2019 Blockchain Applications for Distributed Data 5
  6. 6.

    Conclusions • Summary  We used Ethereum to implement a

    name service  We can participate with the DNS system  We can respond to queries from naïve clients, seamlessly • TRL 3  Proof of concept complete • Basic functions supported  Domain registration  Lookups for blockchain registrations  Handoffs for nonblockchain lookups • Future Directions  Completed implementation of DNS § Rollout to test sites § Full-scale deployment  Reimplementation of route announcements protocol § BGP is used for announcing availability of Internet address blocks § Authentication system is weak § Google accidentally rerouted all of Japan during August 2017 18 January 2019 Blockchain Applications for Distributed Data 6
  7. 7.

    Many Thanks • From APL:  Connor Daly  Mark

    Munoz  Bobby Seng  Rachel Stonehirsch  Bill Woodcock 18 January 2019 Blockchain Applications for Distributed Data 7
  8. 8.