CN103138924A - Method and device for deciphering encryption data frames in Ethernet Passive Optical Network (EPON) system - Google Patents

Method and device for deciphering encryption data frames in Ethernet Passive Optical Network (EPON) system Download PDF

Info

Publication number
CN103138924A
CN103138924A CN2011103787392A CN201110378739A CN103138924A CN 103138924 A CN103138924 A CN 103138924A CN 2011103787392 A CN2011103787392 A CN 2011103787392A CN 201110378739 A CN201110378739 A CN 201110378739A CN 103138924 A CN103138924 A CN 103138924A
Authority
CN
China
Prior art keywords
llid
data frame
scrambled data
deciphering
triple
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2011103787392A
Other languages
Chinese (zh)
Other versions
CN103138924B (en
Inventor
邵玉玲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sanechips Technology Co Ltd
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201110378739.2A priority Critical patent/CN103138924B/en
Publication of CN103138924A publication Critical patent/CN103138924A/en
Application granted granted Critical
Publication of CN103138924B publication Critical patent/CN103138924B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
  • Small-Scale Networks (AREA)

Abstract

The invention discloses a method and a device for deciphering encryption data frames in an Ethernet Passive Optical Network (EPON) system. The method comprises steps of arranging corresponding a plurality of triple descrambling secret keys and Advanced Encryption Standard (AES) encryption secret keys on a plurality of channels of Logical Link Identification (LLID) encryption data frames on a logical link; and when receiving LLID encryption data frames, determining whether the triple descrambling or the AES deciphering is conducted to the LLID encryption data frames in accordance with LLID number of LLID encryption data frames and preset deciphering determination signals. The method is applied to two different deciphering modes and the usability of chips is improved.

Description

Scrambled data frame decryption method and device in a kind of EPON system
Technical field
The present invention relates to EPON (Ethernet Passive Optical Network, Ethernet passive optical network) MAC (Media Access Control, medium access control) system data encryption and decryption technology field, particularly, relate in particular in a kind of EPON system and support simultaneously AES (Advanced Encryption Standard, Advanced Encryption Standard) deciphering or triple descrambling chip scrambled data frame decryption method and the device when processing multichannel LLID (Logical Link Identifier, LLID) scrambled data frame.
Background technology
Along with the high speed development of information technology, network becomes people's daily life and the central requisite instrument of work gradually, and correspondingly, people are also increasingly strong to the security requirement of carrying out the transmission of data on network.Because information network is an open network, when not taking any encryption measures just to carry out transfer of data, just having no fail safe for this transmission of data can say, therefore in order to satisfy the demand of secure communication of network, need to be encrypted processing to the transmission of data in data transmission procedure.
In the EPON system, the transfer of data of down direction adopts broadcast mode, and in this process, malicious user is easy to the information of other user in interception system.Therefore, in order to improve the confidentiality of user data, in EPON system descending direction, need to be encrypted processing to the transmission of data.For example, the EPON of China Telecom technology is carried out triple scramblings processing to the transmission of data, and North America EPON technology is carried out the AES encryption to the transmission of data.
As shown in Figure 1, Fig. 1 is the single channel AES deciphering schematic flow sheet of existing North America standard, wherein, in the figure, has 1 AES deciphering black box E that is used for the AES deciphering K, the IV value of input and corresponding AES decruption key Key, decipher black box E through AES KThe data of output and encryption encrypt data C 1, C 2, C 3, C 4Carry out XOR, obtain clear data P 1, P 2, P 3, P 4, in decrypting process, needing should previous encrypt data conduct AES deciphering next time black box E KThe IV input value.
As shown in Figure 2, Fig. 2 is the triple descrambling schematic flow sheets of the single channel of existing China Telecom standard, wherein, in the figure, there are ciphertext and corresponding triple descramble keys, for example, in the figure, with the scrambled data frame of 8bit and the triple descrambling modules of triple descramble key input of 24bit, namely obtain corresponding clear data.
In traditional E PON technology, the corresponding LLID (logical link identifier, LLID) of an ONU (Optical Network Unit, optical network unit).Existing scrambled data frame decryption method only can realize triple descramblings of 1 road LLID or AES deciphering, and when the triple descramblings that need simultaneously to carry out single channel LLID or multichannel LLID or AES deciphering, not relevant design is suggested at present.For example, among the requirement of China Telecom for the EPON technology, for the ease of the management of a plurality of formations in ONU, set up simultaneously the mapping relations of miscellaneous service, each ONU need to be expanded to 8 road LLID.In addition, for the described scrambled data frame decryption method that needs to process multichannel LLID, also need its corresponding EPON chip can support simultaneously China Telecom's standard and North America standard, namely need to support simultaneously triple descramblings or AES deciphering.
Summary of the invention
The object of the present invention is to provide scrambled data frame decryption method and device in a kind of EPON system, it is in the situation that logical links has multichannel LLID, and two kinds of deciphering standards of applicable triple descramblings and AES deciphering have improved availability.
In order to reach purpose of the present invention, the present invention by the following technical solutions:
Scrambled data frame decryption method in a kind of EPON system comprises:
For the multichannel LLID scrambled data frame that exists in logical links configures respectively corresponding a plurality of triple descramble keys and AES decruption key;
when receiving the LLID scrambled data frame, to adopt triple descramblings or AES deciphering to carry out decryption oprerations according to No. LLID of described LLID scrambled data frame and the deciphering judgement signal judgement of presetting to described LLID scrambled data frame, when adopting triple descramblings to described LLID scrambled data frame deciphering, utilize the triple descramble keys corresponding with No. LLID of described LLID scrambled data frame to carry out deciphering to this LLID scrambled data frame, when adopting the AES deciphering to described LLID scrambled data frame deciphering, utilize the AES decruption key corresponding with No. LLID of described LLID scrambled data frame to carry out deciphering to this LLID scrambled data frame.
Preferably, judge under this LLID scrambled data frame No. LLID according to the heading information of LLID scrambled data frame.
Preferably, be that the method that adopts triple descramblings or AES deciphering to carry out decryption oprerations comprises according to No. LLID of described LLID scrambled data frame and the deciphering judgement signal judgement of presetting to described LLID scrambled data frame:
Obtain described LLID scrambled data frame No. LLID;
With described No. LLID corresponding sign bit, if described sign bit is 1, select to take the AES deciphering to described LLID scrambled data frame deciphering in the deciphering judgement signal that presets according to No. LLID of described LLID scrambled data frame inquiry; If described sign bit is 0, select to take triple descramblings that described LLID scrambled data frame is deciphered.
Preferably, when adopting triple descramblings to described LLID scrambled data frame deciphering, its corresponding decryption method comprises:
No. LLID corresponding triple descramble keys of selection according to the described LLID scrambled data frame that gets;
Described LLID scrambled data frame and triple descramble key are inputted triple descrambling modules execution to the deciphering of described LLID scrambled data frame.
Preferably, when adopting the AES deciphering to described LLID scrambled data frame deciphering, its corresponding decryption method comprises:
Obtain last 128 bit data of previous LLID scrambled data frame as initial IV data;
According to described initial IV data, the AES decruption key corresponding with No. LLID of described LLID scrambled data frame, and current LLID scrambled data frame, current LLID scrambled data frame is carried out deciphered.
Scrambled data frame decryption device in a kind of EPON system comprises:
The encryption key distribution module is used to the multichannel LLID scrambled data frame that exists in logical links to configure respectively corresponding a plurality of triple descramble keys and AES decruption key;
Judge module is used for when receiving the LLID scrambled data frame, is to adopt triple descramblings or AES deciphering to carry out decryption oprerations according to No. LLID of described LLID scrambled data frame and the deciphering judgement signal judgement of presetting to described LLID scrambled data frame;
The deciphering Executive Module, it is connected to respectively encryption key distribution module and judge module, be used for utilizing the triple descramble keys corresponding with No. LLID of described LLID scrambled data frame to carry out deciphering to this LLID scrambled data frame when judge module is judged the triple descramblings of employing to described LLID scrambled data frame deciphering; When judge module is judged employing AES deciphering to described LLID scrambled data frame deciphering, utilize the AES decruption key corresponding with No. LLID of described LLID scrambled data frame to carry out deciphering to this LLID scrambled data frame.
Preferably, described judge module also is used for heading information according to the LLID scrambled data frame and judges under this LLID scrambled data frame No. LLID.
Preferably, described judge module is that the method that adopts triple descramblings or AES deciphering to carry out decryption oprerations comprises according to No. LLID of described LLID scrambled data frame and the deciphering judgement signal judgement of presetting to described LLID scrambled data frame:
Obtain described LLID scrambled data frame No. LLID;
With described No. LLID corresponding sign bit, if described sign bit is 1, select to take the AES deciphering to described LLID scrambled data frame deciphering in the deciphering judgement signal that presets according to No. LLID of described LLID scrambled data frame inquiry; If described sign bit is 0, select to take triple descramblings that described LLID scrambled data frame is deciphered.
Preferably, when adopting triple descramblings to described LLID scrambled data frame deciphering, the method that described deciphering Executive Module is carried out deciphering to described LLID scrambled data frame comprises:
No. LLID corresponding triple descramble keys of selection according to the described LLID scrambled data frame that gets;
Described LLID scrambled data frame and triple descramble key are inputted triple descrambling modules execution to the deciphering of described LLID scrambled data frame.
Preferably, when adopting the AES deciphering to described LLID scrambled data frame deciphering, the method that described deciphering Executive Module is carried out deciphering to described LLID scrambled data frame comprises:
Obtain last 128 bit data of previous LLID scrambled data frame as initial IV data;
According to described initial IV data, the AES decruption key corresponding with No. LLID of described LLID scrambled data frame, and current LLID scrambled data frame, current LLID scrambled data frame is carried out deciphered.
Technical scheme by the invention described above can be found out, compared with prior art, in EPON provided by the invention system, scrambled data frame decryption method and device both can satisfy the demand that the many LLID of expansion of China Telecom map to different business, also can support simultaneously the demand of China Telecom and the different manner of decryption of North America technology, reach a chip of implementing this scrambled data frame decryption method and device and can be suitable for two kinds of different deciphering standards, thereby improved the availability of this chip.
Description of drawings
Accompanying drawing described herein is used to provide a further understanding of the present invention, consists of a part of the present invention, and illustrative examples of the present invention and explanation thereof are used for explaining the present invention, do not consist of improper restriction of the present invention.In the accompanying drawings:
Fig. 1 is the single channel AES deciphering schematic flow sheet of existing North America standard;
Fig. 2 is the triple descrambling schematic flow sheets of the single channel of existing China Telecom standard;
Fig. 3 is scrambled data frame decryption method schematic flow sheet in the embodiment of the present invention EPON system that provides;
Fig. 4 is scrambled data frame decryption device structural representation in the embodiment of the present invention EPON system that provides;
In Fig. 5 embodiment of the present invention, multichannel LLID scrambled data frame is carried out the schematic flow sheet of AES deciphering.
Embodiment
In order to make technical problem to be solved by this invention, technical scheme and beneficial effect clearer, clear, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, is not intended to limit the present invention.
As shown in Figure 3, the invention provides scrambled data frame decryption method in a kind of EPON system, described method comprises:
S101, configure respectively corresponding a plurality of triple descramble keys and AES decruption key for the multichannel LLID scrambled data frame that exists in logical links;
S102, when receiving the LLID scrambled data frame, to adopt triple descramblings or AES deciphering to carry out decryption oprerations according to No. LLID of described LLID scrambled data frame and the deciphering judgement signal judgement of presetting to described LLID scrambled data frame, when adopting triple descramblings to described LLID scrambled data frame deciphering, utilize the triple descramble keys corresponding with No. LLID of described LLID scrambled data frame to carry out deciphering to this LLID scrambled data frame, when adopting the AES deciphering to described LLID scrambled data frame deciphering, utilize the AES decruption key corresponding with No. LLID of described LLID scrambled data frame to carry out deciphering to this LLID scrambled data frame.
For example, in step S101, for the ease of the management of a plurality of formations in ONU, set up simultaneously the mapping relations of miscellaneous service, thereby each ONU is expanded to 8 road LLID.Therefore because every road LLID has its unique business tine, for every road LLID, all allocation threshold independently decruption key and manner of decryption accordingly separately, when for example being triple descrambling mode, distribute corresponding triple descramble keys separately; When deciphering for AES, distribute separately corresponding AES decruption key.
Similarly, except the embodiment of above-mentioned 8 road LLID scrambled data frame that exist, can also extend to 2 for the way of the described LLID scrambled data frame that exists in logical links in logical links 15The road is broadcasting or clean culture because highest order the 15th bit that the LLID bit wide is 16, LLID is expressed as this Frame information of No. LLID.Following this paper will make elaboration mainly for the decryption method of 8 road LLID, can apparently according to summary of the invention of the present invention be understood and realize for the decryption method of N road LLID, will too much not give unnecessary details here.
Under preferred implementation, judge under this LLID scrambled data frame No. LLID according to the heading information of LLID scrambled data frame.For example, judge under this Frame No. LLID according to the 6th and the 7th byte of heading information preamble in the LLID scrambled data frame.
Under preferred implementation, be that the method that adopts triple descramblings or AES deciphering to carry out decryption oprerations comprises according to No. LLID of described LLID scrambled data frame and the deciphering judgement signal judgement of presetting to described LLID scrambled data frame:
S200, obtain No. LLID of described LLID scrambled data frame;
With described No. LLID corresponding sign bit, if described sign bit is 1, select to take the AES deciphering to described LLID scrambled data frame deciphering in S201, the deciphering judgement signal that presets according to No. LLID of described LLID scrambled data frame inquiry; If described sign bit is 0, select to take triple descramblings that described LLID scrambled data frame is deciphered.
For described deciphering judgement signal, actually or it is used for judging that adopting triple descrambling AES to decipher for the current LLID scrambled data frame that gets carries out decryption oprerations.For example, described deciphering judgement signal is the sel_aes_churning[7:0 of design] signal, described sel_aes_churning[7:0] total 8bit position, every 1bit position is corresponding to the decryption mode of corresponding No. LLID: sel_aes_churning[7 for example] be the decryption mode selection of LLID7 corresponding to No. LLID, if sel_aes_churning[7] be high level, No. LLID is the LLID scrambled data frame employing AES128 deciphering of LLID7, if sel_aes_churning[7] be low level, No. LLID is the triple descramblings deciphering of LLID scrambled data frame employing of LLID7.The rest may be inferred, correspondingly, sel_aes_churning[0] be the decryption mode selection of LLID0 corresponding to No. LLID, if sel_aes_churning[0] be high level, No. LLID is the LLID scrambled data frame employing AES128 deciphering of LLID0, if sel_aes_churning[0] be low level, No. LLID is the triple descramblings deciphering of LLID scrambled data frame employing of LLID0.
Wherein, when judging according to described deciphering judgement signal need to carry out triple descramblings deciphering to current LLID scrambled data frame the time, its corresponding decryption method comprises:
Select corresponding triple descramble keys No. LLID of the described LLID scrambled data frame that S300, foundation get;
S301, the triple descrambling modules of described LLID scrambled data frame and triple descramble key input are carried out deciphering to described LLID scrambled data frame.
Wherein, described triple descrambling modules are existing those skilled in the art technology in common knowledge, and this paper will not be explained in detail it.
Perhaps, when adopting the AES deciphering to described current LLID scrambled data frame deciphering, its corresponding decryption method comprises:
S400, obtain last 128 bit data of previous LLID scrambled data frame as initial IV data;
S401, according to described initial IV data, the AES decruption key corresponding with No. LLID of described LLID scrambled data frame, and current LLID scrambled data frame is carried out current LLID scrambled data frame and is deciphered.
As shown in Figure 5, in Fig. 5 embodiment of the present invention, multichannel LLID scrambled data frame is carried out the schematic flow sheet of AES deciphering, for example, with reference to this figure, carry out the AES deciphering for the LLID scrambled data frame of LLID0 according to the 128bit piecemeal No. LLID, in the process of piecemeal, last 1 not enough 128bit of possibility of LLID scrambled data frame, need in the zero-adding of the front of this scrambled data frame piece to supply 128bit, carry out simultaneously the scrambled data frame of AES deciphering, the field of 128bit subsequently that its initial IV data are previous LLID scrambled data frame for the next one.Correspondingly, the processing that described AES black box is done initial IV data and the AES decruption key corresponding with No. LLID of described LLID scrambled data frame of described input is those skilled in the art's technology contents in common knowledge, and this paper will not be described in detail it.
As shown in Figure 4, the embodiment of the present invention also provides scrambled data frame decryption device in a kind of EPON system, and described device comprises:
Encryption key distribution module 10 is used to the multichannel LLID scrambled data frame that exists in logical links to configure respectively corresponding a plurality of triple descramble keys and AES decruption key;
Judge module 20 is used for when receiving the LLID scrambled data frame, is to adopt triple descramblings or AES deciphering to carry out decryption oprerations according to No. LLID of described LLID scrambled data frame and the deciphering judgement signal judgement of presetting to described LLID scrambled data frame;
Deciphering Executive Module 30, it is connected to respectively encryption key distribution module 10 and judge module 20, be used for utilizing the triple descramble keys corresponding with No. LLID of described LLID scrambled data frame to carry out deciphering to this LLID scrambled data frame when judge module 20 is judged the triple descramblings of employing to described LLID scrambled data frame deciphering; When judge module 20 is judged employing AES deciphering to described LLID scrambled data frame deciphering, utilize the AES decruption key corresponding with No. LLID of described LLID scrambled data frame to carry out deciphering to this LLID scrambled data frame.
Wherein, described judge module 20 also is used for heading information according to the LLID scrambled data frame and judges under this LLID scrambled data frame No. LLID, for example, judge under this Frame No. LLID according to the 6th and the 7th byte of heading information preamble in the LLID scrambled data frame.
Described judge module 20 is that the method that adopts triple descramblings or AES deciphering to carry out decryption oprerations comprises according to No. LLID of described LLID scrambled data frame and the deciphering judgement signal judgement of presetting to described LLID scrambled data frame:
(1) obtain No. LLID of described LLID scrambled data frame;
(2) with described No. LLID corresponding sign bit, if described sign bit is 1, select to take the AES deciphering to described LLID scrambled data frame deciphering in the deciphering judgement signal that presets according to No. LLID of described LLID scrambled data frame inquiry; If described sign bit is 0, select to take triple descramblings that described LLID scrambled data frame is deciphered.
Wherein, when adopting triple descramblings to described LLID scrambled data frame deciphering, the method that 30 pairs of described LLID scrambled data frame of described deciphering Executive Module are carried out deciphering comprises:
1) select corresponding triple descramble keys according to No. LLID of the described LLID scrambled data frame that gets;
2) described LLID scrambled data frame and triple descramble key are inputted triple descrambling modules execution to the deciphering of described LLID scrambled data frame.
When adopting the AES deciphering to described LLID scrambled data frame deciphering, the method that 30 pairs of described LLID scrambled data frame of described deciphering Executive Module are carried out deciphering comprises:
1) obtain last 128 bit data of previous LLID scrambled data frame as initial IV data;
2) according to described initial IV data, the AES decruption key corresponding with No. LLID of described LLID scrambled data frame, and current LLID scrambled data frame, current LLID scrambled data frame is carried out deciphered.
The below will simply introduce LLID scrambled data frame decryption method that the lower embodiment of the present invention provides and operation principle and the workflow of device, and will be as follows:
The LLID scrambled data frame is when entering this LLID scrambled data frame decryption device, at first this device need to judge that this Frame is plaintext or ciphertext, next judges No. LLID of Frame, then check sel_aes_churning[7:0 according to No. LLID] corresponding bit position, thereby select corresponding manner of decryption, respectively Frame is carried out deciphering according to the manner of decryption of Frame at last.
Specific embodiment comprises the steps:
The first step: judge that according to heading information preamble the 5th byte bit1 position in the LLID scrambled data frame this Frame is for expressly or ciphertext;
Second step: judge under this Frame No. LLID according to the heading information preamble the 6th in the LLID scrambled data frame and the 7th byte;
The 3rd step: if these frame data are scrambled data frame, check sel_aes_churning[7:0 according to No. LLID of Frame] the corresponding bit of signal position: if corresponding bit position is high level 1, select the AES deciphering; If corresponding bit position is low level 0, select triple descramblings;
The 4th step: if adopt the AES deciphering for this Frame, extract the last 128bit field data of a upper LLID scrambled data frame, 128bit and corresponding AES key with this Frame, extraction writes the AES black box or claims the AES deciphering module simultaneously, carries out the deciphering to described LLID scrambled data frame; If adopt triple descramblings for this Frame, this Frame and corresponding triple descramble keys are write triple descrambling modules, thereby carry out the deciphering to described LLID scrambled data frame.
Above-mentioned explanation illustrates and has described a preferred embodiment of the present invention, but as previously mentioned, be to be understood that the present invention is not limited to the disclosed form of this paper, should not regard the eliminating to other embodiment as, and can be used for various other combinations, modification and environment, and can in invention contemplated scope described herein, change by technology or the knowledge of above-mentioned instruction or association area.And the change that those skilled in the art carry out and variation do not break away from the spirit and scope of the present invention, all should be in the protection range of claims of the present invention.

Claims (10)

1. scrambled data frame decryption method in an EPON system, is characterized in that, comprising:
For the multichannel LLID scrambled data frame that exists in logical links configures respectively corresponding a plurality of triple descramble keys and AES decruption key;
when receiving the LLID scrambled data frame, to adopt triple descramblings or AES deciphering to carry out decryption oprerations according to No. LLID of described LLID scrambled data frame and the deciphering judgement signal judgement of presetting to described LLID scrambled data frame, when adopting triple descramblings to described LLID scrambled data frame deciphering, utilize the triple descramble keys corresponding with No. LLID of described LLID scrambled data frame to carry out deciphering to this LLID scrambled data frame, when adopting the AES deciphering to described LLID scrambled data frame deciphering, utilize the AES decruption key corresponding with No. LLID of described LLID scrambled data frame to carry out deciphering to this LLID scrambled data frame.
2. scrambled data frame decryption method in EPON as claimed in claim 1 system, is characterized in that, judges under this LLID scrambled data frame No. LLID according to the heading information of LLID scrambled data frame.
3. scrambled data frame decryption method in EPON as claimed in claim 2 system, it is characterized in that, be that the method that adopts triple descramblings or AES deciphering to carry out decryption oprerations comprises according to No. LLID of described LLID scrambled data frame and the deciphering judgement signal judgement of presetting to described LLID scrambled data frame:
Obtain described LLID scrambled data frame No. LLID;
With described No. LLID corresponding sign bit, if described sign bit is 1, select to take the AES deciphering to described LLID scrambled data frame deciphering in the deciphering judgement signal that presets according to No. LLID of described LLID scrambled data frame inquiry; If described sign bit is 0, select to take triple descramblings that described LLID scrambled data frame is deciphered.
4. scrambled data frame decryption method in EPON as claimed in claim 3 system, is characterized in that, when adopting triple descramblings to described LLID scrambled data frame deciphering, its corresponding decryption method comprises:
No. LLID corresponding triple descramble keys of selection according to the described LLID scrambled data frame that gets;
Described LLID scrambled data frame and triple descramble key are inputted triple descrambling modules execution to the deciphering of described LLID scrambled data frame.
5. scrambled data frame decryption method in EPON as claimed in claim 3 system, is characterized in that, when adopting the AES deciphering to described LLID scrambled data frame deciphering, its corresponding decryption method comprises:
Obtain last 128 bit data of previous LLID scrambled data frame as initial IV data;
According to described initial IV data, the AES decruption key corresponding with No. LLID of described LLID scrambled data frame, and current LLID scrambled data frame, current LLID scrambled data frame is carried out deciphered.
6. scrambled data frame decryption device in an EPON system, is characterized in that, comprising:
The encryption key distribution module is used to the multichannel LLID scrambled data frame that exists in logical links to configure respectively corresponding a plurality of triple descramble keys and AES decruption key;
Judge module is used for when receiving the LLID scrambled data frame, is to adopt triple descramblings or AES deciphering to carry out decryption oprerations according to No. LLID of described LLID scrambled data frame and the deciphering judgement signal judgement of presetting to described LLID scrambled data frame;
The deciphering Executive Module, it is connected to respectively encryption key distribution module and judge module, be used for utilizing the triple descramble keys corresponding with No. LLID of described LLID scrambled data frame to carry out deciphering to this LLID scrambled data frame when judge module is judged the triple descramblings of employing to described LLID scrambled data frame deciphering; When judge module is judged employing AES deciphering to described LLID scrambled data frame deciphering, utilize the AES decruption key corresponding with No. LLID of described LLID scrambled data frame to carry out deciphering to this LLID scrambled data frame.
7. scrambled data frame decryption device in EPON as claimed in claim 6 system, is characterized in that, described judge module also is used for heading information according to the LLID scrambled data frame and judges under this LLID scrambled data frame No. LLID.
8. scrambled data frame decryption device in EPON as claimed in claim 7 system, it is characterized in that, described judge module is that the method that adopts triple descramblings or AES deciphering to carry out decryption oprerations comprises according to No. LLID of described LLID scrambled data frame and the deciphering judgement signal judgement of presetting to described LLID scrambled data frame:
Obtain described LLID scrambled data frame No. LLID;
With described No. LLID corresponding sign bit, if described sign bit is 1, select to take the AES deciphering to described LLID scrambled data frame deciphering in the deciphering judgement signal that presets according to No. LLID of described LLID scrambled data frame inquiry; If described sign bit is 0, select to take triple descramblings that described LLID scrambled data frame is deciphered.
9. scrambled data frame decryption device in EPON as claimed in claim 8 system, is characterized in that, when adopting triple descramblings to described LLID scrambled data frame deciphering, the method that described deciphering Executive Module is carried out deciphering to described LLID scrambled data frame comprises:
No. LLID corresponding triple descramble keys of selection according to the described LLID scrambled data frame that gets;
Described LLID scrambled data frame and triple descramble key are inputted triple descrambling modules execution to the deciphering of described LLID scrambled data frame.
10. scrambled data frame decryption device in EPON as claimed in claim 8 system, is characterized in that, when adopting the AES deciphering to described LLID scrambled data frame deciphering, the method that described deciphering Executive Module is carried out deciphering to described LLID scrambled data frame comprises:
Obtain last 128 bit data of previous LLID scrambled data frame as initial IV data;
According to described initial IV data, the AES decruption key corresponding with No. LLID of described LLID scrambled data frame, and current LLID scrambled data frame, current LLID scrambled data frame is carried out deciphered.
CN201110378739.2A 2011-11-24 2011-11-24 Scrambled data frame decryption method and device in a kind of EPON system Active CN103138924B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201110378739.2A CN103138924B (en) 2011-11-24 2011-11-24 Scrambled data frame decryption method and device in a kind of EPON system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201110378739.2A CN103138924B (en) 2011-11-24 2011-11-24 Scrambled data frame decryption method and device in a kind of EPON system

Publications (2)

Publication Number Publication Date
CN103138924A true CN103138924A (en) 2013-06-05
CN103138924B CN103138924B (en) 2017-12-08

Family

ID=48498282

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201110378739.2A Active CN103138924B (en) 2011-11-24 2011-11-24 Scrambled data frame decryption method and device in a kind of EPON system

Country Status (1)

Country Link
CN (1) CN103138924B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114189372A (en) * 2021-12-01 2022-03-15 京微齐力(深圳)科技有限公司 Multi-cipher segmentation type decryption method and device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040028409A1 (en) * 2002-08-07 2004-02-12 Kim A-Jung Method for transmitting security data in Ethernet passive optical network system
US20090262937A1 (en) * 2008-04-21 2009-10-22 Teknovus, Inc. Method and apparatus for data privacy in passive optical networks
CN101827099A (en) * 2010-04-15 2010-09-08 中兴通讯股份有限公司 Method and device for allocating logical link identifiers for optical network unit
CN102104478A (en) * 2009-12-16 2011-06-22 中兴通讯股份有限公司 Method and device for improving safety of EPON system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040028409A1 (en) * 2002-08-07 2004-02-12 Kim A-Jung Method for transmitting security data in Ethernet passive optical network system
US20090262937A1 (en) * 2008-04-21 2009-10-22 Teknovus, Inc. Method and apparatus for data privacy in passive optical networks
CN102104478A (en) * 2009-12-16 2011-06-22 中兴通讯股份有限公司 Method and device for improving safety of EPON system
CN101827099A (en) * 2010-04-15 2010-09-08 中兴通讯股份有限公司 Method and device for allocating logical link identifiers for optical network unit

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114189372A (en) * 2021-12-01 2022-03-15 京微齐力(深圳)科技有限公司 Multi-cipher segmentation type decryption method and device

Also Published As

Publication number Publication date
CN103138924B (en) 2017-12-08

Similar Documents

Publication Publication Date Title
CN101304314B (en) Methods of encrypting and decrypting data and bus system using the methods
CN102710415B (en) Method and table look-up device for encrypting and decrypting data by using symmetric cryptographic algorithm
IN2014DN00130A (en)
AU2423601A (en) Methods and apparatus for selective encryption and decryption of point to multi-point messages
MXPA06000364A (en) Method for generating and managing a local area network.
KR20040029767A (en) Transmitting method for authentication and privacy security on tree structure network
EP2856729B1 (en) A scalable authentication system
CN106301765B (en) Encryption and decryption chip and method for realizing encryption and decryption
CN102104478A (en) Method and device for improving safety of EPON system
CN106165353A (en) Point-to-point authentication protocol is used to carry out high usage route to encryption stream
CN105871902A (en) Data encryption and isolation system
CN101626567A (en) Short message sending and receiving method, short message sending and receiving device and mobile terminal
CN101416438A (en) Control word key store for multiple data streams
CN102917250B (en) Audio and video transmission method for digital media interface
CN104239808A (en) Method and device for encryption transmission of data
US8942378B2 (en) Method and device for encrypting multicast service in passive optical network system
CN205792703U (en) Data encryption and shielding system
CN100563148C (en) The MAC secure network communication method and the network equipment
CN106372516A (en) Apparatus for Hub encryption realized based on M-PHY interface
CN103138924A (en) Method and device for deciphering encryption data frames in Ethernet Passive Optical Network (EPON) system
KR101209248B1 (en) Method of data communication between PLC stations belonging to different PLC cells and apparatus therefor
CN102264013B (en) EPON encryption method based on time tag
NO20023550L (en) Method and system for transmitting decryption information
CN101388806B (en) Cipher consistency detection method and apparatus
CN101499898A (en) Method and apparatus for cipher key interaction

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C41 Transfer of patent application or patent right or utility model
TA01 Transfer of patent application right

Effective date of registration: 20151030

Address after: 518057 Nanshan District Guangdong high tech Industrial Park, South Road, science and technology, ZTE building, Ministry of Justice

Applicant after: ZTE Corp.

Applicant after: SANECHIPS TECHNOLOGY Co.,Ltd.

Address before: 518057 Nanshan District Guangdong high tech Industrial Park, South Road, science and technology, ZTE building, Ministry of Justice

Applicant before: ZTE Corp.

GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20221201

Address after: 518055 Zhongxing Industrial Park, Liuxian Avenue, Xili street, Nanshan District, Shenzhen City, Guangdong Province

Patentee after: SANECHIPS TECHNOLOGY Co.,Ltd.

Address before: 518057 Ministry of justice, Zhongxing building, South Science and technology road, Nanshan District hi tech Industrial Park, Shenzhen, Guangdong

Patentee before: ZTE Corp.

Patentee before: SANECHIPS TECHNOLOGY Co.,Ltd.