Tsinghua University Tsinghua University Tsinghua University Comcast The Dynamic Host Configuration Protocol for IPv6 (DHCPv6) enables DHCPv6 servers to configure network parameters dynamically. However, due to the unsecured nature, various critical identifiers used in DHCPv6 are vulnerable to several types of attack. In order to protect the DHCPv6 from passive attack, such as pervasive monitoring attack, this document provides a mechanism to achieve the encryption between the DHCPv6 client and server.