Re: Security Architecture for DHCP

Ted Lemon <> Sun, 20 April 1997 17:54 UTC

Received: from cnri by id aa10069; 20 Apr 97 13:54 EDT
Received: from by CNRI.Reston.VA.US id aa22062; 20 Apr 97 13:54 EDT
Received: from by; (5.65v3.2/ id AA02516; Sun, 20 Apr 1997 13:49:51 -0400
Date: Sun, 20 Apr 1997 13:49:51 -0400
Message-Id: <>
Precedence: bulk
From: Ted Lemon <>
To: Multiple recipients of list <>
Subject: Re: Security Architecture for DHCP
X-Listprocessor-Version: 6.0c -- ListProcessor by Anastasios Kotsikonas
X-Comment: Discussion of DHCP for IPv4

Jim, there is some disagreement as to whether public key, by itself,
will be a good choice for the DHCP authentication protocol.  The
reason is that public key signatures are fairly expensive to compute,
and since we have to do it for every packet, this limits the number of
transactions per second that a general purpose computer is likely to
be able to support.  This gets to be a big problem on Monday morning
at 9:00 AM when 10,000 or more nodes try to boot at once.

My personal belief is that private, shared secrets should be used in
the default case, with public key as a fallback for cases where the
server and the client are not yet known to each other.

Did you by any chance have a chance to read the message I posted last
week on what I thought the requirements for DHCP authentication were?