Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

Re: [LinkSec] EPON security

To: Dolors Sala <dolors@ieee.org>
Subject: Re: [LinkSec] EPON security
From: "Marcus Leech" <mleech@nortelnetworks.com>
Date: Thu, 23 Jan 2003 10:37:10 -0500
CC: "Marcus Leech" <mleech@nortelnetworks.com>, stds-802-linksec@ieee.org
Organization: Nortel Networks
References: <3E2D87B3.B4E3ECF9@NORTELNETWORKS.COM> <040601c2c2f3$a7ef1420$6501a8c0@HomeWlan>
Sender: owner-stds-802-linksec@majordomo.ieee.org


Dolors Sala wrote:
> 
> Marcus,
> 
> FSAN is in the process of upgrading the security system of APON as they
> define the mechanism for GPON specification. They do recognize that it is a
> weak system. It was designed on 1995 with the intention of avoiding just
> casual (non-sophisticated) intruders. And it relies on higher layer security
> for strong protection. Also, the assumption was to consider the upstream a
> secure channel. Therefore it only encrypts downstream but not upstream.
>
The assumption about the upstream direction being secure may be flawed.
  While off-the-shelf optical receivers aren't quite sensitive enough to
  demodulate the backscatter from the optical combiner, it's just a matter of
  some optoelectronics guru deciding that it's an interesting problem, and
  then the upstream channel won't be secure from the living room.  Even today, if
  I put a fiber tap onto either the aggregate stream coming from the combiner or
  one of the feeders, the upstream direction isn't secure.
 
> And going back to your question, it only supports point-to-point encryption.
> Therefore, they do not support group keys.
> 
> We have members of FSAN in this list and they may be able to give you a more
> recent summary of this activity. If you are interested in reading APON spec,
> FSAN made it available to the 802.3ah participants. So it is available in
> the private area of 802.3ah.
>
Actually, point-to-point is good.  This implies that every end-station has a
  key independant of any other end-station.  That's better than I was thinking
  it was.
 
> We talked a little in the Vancouver meeting about the need of multicast and
> group keys at layer two. We decided that more discussion was needed to
> decide whether it was needed or not. So let me turn it around to you and ask
> for your, and other opinions, on the subject.
> 
> The issue was: Most of multicast traffic is encrypted at higher layer
> because it is an actual service such as movies. Therefore, can we always
> rely on higher layer encryption when there are multiple destinations of a
> stream traffic? Opinions?
> 
Secure multicast belongs in the "biting off more than we can chew at this point"
  category.  It should certainly be on the list, but at a lower priority.

-- 
----------------------------------------------------------------------
Marcus Leech                             Mail:   Dept 8M70, MS 012, FITZ
Advisor                                  Phone: (ESN) 393-9145  +1 613 763 9145
Security Architecture and Planning       Fax:   (ESN) 393-9435  +1 613 763 9435
Nortel Networks                          mleech@nortelnetworks.com
-----------------Expressed opinions are my own, not my employer's------

References:
- [LinkSec] EPON security
  - From: "Marcus Leech" <mleech@nortelnetworks.com>
- Re: [LinkSec] EPON security
  - From: "Dolors Sala" <dolors@ieee.org>

Prev by Date: [LinkSec] Notes from teleconf 1/21/03
Next by Date: Re: [LinkSec] EPON security
Prev by thread: Re: [LinkSec] EPON security
Next by thread: [LinkSec] Practicality and cost of "wiretapping" optical circuits
Index(es):
- Date
- Thread