DNSCrypt

DNSCrypt is a network protocol that authenticates and encrypts Domain Name System (DNS) traffic between the user's computer and recursive name servers. DNSCrypt wraps unmodified DNS traffic between a client and a DNS resolver in a cryptographic construction, preventing eavesdropping and forgery by a man-in-the-middle.

It also mitigates UDP-based amplification attacks by requiring a question to be at least as large as the corresponding response. Thus, DNSCrypt helps to prevent DNS amplification attacks.^: §9

DNSCrypt was originally designed by Frank Denis and Yecheng Fu. Multiple free and open source software implementations exist. It is available for a variety of operating systems, including Unix, Apple iOS, Linux, Android, and Microsoft Windows. The free and open source software implementation dnscrypt-proxy additionally integrates ODoH.

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.

Internet security protocols
Key management
Kerberos RPKI PKIX Web of trust X.509 XKMS
Application layer
DKIM DMARC HTTPS PGP Sender ID SPF S/MIME SSH TLS/SSL
Domain Name System
DANE DNSSEC DNS over HTTPS DNS over TLS CAA
Internet Layer
IKE IPsec L2TP OpenVPN PPTP WireGuard