公开(公告)号：US20060129814A1

公开(公告)日：2006-06-15

申请号：US11119246

申请日：2005-04-29

申请人： Jee Eun ,  Tae Yoo ,  Yool Kwon ,  Kyeong Han

发明人： Jee Eun ,  Tae Yoo ,  Yool Kwon ,  Kyeong Han

IPC分类号： H04L9/00

CPC分类号： H04L63/08 ,  H04L9/3236 ,  H04Q11/0067 ,  H04Q2011/0088

摘要： An authentication method for link protection between an OLT and an ONU newly connected thereto in an EPON, which is implemented in a data link layer to which cryptography is applied. First, an authentication key is distributed to both the OLT and an ONU. The OLT (or ONU) generates first and second random values, generates an authentication request frame containing the random values, and transmits it to the ONU (or OLT). The ONU generates a first hash value according to a hash function using the random values contained in the request frame, and transmits an authentication response frame containing the first hash value to the OLT. The OLT compares the first hash value with a second hash value calculated by it according to the has function using the two random values and an authentication key distributed to it, and transmits an authentication result frame to the ONU.

摘要翻译： 在EPON中与OLT新连接的ONU之间的链路保护的认证方法，其实现在应用了密码术的数据链路层中。 首先，向OLT和ONU分配认证密钥。 OLT（或ONU）生成第一和第二随机值，生成包含随机值的认证请求帧，并发送给ONU（或OLT）。 ONU使用包含在请求帧中的随机值根据散列函数生成第一散列值，并向OLT发送包含第一散列值的认证响应帧。 OLT根据具有两个随机值的功能和分配给它的认证密钥，将第一哈希值与其计算出的第二哈希值进行比较，并将认证结果帧发送给ONU。

公开(公告)号：US20070133791A1

公开(公告)日：2007-06-14

申请号：US11634995

申请日：2006-12-07

申请人： Kyeong Han ,  Jee Eun ,  Yool Kwon

发明人： Kyeong Han ,  Jee Eun ,  Yool Kwon

IPC分类号： H04L9/00

CPC分类号： H04L9/12 ,  H04L63/068 ,  H04L63/164

摘要： A method for controlling a security channel for reducing system load by extending the use period of a security association key is provided. In this method, an upper bit initial value of an initialization vector of an encryption algorithm and a using range thereof are shared between a transmitting side and a receiving side when a security channel is created. Then, a secure association is created between a transmitting side and a receiving side by setting an association number, a next packet number which is a lower bit value of an initialization vector, and a secure association key. Afterward, a packet number is modified whenever a frame is transmitted until all of packet numbers are used. When all packet numbers are used, the upper bit value of the initialization vector changes.

摘要翻译： 提供了一种通过扩展安全关联密钥的使用周期来控制用于减少系统负载的安全信道的方法。 在该方法中，当创建安全信道时，在发送侧和接收侧之间共享加密算法的初始化向量的高位初始值及其使用范围。 然后，通过设置关联号码，作为初始化向量的较低位值的下一个分组号码和安全关联密钥，在发送侧和接收侧之间建立安全关联。 之后，每当发送帧直到使用所有分组号时，分组号被修改。 当使用所有分组号时，初始化向量的高位值变化。

公开(公告)号：US20060129491A1

公开(公告)日：2006-06-15

申请号：US11138204

申请日：2005-05-25

申请人： Jee Eun ,  Yool Kwon

发明人： Jee Eun ,  Yool Kwon

IPC分类号： H04L9/00

CPC分类号： H04L63/0428

摘要： The present invention provides a method for detecting a security module for link protection in an EPON, wherein an OLT and an ONU in the EPON can check whether or not an encryption module is present in each other and check the configuration of each other in order to avoid loss of a message when the message is encrypted for link protection between the OLT and the ONU in the EPON.

公开(公告)号：US20060221841A1

公开(公告)日：2006-10-05

申请号：US11286632

申请日：2005-11-22

申请人： Ho Lee ,  Jee Eun ,  Tae Whan Yoo ,  Bong Kim

发明人： Ho Lee ,  Jee Eun ,  Tae Whan Yoo ,  Bong Kim

IPC分类号： H04J3/14

CPC分类号： H04L43/0811 ,  H04L43/0847 ,  H04L43/16

摘要： Provided is a method of monitoring link performance and diagnosing an active link state without interrupting traffic in an Ethernet passive optical network (EPON) while the link is in the active state. The method of monitoring link performance and diagnosing an active link state without interrupting data flow to logic links which are in active states in the EPON, includes: a) allowing an operator of the EPON to select a link performance monitoring function or a link active state diagnosing function; b-1) if the link performance monitoring function is selected, setting a monitoring cycle timer and periodically transmitting a performance information request frame from a local node to a remote node; b-2) if the remote node receives the performance information request frame, collecting corresponding link performance information and transmitting a response frame from the remote node to the local node in a format which is predetermined in accordance with a corresponding frame format; b-3) if the local node receives the response frame from the remote node, analyzing the performance information of the response frame and determining whether the link performance has deteriorated or if a failure has occurred in the local node; b-4) if the deterioration of the link function or the degree of the failure reaches a predetermined threshold, reporting to an upper layer that a failure has occurred.

摘要翻译： 提供了一种在链路处于活动状态时监视链路性能和诊断活动链路状态而不中断以太网无源光网络（EPON）中的业务的方法。 监视链路性能和诊断活动链路状态而不中断到EPON中处于活动状态的逻辑链路的数据流的方法包括：a）允许EPON的运营商选择链路性能监视功能或链路活动状态 诊断功能; b-1）如果选择了链路性能监视功能，则设置监视周期定时器并且周期地从本地节点向远程节点发送性能信息请求帧; b-2）如果所述远程节点接收到所述性能信息请求帧，则收集对应的链路性能信息，并以根据对应的帧格式预定的格式从所述远程节点向所述本地节点发送响应帧; b-3）如果本地节点从远程节点接收到响应帧，分析响应帧的性能信息，确定链路性能是否恶化，或者本地节点是否发生故障; b-4）如果链路功能的劣化或故障程度达到预定阈值，则向上层报告发生故障。