AR: an Efficient Alliance Root Service with Decentralized Trust

The domain name system (DNS) provides essential services for translations between human-readable domain names and IP addresses, which runs under the global DNS roots. DNS roots face security vulnerabilities and trust risks due to centralized management architecture. Several related schemes have been proposed to alleviate the security vulnerabilities and trust risks. However, most methods on trust risks focused on verifying their mechanism. A comparison of the actual operational effectiveness of these methods and the existing DNS is rarely disclosed. In this paper, we present a trustworthy decentralized DNS root management architecture called AR based on blockchain. Instead of all top level domains (TLDs) authorized by Internet Corporation for Assigned Names and Numbers (ICANN), the root owner in AR has the authority over its TLDs. Our proposed AR can work with the global roots without influencing the operation of the existing DNS. A cross-national and cross-regional research test bed is constructed on the internet to verify the feasibility and practicality of our proposed AR.