Cryptographic protection of DNS traffic
The developers of OpenDNS have released a small utility DNSCrypt (technology preview), which everyone should install. This program encrypts traffic between your machine and the OpenDNS server, so an attacker, whether an individual or a government entity, cannot listen, swap, or filter packets. In a sense, DNSCrypt performs the same function for DNS traffic as SSL for HTTP.
Download DNSCrypt here (for Mac only).
DNSCrypt on github: proxy , client under OS X.
')
The importance of DNSCrypt is difficult to overestimate, because so far all requests and responses from DNS servers are transmitted over the Net in clear text. Cryptographic protection of DNS traffic means a fundamentally new level of Internet security.
Elliptic cryptography is used here for encryption ( Curve25519 ). The design of the cryptographic system is about the same as that described on the DNSCurve project page. The first expert reviews of DNSCrypt are carefully admired.
Download DNSCrypt here (for Mac only).
DNSCrypt on github: proxy , client under OS X.
')
The importance of DNSCrypt is difficult to overestimate, because so far all requests and responses from DNS servers are transmitted over the Net in clear text. Cryptographic protection of DNS traffic means a fundamentally new level of Internet security.
Elliptic cryptography is used here for encryption ( Curve25519 ). The design of the cryptographic system is about the same as that described on the DNSCurve project page. The first expert reviews of DNSCrypt are carefully admired.
Source: https://habr.com/ru/post/134274/
All Articles