Byzantine-Reliable Domain Name Service protocol in networks with limited public key infrastructure
Internet users rely on symbolic names, such as web addresses, to point them to the network resources. Some users assume that a name typed in the browser always points to the expected site. However, malicious activity, user errors, and software bugs may cause names to point to a wrong network resource. Hackers exploiting such vulnerabilities may forward an unsuspecting user to a phishing site, thus taking private information, such as names and passwords, from the user. Companies may forward network traffic away from their competitors, and to their own sites. ^ This dissertation introduces a new name resolution algorithm, called Byzantine-Reliable Domain Name Service protocol that may improve reliability and data integrity of existing solutions using Byzantine Fault Tolerance. It relies on global network positioning, rather than Public Key Infrastructure, to provide node authentication, thus reducing vulnerability to malicious attempts without an additional security infrastructure. ^ The algorithm will provide compatibility with current DNS standards, and may be implemented gradually. The servers that do not support this new protocol will be able to perform DNS functions using standard name resolution process.^
Alexander Michael Tsekhansky,
"Byzantine-Reliable Domain Name Service protocol in networks with limited public key infrastructure"
(January 1, 2010).
ETD Collection for Pace University.