TITLE:
A Secure DHCP Protocol to Mitigate LAN Attacks
AUTHORS:
Osama S. Younes
KEYWORDS:
DHCP, Authentication, Data Link Layer Attacks, ECDLP
JOURNAL NAME:
Journal of Computer and Communications,
Vol.4 No.1,
January
28,
2016
ABSTRACT: Network security has become more of a concern with the rapid growth and expansion of the
Internet. While there are several ways to provide security in the application,
transport, or network layers of a network, the data link layer (Layer 2)
security has not yet been adequately addressed. Data link layer protocols used
in local area networks (LANs) are not designed with security features. Dynamic
host configuration protocol (DHCP) is one of the most used network protocols
for host configuration that works in data link layer. DHCP is vulnerable to a
number of attacks, such as the DHCP rouge server attack, DHCP starvation
attack, and malicious DHCP client attack. This work introduces a new scheme
called Secure DHCP (S-DHCP) to secure DHCP protocol. The proposed solution
consists of two techniques. The first is the authentication and key management
technique that is used for entities authentication and management of security
key. It is based on using Diffie-Hellman key exchange algorithm supported by
the difficulty of Elliptic Curve Discrete Logarithm Problem (ECDLP) and a
strong cryptographic one-way hash function. The second technique is the message
authentication technique, which uses the digital signature to authenticate the
DHCP messages exchanged between the clients and server.