Encryption and Authentication Mechanism of 10G EPON Systems Based on GCM

10G EPON can provide us with wide band access technology and high data transmission rate. However, it is faced with a series of security threats due to its point-to-multipoint network topology and high-speed data rate. In this paper, we propose a security mechanism based on GCM (Galois/Counter Mode) for 10G EPON systems, which can support encryption and authentication functions simultaneously. First we describe the encryption system and propose a new mechanism of key update and synchronization, in which we use the GCM encryption and authentication module both in the OLT and ONU side to ensure the security of the key exchanging process. Then, we design the authentication mechanism based on GMAC (Galois Message Authentication Code), using the GMAC authentication tag to ensure the information reliability. We present an authentication model for 10G EPON systems, and describe the ONU and user authentication process in detail. According to this mechanism, we can provide a secure and reliable environment for 10G EPON data transmission.