Research On Passive Optical Network Security Technologies And Key Algorithms

Along with the rapid expansion of broadband network, Internet of things and cloud computing, Optical Access Network (OAN), as the infrastructure of new generation information network, has become research and development priorities at home and abroad. As an economic-effective way to provide fiber to the home (FTTH), Passive Optical Network (PON) is capable to break the bandwidth bottleneck fundamentally.However, due to adopting point-to-multipoint broadcasting topology and its user-oriented application feature, PON is faced with security issues such as eavesdropping, denial of service, impersonation and theft of services. The resulting security threats should not be disregarded. PON security mechanisms are necessary to ensure safety of the new generation information network.The author is engaged in technologies of optical access network and high-speed network security, acting as the leader of the projects supported by National Natural Science Foundation of China and National High Technology Research and Development Program (863). In this paper, the cryptology and authentication algorithms and safety system schemes are discussed to preserve the confidentiality, integrity and availability of PON. The main research content and results are shown as follows:1. A multi-bytes churning algorithm capable of parallel processing and extending key length is proposed by analyzing the security of existing single. and triple churning algorithms in PON. The new churning algorithm enhances the security of churning and supports the speed of 10Gbps without increasing the space complexity.2. GCM, as a block cipher operating mode supporting high speed authenticated encryption, is under investigation. A dimension reduced algorithm for Galois field multipliers is proposed, and the model analysis shows it lowering space complexity and time delay of the critical path. It's also an effectively expansion of Karatsuba Algorithm in GF(2m).3. An authenticated encryption mechanism based on GCM is put forward to improve PON security. Churning-GCM, combining of churning algorithm and GCM, is designed and implemented on FPGA. It supports the applications of 10Gbps with lower consumption of resources. 4. WDM-PON is one of next generation passive optical networks with high security. A LED based low-cost colorless ONU is developed which can be applied to spectrum-sliced WDM-PON system scheme. The test results show that the system is adapted to both CWDM and DWDM application mode. A re-modulated optical carrier source WDM-PON system worked at 10Gbps in bi-directional is presented. Simulation results show that the system has a good performance in 20km standard single-mode fiber.5,Acting as the main drafter, the author has completed the industry standards of Test method for EPON(YD/T 1531-2006), Interoperability requirements for EPON system(YD/T1771-2008) and Test method for interoperability of EPON system(YD/T1809-2008). All of these standards have been promulgated and implemented. Three standards including interoperability for EPON system wined the second class prize of "CCSA Award for Science and Technology" in 2009.