6 November 2014 Design of a mutual authentication based on NTRUsign with a perturbation and inherent multipoint control protocol frames in an Ethernet-based passive optical network
Author Affiliations +
Abstract
Identity-related security issues inherently present in passive optical networks (PON) still exist in the current (1G) and next-generation (10G) Ethernet-based passive optical network (EPON) systems. We propose a mutual authentication scheme that integrates an NTRUsign digital signature algorithm with inherent multipoint control protocol (MPCP) frames over an EPON system between the optical line terminal (OLT) and optical network unit (ONU). Here, a primitive NTRUsign algorithm is significantly modified through the use of a new perturbation so that it can be effectively used for simultaneously completing signature and authentication functions on the OLT and the ONU sides. Also, in order to transmit their individual sensitive messages, which include public key, signature, and random value and so forth, to each other, we redefine three unique frames according to MPCP format frame. These generated messages can be added into the frames and delivered to each other, allowing the OLT and the ONU to go ahead with a mutual identity authentication process to verify their legal identities. Our simulation results show that this proposed scheme performs very well in resisting security attacks and has low influence on the registration efficiency to to-be-registered ONUs. A performance comparison with traditional authentication algorithms is also presented. To the best of our knowledge, no detailed design of mutual authentication in EPON can be found in the literature up to now.
© 2014 Society of Photo-Optical Instrumentation Engineers (SPIE)
Aihan Yin, Aihan Yin, Yisheng Ding, Yisheng Ding, } "Design of a mutual authentication based on NTRUsign with a perturbation and inherent multipoint control protocol frames in an Ethernet-based passive optical network," Optical Engineering 53(11), 115101 (6 November 2014). https://doi.org/10.1117/1.OE.53.11.115101 . Submission:
JOURNAL ARTICLE
11 PAGES


SHARE
RELATED CONTENT

Cyber threat model for tactical radio networks
Proceedings of SPIE (May 20 2014)
Analysis of security mechanism in EPONs
Proceedings of SPIE (November 18 2007)
Key distribution for a MLS network architecture
Proceedings of SPIE (November 16 2000)
Analysis and solutions of security issues in Ethernet PON
Proceedings of SPIE (February 07 2005)
An improved anti-leech mechanism based on session identifier
Proceedings of SPIE (January 13 2012)

Back to Top