Advanced SearchSearch Tips
Design and Implementation of DHCP Supporting Network Attack Prevention
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
Design and Implementation of DHCP Supporting Network Attack Prevention
Yoo, Kwon-joeong; Kim, Eun-gi;
  PDF(new window)
DHCP(Dynamic Host Configuration Protocol) is a protocol for efficiency and convenience of the IP address management. DHCP automatically assigns an IP address and configuration information needed to run the TCP/IP communication to individual host in the network. However, existing DHCP is vulnerable for network attack such as DHCP spoofing, release attack because there is no mutual authentication systems between server and client. To solve this problem, we have designed a new DHCP protocol supporting the following features: First, ECDH(Elliptic Curve Diffie-Hellman) is used to create session key and ECDSA(Elliptic Curve Digital Signature Algorithm) is used for mutual authentication between server and client. Also this protocol ensures integrity of message by adding a HMAC(Hash-based Message Authentication Code) on the message. And replay attacks can be prevented by using a Nonce. As a result, The receiver can prevent the network attack by discarding the received message from unauthorized host.
DHCP;ECDH;ECDSA;HMAC;network attacks;
 Cited by
Charles M. Kozierok, TCP / IP Complete Guide, Uiwang:acorn publishing Co., 2007.

IETF Std. RFC 2131, Dynamic Host Configuration Protocol, IETF, R. Droms, March 1997.

Behrouz A. Forouzan, TCP/IP Protocol Suite, Fourth Edition. New York, NY: McGRAW HILL INTERNATIONAL EDITION, 2010.

Won-jong Kang, Jung-jae Yoon, and Chan Koh, "Effective IP Address Management on Ethernet Environment," The Korean Society for Industrial and Applied Mathematics, vol. 7, no. 2, pp113-125, Dec. 2003

IETF. Privacy considerations for DHCP, draft-ietf-dhcdhcp-privacy-00 [Internet]. Available:

IETF Std. RFC 2132, DHCP Options and BOOTP Vendor Extensions, IETF, S. Alexander, R. Droms, March 1997.

IETF Std. RFC 3118, Authentication for DHCP messages, IETF, R. Droms, W. Arbaugh, June 2001.

Moon-Gi Kim, Da-Hye Jeong Jae-Won Lee, Kwon-Jeong Yoo, Eun-Gi Kim, "A Study on the DHCP Supporting Network Attack Prevention," in The 2015 Fall Conference of the KIPs, Jeju, pp. 1-3, 2015.

IETF Std. RFC 3118, Authentication for DHCP Messages, IETF, R. Droms, Editor, W. Arbaugh, Editor, June 2001.

Carlisle Adams and Steve Lloyd, Effective way for security PKI, Seoul, Infobook, 2003.

Seok-ho Kim, "Comparison and analysis on efficiency of scalar multiplication for Elliptic Curve Cryptosystem," M. S. dissertation, Korea Maritime and Ocean University graduate school, Busan, 2003.

Yeong-ja Kim, "Design and implementation of a security messenger system using elliptic curve cryptosystem," M. S. dissertation, Chung-Ang University Information graduate school, Seoul, 2004.

IETF Std. RFC 6979, Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA), IETF, T. Pornin, August 2013.

Song-hwan Lim, "The efficiency analysis of ECDSA using improved element algorithm," M. S. dissertation, Dongguk University Graduate School of International Affairs & Information, Seoul, 2000.

IETF Std. RFC 4050, Using the Elliptic Curve Signature Algorithm (ECDSA) for XML Digital Signatures, IETF, S. Blake-Wilson, G. Karlinger, T. Kobayashi, Y. Wang, April 2005.

IETF Std. RFC 2104, HMAC: Keyed-Hashing for Message Authentication, IETF, H. Krawczyk, M. Bellare, R. Canetti, February 1997.

Seong-Gyu Sin, "An HMAC Algorithm for Digital Signature," M. S. dissertation, Catholic Kwandong Graduate School of Education, Gangwon-do, 2003.

Kyung-Sik Kim, "A scheme for improving DHCP and adapting wireless LAN to POSCO," M. S. dissertation, postech, Gyeongsangbuk-do, 2002.

IETF Std. RFC6704, Forcerenew Nonce Authentication, IETF, D. Miles, W. Dec, J. Bristow, R. Maglione, August 2012.