Gigabit Ethernet passive optical network for securely transferring data through exchange of encryption key and data encryption method using the same

US 20050135609A1
Filed: 07/15/2004
Published: 06/23/2005
Est. Priority Date: 12/18/2003
Status: Abandoned Application

First Claim

Patent Images

1. A Gigabit Ethernet passive optical network (GE-PON) comprising:

an optical line terminal (OLT) configured for receiving a public key through a transmission medium, using the public key to encrypt a secret key, transmitting the encrypted secret key, using the encrypted secret key to encrypt data, and transmitting the encrypted data; and

at least one optical network terminal (ONT) configured for transmitting said public key to said OLT;

receiving the transmitted, encrypted secret key;

using a private key to decrypt the received, encrypted secret key; and

using the decrypted secret key to decrypt said encrypted data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A Gigabit Ethernet passive optical network (GE-PON) for securely transferring data through exchange of an encryption key comprises an optical line terminal (OLT) for encrypting a secret key using a public key received through a transmission medium, transmitting the encrypted secret key, encrypting data using the encrypted secret key, and transmitting the encrypted data, and at least one optical network terminal (ONT) for transmitting the public key to the OLT, decrypting the encrypted secret key transmitted from the OLT using a private key, and decrypting the data encrypted with the encrypted secret key, transmitted from the OLT, using the decrypted secret key.

37 Citations

View as Search Results

25 Claims

1. A Gigabit Ethernet passive optical network (GE-PON) comprising:
- an optical line terminal (OLT) configured for receiving a public key through a transmission medium, using the public key to encrypt a secret key, transmitting the encrypted secret key, using the encrypted secret key to encrypt data, and transmitting the encrypted data; and
  
  at least one optical network terminal (ONT) configured for transmitting said public key to said OLT;
  
  receiving the transmitted, encrypted secret key;
  
  using a private key to decrypt the received, encrypted secret key; and
  
  using the decrypted secret key to decrypt said encrypted data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The GE-PON as set forth in claim 1, wherein said OLT is further configured to initially transmit, to said ONT, a gate message indicating that said OLT is ready to register said ONT.
  - 3. The GE-PON as set forth in claim 2, wherein said gate message includes encryption/decryption information, said information being inserted in a desired portion of a reserved field contained in a format of said gate message.
  - 4. The GE-PON as set forth in claim 3, wherein said encryption/decryption information includes information about whether encryption is to be performed, and, if encryption is to be performed, an encryption range.
  - 5. The GE-PON as set forth in claim 4, wherein said encryption range is selected from a group consisting of all data and payload data.
  - 6. The GE-PON as set forth in claim 5, wherein said reserved field is 26 bytes long, said encryption/decryption information being inserted in one byte of said reserved field.
  - 7. The GE-PON as set forth in claim 1, wherein said ONT is further configured to insert said public key in a data field of a message format and transmit the resulting message to said OLT.
  - 8. The GE-PON as set forth in claim 1, wherein said OLT is further configured to transmit to said ONT, during the encrypting of said secret key, secret key encryption progress information.
  - 9. The GE-PON as set forth in claim 8, wherein said OLT is further configured to transmit to said ONT, if the encryption of said secret key is completed, encryption completion information and said encrypted secret key.
  - 10. The GE-PON as set forth in claim 9, wherein said ONT is further configured to transmit to said OLT, upon receiving said secret key encryption progress information, reception acknowledgement information.
  - 11. The GE-PON as set forth in claim 10, wherein said ONT is further configured to transmit secret key decryption progress information to said OLT if said encrypted secret key from said OLT is received, and decryption completion information to said OLT if the decryption of said encrypted secret key is completed.
  - 12. The GE-PON as set forth in claim 1, wherein said public key and said private key comprise a Rivest-Shamir-Adleman (RSA) public key and an RSA private key, respectively.
  - 13. The GE-PON as set forth in claim 1, wherein said secret key comprises an advanced encryption standard (AES) secret key.

14. A data encryption method for securely transmitting and receiving data between an OLT and at least one ONT in a GE-PON structure, comprising the steps of:
- a) said ONT transmitting a public key to said OLT;
  
  b) said OLT receiving said public key, using the received public key to encrypt a secret key, and transmitting the encrypted secret key to said ONT;
  
  c) said ONT using a private key to decrypt said encrypted secret key transmitted from said OLT;
  
  d) said OLT using said secret key to be encrypted to encrypt the data and transmitting the encrypted data to said ONT; and
  
  e) said ONT using the decrypted secret key to decrypt said encrypted data.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 15. The data encryption method as set forth in claim 14, wherein said step b) includes the steps of:
    - b-1) storing said received public key;
      
      b-2) generating said secret key for the encryption of said data if said public key is stored; and
      
      b-3) using the stored public key to encrypt the generated secret key to thereby create said encrypted secret key.
  - 16. The data encryption method as set forth in claim 15, further comprising, before step a), the step of said OLT transmitting to said ONT a gate message indicating that said OLT is ready to register said ONT.
  - 17. The data encryption method as set forth in claim 16, wherein said gate message includes encryption/decryption information, said information being inserted in a desired portion of a reserved field in said gate message.
  - 18. The data encryption method as set forth in claim 17, wherein said encryption/decryption information includes information about whether encryption is to be performed, and, if encryption is to be performed, an encryption range.
  - 19. The data encryption method as set forth in claim 18, wherein said encryption range is selected from a group consisting of all data and payload data.
  - 20. The data encryption method as set forth in claim 15, wherein said step b) further includes the step of transmitting to said ONT, during the encrypting of the generated secret key, secret key encryption progress information.
  - 21. The data encryption method as set forth in claim 20, wherein said step b) further includes the step of, if the encryption of said secret key is completed, transmitting encryption completion information and said encrypted secret key to said ONT.
  - 22. The data encryption method as set forth in claim 21, wherein said step c) includes the step of, upon receiving said secret key encryption progress information, transmitting reception acknowledgement information to said OLT.
  - 23. The data encryption method as set forth in claim 22, wherein said step c) further includes the steps of:
    - transmitting secret key decryption progress information to said OLT if said encrypted secret key from said OLT is received; and
      
      transmitting decryption completion information to said OLT if the decryption of said encrypted secret key is completed.
  - 24. The data encryption method as set forth in claim 14, wherein step a) includes the step of inserting said public key in a data field of a message format for said transmitting.

25. A data encryption method for securely transmitting and receiving data between an OLT and at least one ONT in a GE-PON structure, comprising the steps of:
- a) upon being powered on and driven, said OLT transmitting to all ONTs connected with the OLT a gate signal via a transmission medium to discover the ONTs;
  
  b) said at least one ONT transmitting to said OLT in response to said gate signal a registration request signal and a public key;
  
  c) said OLT, in response to receipt of the transmitted registration request signal, registering said ONT, allocating to said ONT an LLID (Logical Link IDentification) and transmitting to said ONT information about the allocated LLID;
  
  d) said OLT using said public key to encrypt a secret key and transmitting the encrypted secret key to said ONT;
  
  e) said ONT using a private key to decrypt said the transmitted encrypted secret key;
  
  f) said OLT and ONT confirming their sharing of said public key and of said secret key and then allocating a data transmission bandwidth from said OLT to said ONT;
  
  g) said OLT using said secret key to encrypt the data and transmitting the encrypted data to said ONT; and
  
  h) said ONT using the decrypted secret key to decrypt said the transmitted encrypted data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
Lee, Hak-Phil, Sung, Whan-Jin

Application Number

US10/891,653
Publication Number

US 20050135609A1
Time in Patent Office

Days
Field of Search
US Class Current

380/30
CPC Class Codes

H04L 9/0825 using asymmetric-key encryp...

Gigabit Ethernet passive optical network for securely transferring data through exchange of encryption key and data encryption method using the same

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

37 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Gigabit Ethernet passive optical network for securely transferring data through exchange of encryption key and data encryption method using the same

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

37 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links