摘要:
An authentication method for link protection between an OLT and an ONU newly connected thereto in an EPON, which is implemented in a data link layer to which cryptography is applied. First, an authentication key is distributed to both the OLT and an ONU. The OLT (or ONU) generates first and second random values, generates an authentication request frame containing the random values, and transmits it to the ONU (or OLT). The ONU generates a first hash value according to a hash function using the random values contained in the request frame, and transmits an authentication response frame containing the first hash value to the OLT. The OLT compares the first hash value with a second hash value calculated by it according to the has function using the two random values and an authentication key distributed to it, and transmits an authentication result frame to the ONU.
摘要:
A method for controlling a security channel for reducing system load by extending the use period of a security association key is provided. In this method, an upper bit initial value of an initialization vector of an encryption algorithm and a using range thereof are shared between a transmitting side and a receiving side when a security channel is created. Then, a secure association is created between a transmitting side and a receiving side by setting an association number, a next packet number which is a lower bit value of an initialization vector, and a secure association key. Afterward, a packet number is modified whenever a frame is transmitted until all of packet numbers are used. When all packet numbers are used, the upper bit value of the initialization vector changes.
摘要:
The present invention provides a method for detecting a security module for link protection in an EPON, wherein an OLT and an ONU in the EPON can check whether or not an encryption module is present in each other and check the configuration of each other in order to avoid loss of a message when the message is encrypted for link protection between the OLT and the ONU in the EPON.
摘要:
Provided is a method of monitoring link performance and diagnosing an active link state without interrupting traffic in an Ethernet passive optical network (EPON) while the link is in the active state. The method of monitoring link performance and diagnosing an active link state without interrupting data flow to logic links which are in active states in the EPON, includes: a) allowing an operator of the EPON to select a link performance monitoring function or a link active state diagnosing function; b-1) if the link performance monitoring function is selected, setting a monitoring cycle timer and periodically transmitting a performance information request frame from a local node to a remote node; b-2) if the remote node receives the performance information request frame, collecting corresponding link performance information and transmitting a response frame from the remote node to the local node in a format which is predetermined in accordance with a corresponding frame format; b-3) if the local node receives the response frame from the remote node, analyzing the performance information of the response frame and determining whether the link performance has deteriorated or if a failure has occurred in the local node; b-4) if the deterioration of the link function or the degree of the failure reaches a predetermined threshold, reporting to an upper layer that a failure has occurred.