Upload
defcamp
View
439
Download
3
Tags:
Embed Size (px)
DESCRIPTION
Citation preview
P2P DNS SystemsP2P DNS Systems
Teodor PripoaeTeodor Pripoae
What means DNS ?What means DNS ?
Domain name systemDomain name system
What means DNS ?What means DNS ?
Domain name system
Hierachical distributed naming system
Domain name system
Hierachical distributed naming system
What means DNS ?What means DNS ?
Domain name system
Hierachical distributed naming system
Controlled by ICANN
Domain name system
Hierachical distributed naming system
Controlled by ICANN
Why changing DNS ?Why changing DNS ?
Controlled by a single entityControlled by a single entity
Why changing DNS ?Why changing DNS ?
Controlled by a single entity
Very easy to take down a domain by American Government or Hollywood Media Corporations with similar laws to ACTA or SOPA
Controlled by a single entity
Very easy to take down a domain by American Government or Hollywood Media Corporations with similar laws to ACTA or SOPA
Looks familiar ?Looks familiar ?
Alerternative ?Alerternative ?
P2P DNS SystemP2P DNS System
FeaturesFeatures
What should feature a distributed DNS system ?What should feature a distributed DNS system ?
It must not have any single entity that controls the others
Conclusion: it must be P2P with not central node
It must be open source
It must not have any single entity that controls the others
Conclusion: it must be P2P with not central node
It must be open source
ImplementationsImplementations
P2P-DNS: https://github.com/Mononofu/P2P-DNS
Namecoin: http://dot-bit.org/Namecoin
Censormenot: https://github.com/teodor-pripoae/censormenot
P2P-DNS: https://github.com/Mononofu/P2P-DNS
Namecoin: http://dot-bit.org/Namecoin
Censormenot: https://github.com/teodor-pripoae/censormenot
P2P-DNSP2P-DNS
Records authenticated by a public/private key system
All nodes know all othe nodes and the cache all know domains
Records authenticated by a public/private key system
All nodes know all othe nodes and the cache all know domains
AttacksAttacks
Atack 1: An attacker can only poison the cache of a single node
Atack 2: An attacker can flood the network with fake domains
Atack 1: An attacker can only poison the cache of a single node
Atack 2: An attacker can flood the network with fake domains
Defense methodsDefense methods
For attack 1: opinion of the majority is correct and a web trust (opinions of nodes are weighted by your trust to them.
For attack 2: similar tools used for email spam prevention systems
For attack 1: opinion of the majority is correct and a web trust (opinions of nodes are weighted by your trust to them.
For attack 2: similar tools used for email spam prevention systems
DisadvantagesDisadvantages
Storing all key pairs
Everyone can register any domain now even those which already exist in the real dns system
Storing all key pairs
Everyone can register any domain now even those which already exist in the real dns system
NamecoinNamecoin
Based on bitcoin system
.bit TLD
Similar private/public keys encryption
Buy domains with namecoins which can be converted from bitcoins
Based on bitcoin system
.bit TLD
Similar private/public keys encryption
Buy domains with namecoins which can be converted from bitcoins
CensormenotCensormenot
Why is it different ?Why is it different ?
Not a full dns system, but a cache oneNot a full dns system, but a cache one
Not a full dns system, but a cache one
Add a domain lookup only when you need it.
Not a full dns system, but a cache one
Add a domain lookup only when you need it.
Not a full dns system, but a cache one
Add a domain lookup only when you need it.
Multiple plausible domains based on a trust value which can be voted
Not a full dns system, but a cache one
Add a domain lookup only when you need it.
Multiple plausible domains based on a trust value which can be voted
How it looks / works ?How it looks / works ?
ResourcesResources
https://github.com/namecoin/namecoin
https://github.com/Mononofu/P2P-DNS
https://github.com/teodor-pripoae/censormenot
http://www.youtube.com/watch?v=YNZDhPIdaho
https://github.com/namecoin/namecoin
https://github.com/Mononofu/P2P-DNS
https://github.com/teodor-pripoae/censormenot
http://www.youtube.com/watch?v=YNZDhPIdaho
ContributorsContributors
Dan Serban: https://github.com/dserban
Alexandru Tache https://github.com/hadesgames
Dan Serban: https://github.com/dserban
Alexandru Tache https://github.com/hadesgames