Byzantine-Reliable Domain Name Service protocol in networks with limited public key infrastructure

Alexander Michael Tsekhansky, Pace University


Internet users rely on symbolic names, such as web addresses, to point them to the network resources. Some users assume that a name typed in the browser always points to the expected site. However, malicious activity, user errors, and software bugs may cause names to point to a wrong network resource. Hackers exploiting such vulnerabilities may forward an unsuspecting user to a phishing site, thus taking private information, such as names and passwords, from the user. Companies may forward network traffic away from their competitors, and to their own sites. This dissertation introduces a new name resolution algorithm, called Byzantine-Reliable Domain Name Service protocol that may improve reliability and data integrity of existing solutions using Byzantine Fault Tolerance. It relies on global network positioning, rather than Public Key Infrastructure, to provide node authentication, thus reducing vulnerability to malicious attempts without an additional security infrastructure. The algorithm will provide compatibility with current DNS standards, and may be implemented gradually. The servers that do not support this new protocol will be able to perform DNS functions using standard name resolution process.

Subject Area

Computer science

Recommended Citation

Tsekhansky, Alexander Michael, "Byzantine-Reliable Domain Name Service protocol in networks with limited public key infrastructure" (2010). ETD Collection for Pace University. AAI3405900.



Remote User: Click Here to Login (must have Pace University remote login ID and password. Once logged in, click on the View More link above)