Private Internet Access & DNSCrypt

DNSCrypt is a protocol which improves DNS Security.

To put it in more technical terms, DNSCrypt turns regular DNS traffic into encrypted DNS traffic. Ultimately, this works by using cryptographic signatures to verify responses are coming from the chosen DNS Resolver.

In turn, DNSCrypt helps to prevent DNS Spoofing. DNS Spoofing is also known as DNS Cache Poisoning. Furthermore, DNS Spoofing is a form of computer hacking where corrupt DNS data is introduced into the DNS resolver’s cache. Therefore, this causes the name server to return an incorrect IP address. Finally, DNS Spoofing allows for traffic to be diverted to an attacker’s computer.

DNScrypt is not required when using the Private Internet Access service as all your traffic is encrypted including DNS requests. Furthermore, DNScrypt utilises the OpenDNS infrastructure (owned by Cisco) which may log DNS requests thus endangering your privacy and/or privacy.


Have more questions? Submit a request