home tags events about login
one honk maybe more

igloo@tupek.org posted 20 Jan 2025 03:35 +0000

Digging through some specs today led to some fun places.

On GPON networks, downstream flows are encrypted, but upstream flows are (by the spec) never encrypted[1]. On XGS-PON, upstream flows are optionally encrypted[2]. At least one large FTTH ISP in North America (and I'd imagine many others) doesn't seem to actually be enabling it[3].

Not that the built in encryption provides much protection. All keys chain back to a symmetric session key that can be derived by any party that witnesses the initial handshake[4].

While the logic of "we broadcast downstream and use timeslots for upstream" does make the need for downstream encryption feel more important, listening on all timeslots for a given loop to snatch data sent upstream feels like something we should have solved by 2025.

[1] ITU G.984.4 page 52 (pdf 58)
[2] ITU G.988 page 107 (pdf 113), Image 1
[3] Image 2
[4] ITU G.9807.1 page 216 (pdf 208)

QwxgvJ9pYf6nxlSG44.png ymWJ6g3wQZ5xPvYnbv.png

benjojo replied 20 Jan 2025 15:47 +0000
in reply to: https://tupek.org/u/igloo/h/5rcK27Zx3tTdjG1HF8

@igloo I guess on DOCSIS it matters a lot more to encrypt upstream traffic, as it's much more snoopable than a optical path

The encryption (and efforts relating to managing a KMS) hikes up the cost quite a lot so I'm not surprised, that being said GPON is also really quite old! XGS-PON seemingly came around the time when vendors managed to nail down fast-and-cheap L1 encryption (and exporting such tech was less awful)