|
|||||
|
|
| 基于隐私保护技术的DNS通信协议 | |
| 引用本文: | 张海阔,陆忠华,陈闻宇,陈连栋,左鹏,王珏,徐彦之.基于隐私保护技术的DNS通信协议[J].科技导报(北京),2019,37(8):97-103. |
| 作者姓名: | 张海阔 陆忠华 陈闻宇 陈连栋 左鹏 王珏 徐彦之 |
| 作者单位: | 中国科学院计算机网络信息中心,北京 100190;中国科学院大学,北京 100049;中国互联网络信息中心,北京 100190;中国科学院计算机网络信息中心,北京,100190;国家电网河北省电力公司,石家庄,050022;中国互联网络信息中心,北京,100190;北京国科文明之光科技有限公司,北京,100190 |
| 基金项目: | 国家自然科学基金重点项目(91530324);国家重点研发计划项目(2017YFB0202302) |
| 摘 要: | 域名系统(DNS)是互联网基础服务,是互联网访问的重要入口,域名隐私保护是DNS安全的研究热点。提出了一种基于用户数据报协议(UDP)的DNS传输中用户隐私保护的加密方法:DNSDEA(DNS data encryption algorithm)。该方法采用PKI加密体系与DNS协议相融合,不仅解决了域名隐私保护问题,而且与传统DNS体系相兼容,保持了DNS系统的简单、高效的技术特点。与当前的DNS加密方法相比,DNSDEA提高了任务并行的并行化粒度,降低了加密情况下DNS查询的延时。 |
| 关 键 词: | 域名系统 隐私保护 并行 加密 延时 |
| 收稿时间: | 2018-12-24 |
DNS communication protocol with consideration of networking privacy |
|
| ZHANG Haikuo,LU Zhonghua,CHEN Wenyu,CHEN Liandong,ZUO Peng,WANG Jue,XU Yanzhi.DNS communication protocol with consideration of networking privacy[J].Science & Technology Review,2019,37(8):97-103. | |
| Authors: | ZHANG Haikuo LU Zhonghua CHEN Wenyu CHEN Liandong ZUO Peng WANG Jue XU Yanzhi |
| Institution: | 1. Computer Network Information Center, Chinese Academy of Sciences, Beijing 100190, China; 2. University of Chinese Academy of Sciences, Beijing 100049, China; 3. China Internet Network Information Center, Beijing 100190, China; 4. State Grid Hebei Electric Power Company, Shijiazhuang 050022, China; 5. Beijing National Science Civilization Light Technology Co., Ltd., Beijing 100190, China |
| Abstract: | The domain name system (DNS) is an essential service of the Internet to provide the mapping service for domain names and IP addresses, as one of the most important addressing services of the Internet. It is an open and interconnected platform and an important portal for the Internet access. The domain name privacy protection is one of the hot issues in the DNS security in recent years. The DNS data encryption algorithm (DNSDEA) is proposed to encrypt the DNS queries and responses between the client and the DNS server over the user datagram protocol (UDP) to protect the user privacy. This algorithm solves the problem of the domain name privacy protection, and is compatible with the traditional DNS system. It maintains the simple and efficient technical characteristics of the DNS system. Compared with the current encryption methods, this approach could increase the granularity of the DNS lookup parallel algorithm, reduce the latency and improve the concurrent DNS queries. Finally, from the technical level, some reference suggestions are made for the research of the subsequent communication encryption applications and for the DNS secure resolution performance. |
| Keywords: | domain name system privacy protection parallel computing encryption latency |
| 本文献已被 CNKI 万方数据 等数据库收录! | |
| 点击此处可从《科技导报(北京)》浏览原始摘要信息 | |
| 点击此处可从《科技导报(北京)》下载免费的PDF全文 | |