Overview#
DNSCurve is a proposed secure protocol for the Domain Name System (DNS), designed by Daniel J. Bernstein.DNSCurve uses Curve25519 Elliptic Curve cryptography and for Key-Establishment by Salsa20, paired with the Message Authentication Code (MAC) function Poly1305, to encrypt and authenticate DNS packets between DNS resolvers and authoritative servers. Public Keys for remote authoritative servers are placed in NS records, so recursive resolvers know whether the server supports DNSCurve. Keys begin with the magic string uz5 and are followed by a 51-byte Base32 encoding of the server's 255-bit Public Key.
More Information#
There might be more information for this subject on one of the following:- [#1] - OpenDNS
- based on information obtained 2019-09-09
- [#2] - DNSCurve: Usable security for DNS
- based on information obtained 2019-09-09
- [#3] - DNSCurve Community
- based on information obtained 2019-09-09