A Lightweight Two-Way Authentication Scheme Between Communication Nodes for Software Defined Optical Access Network

For the rapid increase in the number of optical line terminals (OLTs) and optical network units (ONUs) connected to the control center in the software defined optical access network (SDOAN) environment, the security problems caused by the communication between devices and the high cost caused by the introduction of security schemes, we propose a lightweight identity two-way authentication scheme (LTWA) based on the cryptographically generated address (CGA) algorithm combined with the hash generated address (HGA) algorithm. The scheme introduces the CGA algorithm and the HGA algorithm without third party participation, so as to complete the first authentication binding and the non-first authentication binding between the communication nodes respectively, which effectively prevents an attacker from forging or tampering with authentication interaction messages, thereby establishing an end-to-end trusted connection in the access network. We experimentally verify the proposed LTWA scheme. The simulation results show that the scheme guarantees the security interaction between communication nodes, and reduces the average computational overhead and the blocking rate caused by malicious attacks.