A Lightweight Two-Way Authentication Scheme Between Communication Nodes for Software Defined Optical Access Network
For the rapid increase in the number of optical line terminals (OLTs) and optical network units (ONUs) connected to the control center in the software defined optical access network (SDOAN) environment, the security problems caused by the communication between devices and the high cost caused by the...
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2019-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/8834780/ |
| _version_ | 1818603354796851200 |
|---|---|
| author | Yongli Tang Tao Liu Xu He Jinxia Yu Panke Qin |
| author_facet | Yongli Tang Tao Liu Xu He Jinxia Yu Panke Qin |
| author_sort | Yongli Tang |
| collection | DOAJ |
| description | For the rapid increase in the number of optical line terminals (OLTs) and optical network units (ONUs) connected to the control center in the software defined optical access network (SDOAN) environment, the security problems caused by the communication between devices and the high cost caused by the introduction of security schemes, we propose a lightweight identity two-way authentication scheme (LTWA) based on the cryptographically generated address (CGA) algorithm combined with the hash generated address (HGA) algorithm. The scheme introduces the CGA algorithm and the HGA algorithm without third party participation, so as to complete the first authentication binding and the non-first authentication binding between the communication nodes respectively, which effectively prevents an attacker from forging or tampering with authentication interaction messages, thereby establishing an end-to-end trusted connection in the access network. We experimentally verify the proposed LTWA scheme. The simulation results show that the scheme guarantees the security interaction between communication nodes, and reduces the average computational overhead and the blocking rate caused by malicious attacks. |
| first_indexed | 2024-12-16T13:21:51Z |
| format | Article |
| id | doaj.art-deb19bb539214688980a56b949289d6e |
| institution | Directory Open Access Journal |
| issn | 2169-3536 |
| language | English |
| last_indexed | 2024-12-16T13:21:51Z |
| publishDate | 2019-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj.art-deb19bb539214688980a56b949289d6e2022-12-21T22:30:19ZengIEEEIEEE Access2169-35362019-01-01713324813325610.1109/ACCESS.2019.29410848834780A Lightweight Two-Way Authentication Scheme Between Communication Nodes for Software Defined Optical Access NetworkYongli Tang0https://orcid.org/0000-0003-2783-7065Tao Liu1https://orcid.org/0000-0003-1601-3992Xu He2https://orcid.org/0000-0003-1994-1655Jinxia Yu3Panke Qin4School of Computer Science and Technology, Henan Polytechnic University, Jiaozuo, ChinaSchool of Computer Science and Technology, Henan Polytechnic University, Jiaozuo, ChinaSchool of Computer Science and Technology, Henan Polytechnic University, Jiaozuo, ChinaSchool of Computer Science and Technology, Henan Polytechnic University, Jiaozuo, ChinaSchool of Computer Science and Technology, Henan Polytechnic University, Jiaozuo, ChinaFor the rapid increase in the number of optical line terminals (OLTs) and optical network units (ONUs) connected to the control center in the software defined optical access network (SDOAN) environment, the security problems caused by the communication between devices and the high cost caused by the introduction of security schemes, we propose a lightweight identity two-way authentication scheme (LTWA) based on the cryptographically generated address (CGA) algorithm combined with the hash generated address (HGA) algorithm. The scheme introduces the CGA algorithm and the HGA algorithm without third party participation, so as to complete the first authentication binding and the non-first authentication binding between the communication nodes respectively, which effectively prevents an attacker from forging or tampering with authentication interaction messages, thereby establishing an end-to-end trusted connection in the access network. We experimentally verify the proposed LTWA scheme. The simulation results show that the scheme guarantees the security interaction between communication nodes, and reduces the average computational overhead and the blocking rate caused by malicious attacks.https://ieeexplore.ieee.org/document/8834780/Authenticationopenflowoptical access networkOLTSDN |
| spellingShingle | Yongli Tang Tao Liu Xu He Jinxia Yu Panke Qin A Lightweight Two-Way Authentication Scheme Between Communication Nodes for Software Defined Optical Access Network IEEE Access Authentication openflow optical access network OLT SDN |
| title | A Lightweight Two-Way Authentication Scheme Between Communication Nodes for Software Defined Optical Access Network |
| title_full | A Lightweight Two-Way Authentication Scheme Between Communication Nodes for Software Defined Optical Access Network |
| title_fullStr | A Lightweight Two-Way Authentication Scheme Between Communication Nodes for Software Defined Optical Access Network |
| title_full_unstemmed | A Lightweight Two-Way Authentication Scheme Between Communication Nodes for Software Defined Optical Access Network |
| title_short | A Lightweight Two-Way Authentication Scheme Between Communication Nodes for Software Defined Optical Access Network |
| title_sort | lightweight two way authentication scheme between communication nodes for software defined optical access network |
| topic | Authentication openflow optical access network OLT SDN |
| url | https://ieeexplore.ieee.org/document/8834780/ |
| work_keys_str_mv | AT yonglitang alightweighttwowayauthenticationschemebetweencommunicationnodesforsoftwaredefinedopticalaccessnetwork AT taoliu alightweighttwowayauthenticationschemebetweencommunicationnodesforsoftwaredefinedopticalaccessnetwork AT xuhe alightweighttwowayauthenticationschemebetweencommunicationnodesforsoftwaredefinedopticalaccessnetwork AT jinxiayu alightweighttwowayauthenticationschemebetweencommunicationnodesforsoftwaredefinedopticalaccessnetwork AT pankeqin alightweighttwowayauthenticationschemebetweencommunicationnodesforsoftwaredefinedopticalaccessnetwork AT yonglitang lightweighttwowayauthenticationschemebetweencommunicationnodesforsoftwaredefinedopticalaccessnetwork AT taoliu lightweighttwowayauthenticationschemebetweencommunicationnodesforsoftwaredefinedopticalaccessnetwork AT xuhe lightweighttwowayauthenticationschemebetweencommunicationnodesforsoftwaredefinedopticalaccessnetwork AT jinxiayu lightweighttwowayauthenticationschemebetweencommunicationnodesforsoftwaredefinedopticalaccessnetwork AT pankeqin lightweighttwowayauthenticationschemebetweencommunicationnodesforsoftwaredefinedopticalaccessnetwork |