Title :
The design and implementation of MAC security in EPON
Author :
Han, Kyeong-Soo ; Kim, Kwang-Ok ; Yoo, Tae Whan ; Kwon, Yul
Author_Institution :
Electron. & Telecommun. Res. Inst.
Abstract :
Because Ethernet passive optical network (EPON) is based on shared-medium network and a point-to-multipoint optical tree configuration, frames transmitted to any ONU are actually broadcast simultaneously to all ONUs. In EPON, the security of data transmission is critical in protecting the privacy of users and confidentiality of their communication. The MACsec is a link security method proposed by IEEE 802.1AE WG and under standardization. We implement the MACsec on the basis of Draft suggested by IEEE 802.1AE. Our MAC security (MACsec) provides user data confidentiality, frame data integrity check, and data origin authentication. Also, it provides protection of security threats such as replay attack and DoS attack, etc. These security protections are provided by 128-bit GCM-AES cipher mechanism. We designed the function of MACsec, and implemented it in HDL. Then, we developed two kinds of EPON MAC ASICs using 0.18 mum CMOS process, MACsec is a part of these chips
Keywords :
CMOS digital integrated circuits; application specific integrated circuits; optical fibre LAN; telecommunication security; ASIC; CMOS process; EPON; Ethernet passive optical network; MAC security; cipher mechanism; data origin authentication; frame data integrity check; link security method; point-to-multipoint optical tree configuration; shared-medium network; user data confidentiality; Authentication; Broadcasting; Data privacy; Data security; EPON; Optical fiber networks; Optical network units; Passive optical networks; Protection; Standardization; EPON; GCM-AES; Link Security; MAC Security; MACsec; MACsecY;
Conference_Titel :
Advanced Communication Technology, 2006. ICACT 2006. The 8th International Conference
Conference_Location :
Phoenix Park
Print_ISBN :
89-5519-129-4
DOI :
10.1109/ICACT.2006.206309
