Plugging DHCP Security Holes Using S-DHCP

Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 176)


Dynamic Host Configuration Protocol(DHCP) allows the terminals to have IP address for their introduction in to the network. In this paper, a secure DHCP system is proposed, not only for user authentication but also for addressing the other security issues like confidentiality, integrity and privacy. Proposed S-DHCP, makes use of the users legitimate right for an IP address such that legitimate user on a particular terminal can exercise it’s right to get allocated and use an IP address from S-DHCP. Thus S-DHCP protects unauthenticated and unauthorized access of confidential informationat one hand which keeping their integrity intact in a private mode from within the network to the outside world over Internet. Simulation and preventing the fabrication of IP addresses and MAC addresses leading to unauthorized access control is difficult and our effort is to incorporate session-ID for user authentication without any modification on DHCP client to produce the desired result.This paper attempts to introduce proposed S-DHCP, its principle, to plug vulnerabilities and other efforts on optimization over the design of protocols in a secured environment.


Access Control Attribute Certificate Authentication DHCP Identity Certificate X.509 User Authentication 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Wellington, B.: RFC 3007, Secure Domain Name System(DNS) Dynamic updates, Internet Engineering Task Force (November 2000)Google Scholar
  2. 2.
    Ramaswamy, C., Scoot, R.: Secure Domain Name System(DNS) Deploying Guide, Draft National Institute of Standards and Technology. NIST Special Publication 800-81, April 11 (2005)Google Scholar
  3. 3.
    Robert, J.: Dynamic DNS and Location Tracking Risks and Benefits, Craic comuting Technical report (2006)Google Scholar
  4. 4.
    Yasmin, S., Yousaf, M., Qayyum, A.: Security Issues Related with DNS Dynamic Updates for Mobile Nodes: A Survey. In: FIT 2010, Islamabad, Pakistan, December 21-23 (2010)Google Scholar
  5. 5.
    Perkins, C., Luo, K.: Using DHCP with computers that move. Wireless Networks (March 1995)Google Scholar
  6. 6.
    Komori, T., Satio, T.: The Secure DHCP systems with User Authentication. In: Proceedings of the 27th Annual IEEE Conference on Local Computer Networks, LCN 2002, November 6-8, pp. 123–131 (2000)Google Scholar
  7. 7.
    Droms, R., Arbaugh, W.: Authentication for DHCP Messages, RFC 3118, IETF (June 2001)Google Scholar
  8. 8.
    Drach, S.: DHCP option for open Groupś User Authentication Protocol, RFC 2485, IETF (January 1999)Google Scholar
  9. 9.
    Kent, S., Atkinson, R.: Security Architecture for the Internet Protocol, RFC 2401, IETF (November 1998)Google Scholar
  10. 10.
    Demerjian, J., Serhrouchni, A.: EDHCP: Extended Dynamic Host Configuration protocol (2004), doi:0-7803-8482-2/04/IEEEGoogle Scholar
  11. 11.
    Jonsson, J., Kaliski, B.: Public-Key cryptography Standards (PKCS) 1: RSA Cryptography Specification Version 2.1, RFC 3447, IETF (February 2003)Google Scholar
  12. 12.
    ITU-T Recommendations(a) X.509, Information technology Open System Interconnection The Directory: Authentication Frameworks (1997)Google Scholar
  13. 13.
    ITU-T Recommendations (b) X.509, Information technology Open System Interconnection The Directory: Public Key and attribute Certificate Frameworks (2000)Google Scholar
  14. 14.
    Ishibashi, H., Yamai, N., Abe, K., Ohnishi, K., Matsuura: A Protection method against Unauthorized access and /or Address Spoofing for open network Access Systems. Journal of Information Processing Society of Japan 40(12), 4335–4361 (1999)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  1. 1.Computer Science and Engineering DepartmentMotilal Nehru National Institute of TechnologyAllahabadIndia

Personalised recommendations