Re: [LinkSec] EPON security
Dolors Sala wrote:
>
> Marcus,
>
> FSAN is in the process of upgrading the security system of APON as they
> define the mechanism for GPON specification. They do recognize that it is a
> weak system. It was designed on 1995 with the intention of avoiding just
> casual (non-sophisticated) intruders. And it relies on higher layer security
> for strong protection. Also, the assumption was to consider the upstream a
> secure channel. Therefore it only encrypts downstream but not upstream.
>
The assumption about the upstream direction being secure may be flawed.
While off-the-shelf optical receivers aren't quite sensitive enough to
demodulate the backscatter from the optical combiner, it's just a matter of
some optoelectronics guru deciding that it's an interesting problem, and
then the upstream channel won't be secure from the living room. Even today, if
I put a fiber tap onto either the aggregate stream coming from the combiner or
one of the feeders, the upstream direction isn't secure.
> And going back to your question, it only supports point-to-point encryption.
> Therefore, they do not support group keys.
>
> We have members of FSAN in this list and they may be able to give you a more
> recent summary of this activity. If you are interested in reading APON spec,
> FSAN made it available to the 802.3ah participants. So it is available in
> the private area of 802.3ah.
>
Actually, point-to-point is good. This implies that every end-station has a
key independant of any other end-station. That's better than I was thinking
it was.
> We talked a little in the Vancouver meeting about the need of multicast and
> group keys at layer two. We decided that more discussion was needed to
> decide whether it was needed or not. So let me turn it around to you and ask
> for your, and other opinions, on the subject.
>
> The issue was: Most of multicast traffic is encrypted at higher layer
> because it is an actual service such as movies. Therefore, can we always
> rely on higher layer encryption when there are multiple destinations of a
> stream traffic? Opinions?
>
Secure multicast belongs in the "biting off more than we can chew at this point"
category. It should certainly be on the list, but at a lower priority.
--
----------------------------------------------------------------------
Marcus Leech Mail: Dept 8M70, MS 012, FITZ
Advisor Phone: (ESN) 393-9145 +1 613 763 9145
Security Architecture and Planning Fax: (ESN) 393-9435 +1 613 763 9435
Nortel Networks mleech@nortelnetworks.com
-----------------Expressed opinions are my own, not my employer's------