When a new client A is installed on the LAN, the network administrator generates a session key for this client (KA), and then he configures the ARP-A client with KA, Kp and IPS. In addition, he records the mapping of KA to MACA (MAC address of client A) to the server repository. The network administrator may perform these operations for a client and the server manually or by using a secure channel, such as a VPN (Virtual Private Network) or SSL (Secure Sockets Layer), when a client is connected to the LAN for the first time. For every new session, an ARP-A client changes its session key by sending an update …show more content…
It sends ARP-CA request to the secure server. The ARP-CA request consists of the classic ARP request appended with the time stamp and the message lifetime. Figure 5 and 7 show how the ARP-CA request is encoded. Similar to the Register message, the ARP-CA request is first encoded using a message authentication scheme. Then it is encrypted using the host key. After sending the ARP-AC request to the server, the ARP-CA client sets a timeout timer with a time τ. During only this period of time, the client is allowed to receive the response from the server. Otherwise, any response received for this request is discarded. This feature in the ARP-CA protocol converts the classic ARP from stateless to stateful