DHCP server authentication using digital certificates

In this paper we give an overview of the DHCP security issues and the related work done to secure the protocol. Then we propose a method based on the use of public key cryptography and digital certificates in order to authenticate the DHCP server and DHCP server responses, and to prevent in this way the rogue DHCP server attacks. We implemented and tested the proposed solution using different key and certificate types in order to find out the packet overhead and time consumed by the new added authentication option.

[1]  Stuart Cheshire,et al.  Encoding Long Options in the Dynamic Host Configuration Protocol (DHCPv4) , 2002, RFC.

[2]  Ralph Droms,et al.  The DHCP Handbook , 2002 .

[3]  Bernard Aboba,et al.  DHCP Authentication Via Kerberos V , 2001 .

[4]  Michael Roe,et al.  Securing network location awareness with authenticated DHCP , 2007, 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops - SecureComm 2007.

[5]  Jong-Wook Han,et al.  DHCP Message Authentication with an Effective Key Management , 2007 .

[6]  Craig A. Shue,et al.  A Unified Approach to Intra-domain Security , 2009, 2009 International Conference on Computational Science and Engineering.

[7]  Takamichi Saito,et al.  The secure DHCP system with user authentication , 2002, 27th Annual IEEE Conference on Local Computer Networks, 2002. Proceedings. LCN 2002..

[8]  Ralph E. Droms,et al.  Authentication for DHCP Messages , 2001, RFC.

[9]  Jacques Demerjian,et al.  DHCP Authentication Using Certificates , 2004, SEC.

[10]  Supakorn Kungpisdan,et al.  Design and implementation of improved security protocols for DHCP using digital certificates , 2011, 2011 17th IEEE International Conference on Networks.