Title :
Secure DHCPv6 that uses RSA authentication integrated with Self-Certified Address
Author :
Su, Zhiyang ; Ma, Hao ; Zhang, Xiaojun ; Zhang, Bei
Author_Institution :
Sch. of Electron. Eng. & Comput. Sci., Peking Univ., Beijing, China
Abstract :
IPv6 is growing in popularity internationally nowadays. In this paper, we propose a secure DHCPv6 system that uses RSA authentication and Self-Certified Address to improve the access safety. By appending Certificate Option to DHCPv6 messages, the system guarantees the integrity of the messages. In addition, the system allocates addresses which can be verified by the address itself. With the benefits of Certificate Option and Self-Certified Address, the system prevents DHCPv6 from various network attack such as Man-in-Middle attack and Denial-of-Service attack. It also provides strict access control of the network by checking whether the address is obtained from the DHCPv6 server or not. We implement the system on dibbler which is an opensource DHCPv6 software and validate it in our campus network.
Keywords :
IP networks; certification; message authentication; program verification; public key cryptography; DHCPv6 message; DHCPv6 software validation; RSA authentication; access control; access safety; address allocation; campus network; dibbler; message integrity; network attack; self-certified address; Authentication; Data structures; Protocols; Public key; Relays; Servers; Authentication; DHCPv6; Self-Certified Address; dibbler;
Conference_Titel :
Cyberspace Safety and Security (CSS), 2011 Third International Workshop on
Conference_Location :
Milan
Print_ISBN :
978-1-4577-1034-6
DOI :
10.1109/CSS.2011.6058569
