DNSCrypt

In addition to private deployments, the DNSCrypt protocol has been adopted by several public DNS resolvers, the vast majority being members of the OpenNIC network, as well as virtual private network (VPN) services.

OpenDNS (now a part of Cisco) announced the first public DNS service supporting DNSCrypt in December 2011, shortly followed by CloudNS Australia.

On March 29, 2016, Yandex announced support for the DNSCrypt protocol on their public DNS servers, as well as in their web browser.

Later, Infoblox announced ActiveTrust Cloud, leveraging DNSCrypt to secure DNS communications.

On October, 2016, AdGuard added DNSCrypt to their DNS filtering module so that users could move from their ISPs to custom or AdGuard's own DNS servers for online privacy and ad blocking.[2][3]

The Quad9 public recursive resolver service, operated by a not-for-profit public-benefit organization supported by donors including IBM and Packet Clearing House, announced support for DNSCrypt in September 2018.[4]

Other servers that support secure protocol are mentioned in the DNSCrypt creators’ list.[5]

DNSCrypt can be used either over UDP or over TCP. In both cases, its default port is 443. Even though the protocol radically differs from HTTPS, both service types can share the same port.

Even if DoH and DNSCrypt are possible on the same port, they must still run separately on different servers. Two server applications can never run simultaneously on the same server if both use the same port.

Instead of relying on trusted certificate authorities commonly found in web browsers, the client has to explicitly trust the public signing key of the chosen provider.

This public key is used to verify a set of certificates, retrieved using conventional DNS queries. These certificates contain short-term public keys used for key exchange, as well as an identifier of the cipher suite to use. Clients are encouraged to generate a new key for every query, while servers are encouraged to rotate short-term key pairs every 24 hours.

Queries and responses are encrypted using the same algorithm and padded to a multiple of 64 bytes in order to avoid leaking packet sizes. Over UDP, when a response would be larger than the question leading to it, a server can respond with a short packet whose TC (truncated) bit has been set. The client should then retry using TCP and increase the padding of subsequent queries.

Versions 1 and 2 of the protocol use the X25519 algorithm for key exchange, EdDSA for signatures, as well as XSalsa20-Poly1305 or XChaCha20-Poly1305 for authenticated encryption.

There are no known vulnerabilities in the protocol nor practical attacks against its underlying cryptographic constructions.

The DNSCrypt protocol can also be used for access control or accounting, by accepting only a predefined set of public keys. This can be used by commercial DNS services to identify customers without having to rely on IP addresses.

Anonymized DNSCrypt[6] is a protocol extension proposed in 2019 to further improve DNS privacy.

Instead of directly responding to clients, a resolver can act as a transparent proxy to another resolver, hiding the real client IP to the latter.

Anonymized DNSCrypt is a lightweight alternative to Tor and SOCKS proxies, specifically designed for DNS traffic.

Deployment of Anonymized DNSCrypt started in October 2019, and the protocol adoption was fast, with 40 DNS relays[7] being set up only two weeks after the public availability of client and server implementations.

• Curve25519
• DNSCurve
• DNS over HTTPS
• DNS over TLS
• Domain Name System Security Extensions (DNSSEC)
• Elliptic curve cryptography

• Official website
• DNSCrypt protocol specification