1.

Explain the security feature in EPON.

Answer»

DS traffic is broadcast to all ONUs, so the encryption is essentially easy for a malicious user to reprogram ONU and capture desired frames. US traffic not seen by other ONUs, so the encryption is not needed. Do not consider fiber-tappers because EPON does not provide any standard encryption method, but −

  • Can supplement with IPsec or MACsec.
  • Many vendors have added proprietary AES-based mechanisms.

BPON used a mechanism called churning − Churning was a low cost hardware solution (24b key) with several security flaws −

  • Engine was linear - simple known-text attack
  • 24b key turned out to be derivable in 512 tries

Therefore, G.983.3 added AES support - now used in GPON.


Discussion

No Comment Found

Related InterviewSolutions