Recently, Li et al. proposed an encryption scheme in gigabit Ethernet passive optical network (GEPON) based on timestamp. We have shown that Li's encryption scheme is not advisable, since it cannot decrypt. In this paper, we proposed a novel encryption scheme based on timestamp in GEPON using AES-128, aiming at solving the security problem of a transmission in downstream of GEPON. In this scheme, the keys formed by combining AES-128 algorithm with timestamp in the process of key expansion are used for encrypting the downstream data. Furthermore, accompanying the dynamic update and synchronization of keys, the extraction and synchronization of timestamp are released. Then, the timestamp used in ONUs' ranging to generate time-related keys and realize the secure update and synchronization of keys. The simulation results indicate that this scheme is more suitable for GEPON to solve the potential safety threats than other traditional algorithms.

• 出版日期2014