-
1.发明申请公开(公告)号:US20060129814A1
公开(公告)日:2006-06-15
申请号:US11119246
申请日:2005-04-29
申请人: Jee Eun , Tae Yoo , Yool Kwon , Kyeong Han
发明人: Jee Eun , Tae Yoo , Yool Kwon , Kyeong Han
IPC分类号: H04L9/00
CPC分类号: H04L63/08 , H04L9/3236 , H04Q11/0067 , H04Q2011/0088
摘要: An authentication method for link protection between an OLT and an ONU newly connected thereto in an EPON, which is implemented in a data link layer to which cryptography is applied. First, an authentication key is distributed to both the OLT and an ONU. The OLT (or ONU) generates first and second random values, generates an authentication request frame containing the random values, and transmits it to the ONU (or OLT). The ONU generates a first hash value according to a hash function using the random values contained in the request frame, and transmits an authentication response frame containing the first hash value to the OLT. The OLT compares the first hash value with a second hash value calculated by it according to the has function using the two random values and an authentication key distributed to it, and transmits an authentication result frame to the ONU.
摘要翻译: 在EPON中与OLT新连接的ONU之间的链路保护的认证方法,其实现在应用了密码术的数据链路层中。 首先,向OLT和ONU分配认证密钥。 OLT(或ONU)生成第一和第二随机值,生成包含随机值的认证请求帧,并发送给ONU(或OLT)。 ONU使用包含在请求帧中的随机值根据散列函数生成第一散列值,并向OLT发送包含第一散列值的认证响应帧。 OLT根据具有两个随机值的功能和分配给它的认证密钥,将第一哈希值与其计算出的第二哈希值进行比较,并将认证结果帧发送给ONU。
-
2.发明申请Method for controlling security channel in MAC security network and terminal using the same 有权用于控制MAC安全网络和终端中安全通道的方法公开(公告)号:US20070133791A1
公开(公告)日:2007-06-14
申请号:US11634995
申请日:2006-12-07
申请人: Kyeong Han , Jee Eun , Yool Kwon
发明人: Kyeong Han , Jee Eun , Yool Kwon
IPC分类号: H04L9/00
CPC分类号: H04L9/12 , H04L63/068 , H04L63/164
摘要: A method for controlling a security channel for reducing system load by extending the use period of a security association key is provided. In this method, an upper bit initial value of an initialization vector of an encryption algorithm and a using range thereof are shared between a transmitting side and a receiving side when a security channel is created. Then, a secure association is created between a transmitting side and a receiving side by setting an association number, a next packet number which is a lower bit value of an initialization vector, and a secure association key. Afterward, a packet number is modified whenever a frame is transmitted until all of packet numbers are used. When all packet numbers are used, the upper bit value of the initialization vector changes.
摘要翻译: 提供了一种通过扩展安全关联密钥的使用周期来控制用于减少系统负载的安全信道的方法。 在该方法中,当创建安全信道时,在发送侧和接收侧之间共享加密算法的初始化向量的高位初始值及其使用范围。 然后,通过设置关联号码,作为初始化向量的较低位值的下一个分组号码和安全关联密钥,在发送侧和接收侧之间建立安全关联。 之后,每当发送帧直到使用所有分组号时,分组号被修改。 当使用所有分组号时,初始化向量的高位值变化。
-
公开(公告)号:US20060126835A1
公开(公告)日:2006-06-15
申请号:US11116675
申请日:2005-04-27
申请人: Kwang Kim , Kyeong Han , Tae Yoo , Yool Kwon
发明人: Kwang Kim , Kyeong Han , Tae Yoo , Yool Kwon
IPC分类号: H04L9/00
CPC分类号: H04L9/0637 , H04L9/3242 , H04L2209/125
摘要: A high-speed Galois Counter Mode-Advanced Encryption Standard (GCM-AES) block cipher apparatus and method is provided. The apparatus can operate at a low clock frequency of 125 MHz and provide a 2 Gbps link encryption function in an Optical Line Termination (OLT) and an Optical Network Unit (ONU) of an Ethernet Passive Optical Network (EPON). 11-round block cipher of 128-bit input data is implemented using an 8-round Counter-AES (CTR-AES) block cipher module and a 3-round CTR-AES block cipher module, so that it is possible to provide a 1 Gbps link security function for an input frequency of 62.5 MHz and a 2 Gbps link security function for an input frequency of 125 MHz.
摘要翻译: 提供了高速Galois计数器模式 - 高级加密标准(GCM-AES)块密码设备和方法。 该装置可以在125MHz的低时钟频率下工作,并在以太网无源光网络(EPON)的光线路终端(OLT)和光网络单元(ONU)中提供2 Gbps链路加密功能。 使用8-round Counter-AES(CTR-AES)块加密模块和3轮CTR-AES块加密模块来实现128位输入数据的11路分组密码,使得可以提供1 输入频率为62.5 MHz的Gbps链路安全功能和125 MHz输入频率的2 Gbps链路安全功能。
-
-
搜索结果
3 条记录 (耗时 0.015 秒)