2015-01-04 10:46:52 +01:00
|
|
|
The dnscrypt-proxy provides local service, which can be used directly as your
|
|
|
|
local resolver or as a DNS forwarder, encrypting and authenticating requests
|
|
|
|
using the DNSCrypt [1] protocol and passing them to an upstream server.
|
2012-05-15 22:14:53 +02:00
|
|
|
|
2015-01-04 10:46:52 +01:00
|
|
|
The DNSCrypt protocol uses high-speed high-security elliptic-curve cryptography
|
|
|
|
and is very similar to DNSCurve [2], but focuses on securing communications
|
|
|
|
between a client and its first-level resolver.
|
|
|
|
|
|
|
|
While not providing end-to-end security, it protects the local network, which
|
|
|
|
is often the weakest point of the chain, against man-in-the-middle attacks.
|
|
|
|
It also provides some confidentiality to DNS queries.
|
|
|
|
|
|
|
|
Reference links:
|
|
|
|
1. https://www.opendns.com/technology/dnscrypt/
|
|
|
|
2. http://dnscurve.org
|
|
|
|
|
|
|
|
WWW: http://dnscrypt.org
|