When we type a URL in the address bar of the browser, our computer communicates with the DNS servers to get the corresponding IP address of the website. Usually, these DNS queries are unencrypted. So, attackers can intercept this process of Domain Name Resolution for various malicious purposes like Man-In-The-Middle (MITM) attacks. DNSCrypt is a protocol that is used to prevent those attacks.
What is DNSCrypt?
DNSCrypt is a network protocol that encrypts the traffic between the DNS clients and the DNS servers at the time of Domain Name Resolution so that attackers cannot intercept that.
When we use HTTPS, SSL/TLS, or VPN, the traffic is encrypted. The data that is transferred between the server and the user’s computer is encrypted. But, before establishing a secure connection with the server, our computer needs to resolve the IP address of the website using a DNS query. The connection between our computer and DNS servers is usually not encrypted. So, an attacker can perpetrate a Man-In-The-Middle (MITM) attack to intercept the connection between the DNS server and the DNS client and use that for malicious purposes.
DNSCrypt uses Elliptic Curve Cryptography to encrypt the traffic between our computer and DNS Servers, and thus, makes it difficult for the attackers to intercept the traffic.
How does DNSCrypt work?
0 Comments