SlideShare a Scribd company logo
1 of 25
Download to read offline
A
Seminar Report
On
Secure Communication Over Fiber Optic Networks
Submitted By
Fiona Rozario
Under the Guidance of
Dr. Anup Vibhute
Semester I
Year 2015- 16
Department of Electronics and Telecommunication Engineering
Dr. D Y Patil Educational Enterprises Charitable Trust’s
Dr. D Y Patil School of Engineering & Technology
Dr. D Y Patil Knowledge City, Charholi (Bk.), Via. Lohgaon, Pune – 412 105
Dr. D Y Patil School of Engineering & Technology
DEPARTMENT OF ELECTRONICS & TELECOMMUNICATION
YEAR: 2015-2016
CERTIFICATE
This is to certify that Seminar-I report entitled
Secure Communication Over Fiber Optic Networks
By
Fiona Rozario
is a bonafied work carried on by her in partial fulfillment of the requirement for the award of
Degree of Master of Engineering in Electronics & Telecommunication (Communication
Networks) of Savitribai Phule Pune University.
Date:
Place: Pune
Dr. Anup Vibhute Prof. Mukund G. Wani
Guide H.O.D.
(E & TC Department) (E & TC Department)
ACKNOWLEDGEMENT
I would like to express my gratitude towards my Guide, Dr. Anup Vibhute for being a source of
encouragement and also being a critic yet appreciable reviewer during the course of the seminar.
I would also like to thank our M.E. coordinator, Prof. S. R. Patil, our H.O.D., Prof. Wani and our
respected Principal, Dr. Ashok Kasnale for their consistent encouragement during the course of
the seminar.
Finally, I take this opportunity to thank one and all who have extended, directly or indirectly, all
possible help in the successfully completion of the seminar.
Fiona Rozario
ME5206
INDEX
Chapter Contents Page No.
1 Introduction 1
2 Literature Review 2
3 Optical Networks and Security Issues 4
3.1 What is an optical network? 4
3.1.1 Principle of working of optical fibers 5
3.1.2 Fiber optic communication system 5
3.2 Security issues in optical networks 6
3.2.1 Security issues in network transmission 6
3.2.2 Security issues in optical amplifiers 7
3.2.3 Security issues in optical cross-connects 8
3.3 Security in optical networks 9
4 Encryption Systems 10
4.1 What is encryption? 10
4.2 Types of encryption algorithms 10
5 Optical Encryption Schemes 11
5.1 Optical CDMA (OCDMA) 12
5.1.1 Confidentiality analysis of OCDMA systems 13
5.2 Quantum cryptography 14
5.3 Chaos based encryption 17
5.4 Optical steganography 18
6 Conclusion 20
References 21
Chapter 1
INTRODUCTION
Optical networks form the backbone of the Internet and are an integral constituent of the physical
layer of these networks. Since the physical layer forms the bottom layer in the open systems
interconnection (OSI) model, the performance and security of the physical layer and especially
optical networks have a critical influence on the six layers above it. The security approach in upper
layers is limited by both, the processing speed of electronic devices and the capacity availability in
the optical network. Fundamental improvements can be achieved for the entire network by
increasing the optical network’s performance in terms of channel capacity, data rate, and
processing speed. Furthermore, the security of the optical network has an impact on the security of
the entire communication system. It is inherently risky to build a security system on top of a
physical infrastructure that is vulnerable to attacks. Hence defending the optical network against
attacks benefits the security of the upper layer.
The actual implementation of a threat or an attack may vary from network to network, owing to the
vast variety of optical networks. However, in spite of these many different modalities, the attacks
on optical networks can be broadly classified as:
• attack where an adversary tries to listen in on communications (confidentiality),
• attack where an unauthorized entity tries to communicate (authentication),
• attack where an entity alters or manipulates communication (integrity),
• attack where an adversary tries to subvert the successful delivery of communications
(availability), and
• privacy risks associated with an adversary observing the existence of communications
(privacy and traffic analysis).
The purpose of this report is to explore and compare the various security and encryption methods
available for optical networks, namely, fiber-based methods, optical key distribution, optical
steganography, and optical chaos-based communication.
Chapter 2
LITERATURE REVIEW
2. Encryption techniques in optical networks
The various encryption techniques in photonics can be broadly classified as following:
1. Optical CDMA
2. Quantum cryptography
3. Chaos based encryption
4. Optical steganography
2.1 Optical CDMA
In optical CDMA, multiple users are provided with orthogonal codes and the users can
share the same channel to transmit data simultaneously. This works similar to the CDMA
systems used by mobile users. In an optical CDMA network, multiple users have their
multiplexed codes overlapped. Hence, unless an eavesdropper has knowledge of the code
being used by a particular user, the user’s pulses cannot be recovered from the multiplexed
stream of pulses.
However, for a point-to-point link with only one pair of transmitters and receivers, the data
security may be vulnerable to attack. To secure point-to-point links, Wang et al. propose a
method to divide the original data stream into multiple data streams and then generate
multiplexed signals. The experiment results indicate that the system is robust against
various types of attack models [9].
2.2 Quantum cryptography
Quantum cryptography is not an algorithm to encrypt and decrypt data. Rather it is a
technique of using photons to generate a cryptographic key and transmit it to a receiver
using a suitable communication channel. The security provided by quantum key
distribution is high as it can also indicate the presence of an eavesdropper trying to receive
information about the key.
However, the transmission and detection of a single photon of light make this method
difficult to realize practically. Also, noise and attenuation in the fiber limit the transmission
range and data rate. Scheuer et al. use a large fiber laser to exchange the key so that each
user can compare the received signal with his or her own key to obtain the key generated
by the other user. Compared to quantum key distribution, this system allows longer ranges
and a higher key-establishing rate [9].
2.3 Chaos based encryption
Chaos based encryption is a hardware based encryption technique. A random chaotic
waveform is generated at the transmitter end by a deterministic system. This chaos is used
to mask the confidential data. Only a receiver that has knowledge of how the chaos was
produced can reproduce the chaos to cancel it and retrieve the signal.
Besides providing confidentiality to the network, chaos-based communications also brings
a high level of robustness to data transmission. By spreading the narrowband signal into a
wideband signal, chaos-based communication can both create desired jamming and avoid
malicious jamming [9].
2.4 Optical steganography
In the basic approach to steganography, a short optical pulse is stretched temporally
through chromatic dispersion to give it a spectral width wider than the channel spectrum.
This merges the signal in the background noise of the public channel. With the right
dispersion compensation at the receiver, the stealth signal can be retrieved.
In addition to protecting the privacy of data transmission, a hidden channel in the public
network can also be applied to other security techniques for countering other possible
threats. For example, the stealth channel can be used to transmit information having a high
security level requirement, such as the key distribution for the encrypted public channel.
Chapter 3
Optical Networks and Security Issues
3.1 What is an optical network?
An optical network is a type of data communication network built with optical fiber
technology. It utilizes optical fiber cables as the primary communication medium for
converting data and passing data as light pulses between sender and receiver nodes.
A flexible transparent fiber of extremely pure glass or plastic, generally between 10 and
200 microns in diameter, through which light can be transmitted by successive internal
reflections, commonly used in telecommunications. An optical fiber consists of a core
through which light is transmitted and an outer surface called cladding.
Fig. 1 Optical Fiber
Through its use of light as a transmission medium, an optical network is one of the fastest
communication networks. It works by using an optical transmitter device to convert an
electrical signal received from a network node into light pulses, which are than placed on a
fiber optic cable for transport to a receiving device.
Unlike copper based networks, the light pulses of an optical network may be transported
quite a distance until the pulses are regenerated through an optical repeater device. After a
signal is delivered to a destination network, it is converted into an electrical signal through
an optical receiver device and sent to a recipient node.
Moreover, an optical network is less prone to external inference and attenuation and can
achieve substantially higher bandwidth speeds than copper networks.
3.1.1 Principle of working of optical fibers
Optical fibers work on the principal of total internal reflection of light – when a ray of light
travelling from an optically denser medium to an optically rarer medium is incident on the
surface of separation of the media at an angle that is greater than the critical angle of the
pair of media, then the ray of light undergoes complete reflection back into the denser
medium instead of undergoing refraction.
Fig. 2 Total internal reflection
Hence, a ray of light travelling in an optical fiber undergoes total internal reflection in the
core (which is of a higher refractive index than the cladding).
Fig. 3 Total internal reflection in an optical fiber
3.1.2 Fiber optic communication system
When the input data, in the form of electrical signals, is given to the transmitter circuitry, it
converts them into light signal with the help of a light source. This source is of LED whose
amplitude, frequency and phases must remain stable and free from fluctuation in order to
have efficient transmission. The light beam from the source is carried by a fiber optic cable
to the destination circuitry, wherein the information is converted back to the electrical
signal by a receiver circuit.
The receiver circuit consists of a photo detector along with an appropriate electronic
circuit, which is capable of measuring magnitude, frequency and phase of the optic field.
This type of communication uses the wavelengths near to the infrared band that are just
above the visible range. Both LED and Laser can be used as light sources based on the
application.
Fig. 4 Block diagram of fiber optic communication system
There are three main basic elements of fiber optic communication system. They are
• Compact Light Source
• Low loss Optical Fiber
• Photo Detector
Accessories like connectors, switches, couplers, multiplexing devices, amplifiers and
splices are also essential elements in this communication system.
3.2 Security issues in optical networks
Network attacks can be categorized as [2]:
• Service disruptions, which prevent communication or degrade QoS
• Tapping, which compromises privacy by providing unauthorized access to the data
Attacks on optical networks may be aimed at:
• Network transmission
• Optical amplifiers
• Optical cross connects
3.2.1 Security issues in network transmission
There are various fiber optic tapping or eavesdropping methods, but most fall into the
following categories [1]:
a) Hooking into the ports: The attacker directly hooks the tapping device into one of
the ports of the optical amplifiers or repeaters. These devices provide the easiest
point of attack. However, hooking into a port is impractical if the critical points of
the network are physically well secured.
b) Splice methods: An optical fiber is spliced and an appropriate instrument is inserted
to allow the signal to transit to the attacker. Since there is a brief interruption of
data, this attack is detectable. However, if the downtime is short, the system
attributes the disturbance to a network glitch and allows data transmission to
continue.
c) Splitter coupler method: By bending the fiber to a certain radius that can
compromise total internal reflection, a small amount of light is made to leak out.
This does not break the fiber nor cause any disturbance in the data transmission.
The amount of light lost is less than 1%, which is sufficient to recreate the original
electrical signal. However, use of the modern bend-insensitive fibers renders this
attack futile.
d) Rayleigh tapping: Due to non-uniform density of core particles, Rayleigh scattering
takes place in the core, which scatters the light in all directions. Some of this light
refracts out of the fiber and is susceptible to be captured if an attacker is aware of
this phenomenon. The attacker needs to place a focusing device (like a lens) near
the fiber and focus the light onto a separate segment of fiber for analysis.
3.2.2 Security issues in optical amplifiers
The basic principle of amplification is through stimulated emission of radiation by atoms in
the presence of an optical (electromagnetic) signal. The gain medium receives energy
through a process called pumping, which raises some electrons into excited quantum states.
This is accompanied by absorption of photons from the incident electromagnetic field. The
transition of those electrons back into lower energy state is accompanied by emission of
photons of the same frequency, direction of propagation, phase and polarization as
the incident photons. Once the number of electrons in one excited state exceeds their
number in some lower-energy state, population inversion is achieved and the amount of
stimulated emission due to light that passes through is larger than the amount of absorption.
Hence, the light is amplified.
Due to the fact that the distribution of excited electrons is not uniform at various energy
levels within the amplifier’s passband, the gain of an EDFA depends on the wavelength of
the incoming signals, with a peak around 1532 nm. Each of the signals is granted photons
proportionally to its power level, which can lead to a gain competition.
This can be used to create an out-of-band
jamming attack. The attacker injects a powerful
signal on a wavelength different from those of
other, legitimate signals, but still within the
passband of the amplifier. The amplifier,
unable to distinguish between the attack signal
and legitimate data signals, will provide gain to
each signal indiscriminately. This means that
the stronger, attacking signal will be provided
with higher gain than weaker, legitimate
signals, robbing them of power. Thereby, the
QoS level on the legitimate signals will deteriorate,
potentially leading to service denial [2].
Fig. 5 Out-of-band jamming
3.2.3 Security issues in optical cross-connects
Optical cross-connects (OXC) are wavelength selective and may also be referred to as
wavelength routing switches (WRS). The main hazard in their functioning is crosstalk.
There are two types of crosstalk [2]:
• out-of-band; occurs among adjacent lightpaths at different wavelengths, and
• in-band; occurs among lightpaths at the same wavelength
Out-of-band crosstalk usually occurs in optical fibers, especially under high power
conditions or long distances. It can also arise inside OXCs due to non-ideal demultiplexing,
where one channel is selected and the others are not perfectly rejected. Optical switches
may also produce out-of-band crosstalk due to imperfect isolation of different output ports.
In-band crosstalk occurs because switch ports are not perfectly isolated from each other.
Hence components of different signals transmitted on the same wavelength leak and
interfere with each other. This means that each channel that crosses through an optical
switch mixes with leakage from signals on the same wavelength.
Fig. 6 Out-of-band and In-band crosstalk in optical demultiplexers
In-band cross talk is more serious than out-of-band crosstalk. For example, if there are
unused ports at the output of a switch to which a tapper gains access, they can analyze
traffic and gain information carried at other signals on the same wavelength.
If an attacker injects a high-
powered signal, its components
will leak onto adjacent channels
on the same wavelength. This will
deteriorate the signal quality of
the transmission on those signals,
as shown in Fig. 7. Jamming
attacks exploiting in-band
crosstalk in switches have some of
the highest damage capabilities
among all attacks [2].
Fig. 7 Jamming attack
3.3 Security in optical networks
Security in optical networks can be classified as:
• Physical security: ensures minimum privacy of data and QoS
• Semantic security – protects meaning of the data even if the attacker has already
reached it. This deals with cryptography.
Chapter 4
Encryption Systems
4.1 What is encryption?
Encryption is mathematically altering data (plaintext) in a consistent manner to form an
unintelligible ciphertext. Encryption is a reversible process and relies on a secret key to
encrypt plaintext to ciphertext and vice versa.
Fig. 8 Encryption and decryption
4.2 Types of encryption algorithms:
There are two types of encryption algorithms:
• Symmetric algorithms
• Asymmetric algorithms
Symmetric encryption schemes or Private encryptions schemes use a key (any text,
numbers, etc.) to encrypt data, and the same key is used to decrypt that data. The smallest
change in the secret key will fail to decrypt an encrypted message. For example, text that is
encrypted using AES encryption with key Infosec will fail to decrypt another cipher text
which was encrypted using key INFOSEC.
Asymmetric encryption schemes or Public encryption schemes use two sets of keys.
One key is called a public key and other is called a private key. A public key is used to
encrypt data whereas a private key is used to decrypt that data. Similar to symmetric
cryptography, the smallest change in any of the two keys will make them useless to get the
original data. A benefit of asymmetric cryptography is that you can share the public key
with the whole world so that they can use it to send you encrypted data. And the private
key is stored safely with the owner and is used for decryption. One disadvantage of this
type of cryptography is that if your private key is lost or leaked then you will have to
generate a new pair of public and private keys.
Chapter 5
Optical Encryption Schemes
Encryption protects data transmission by encrypting the original data into cipher text.
Without knowing the key for the encryption process, the eavesdropper cannot recover the
data. Compared with electronic circuits, optical processing and transmission devices have
lower latency and higher speed [9]. Fiber-based devices do not generate an electromagnetic
signature and hence the signal in the fiber neither radiates an electromagnetic signal nor is
it jammed by external electromagnetic interference. Although, compared to electronic
encryption, optical encryption has limited functionality; it still plays an important role in
areas that require both strong security and fast processing speed.
Fig. 9 Schematic diagram for optical encryption
The optical XOR logic has been investigated and studies by many researchers as a starting
point to optical encryption. The XOR logic is an important starting point for building
optical layer encryption since, in cryptography, combining XOR with feedback is essential
in generating long key streams from smaller keys. The implementations of block ciphers
require XOR, feedback, and feed-forward capabilities. Translating these building blocks
into the optical domain and using them together can provide a high-speed, electromagnetic
wave-immune encryption. However, practical optical implementations of the above
building blocks face many challenges. Notably, optical systems are susceptible to noise
accumulation and the propagation of undesirable logic levels.
As mentioned earlier, optical encryption schemes can be categorized as:
1. Optical CDMA
2. Quantum cryptography
3. Chaos based encryption
4. Optical steganography
5.1 Optical CDMA (OCDMA)
OCDMA draws its analogy from the wireless spread spectrum CDMA systems. Where
CDMA employed frequency domain spreading/despreading, OCDMA employs time
domain spreading/despreading. An optical short pulse is spread over a one-bit duration T
by encoding. The decoding time-despreads the signal, reconstructing the signal if the codes
between the encoder and decoder match [3]. The signal remains spread over T if the codes
do not match.
Fig. 10 Principle of OCDMA system
In a typical OCDMA system, each data stream is encoded with a specific code and it can be
decoded only with the corresponding decoder. Since it is a multiple access system, many
codes (orthogonal to each other) can exist in the transmission channel, which overlap in
time and optical spectrum. Hence, without a priori knowledge of the codes, a given signal
cannot be detected.
OCDMA codes are divided into two groups [4]:
• Coherent OCDMA codes: employs specific phase pattern to create codes in the spectral
domain or the temporal domain. One such scheme is the spectral-phase encoding (SPE)
scheme. A mode-locked laser (MLL) is used as the optical source, which generates very
short repeating optical pulses. In the spectral domain, the optical pulses are represented
by a series of coherent spectral components. After passing through a SPE encoder,
different spectral components experience different phase shifts, forming a SPE code
pattern. At the receiver, the SPE decoder performs conjugation of phase shift to each
spectral component, so that all the spectral components become in-phase again and an
ACP is generated. In the multiple-access channel as shown in Fig. 11, other SPE codes
after the desired decoder will result in cross-correlation peaks, or the MAI, which will
not interfere with the ACP when the SPE codes in the multiple-access channel are
orthogonal. Time gating can be used to isolate the ACP from the MAI. A common
orthogonal SPE code set is Hadamard code, which is represented by a Hadamard matrix
HN, as shown in Fig. 11.
Fig. 11 SPE system and Hadamard-8 matrix
• Incoherent OCDMA code: implements the encoding through intensity modulation in
the temporal domain and/or the wavelength domain. A wavelength-hopping time
spreading (WHTS) system is an incoherent OCDMA system. WHTS codes use
incoherent optic pulses (chip pulses) at different wavelengths and assign them to
different time slots in one bit interval. To receive the desired code, a decoder is used to
align all the WHTS code’s chip pulses into one chip interval, to generate an auto-
correlation peak (ACP) as shown below.
Fig. 12 2D – WHTS system
In a multiple access channel, each WHTS code is transmitted simultaneously with other
codes. The presence of codes that do not match with the decoder appears as cross-
correlation peaks and causes multiple-access interference (MAI) after decoding. MAI can
be minimized if all the WHTS codes in the multiple access channels are orthogonal.
5.1.1 Confidentiality analysis of OCDMA systems
WHTS system: WHTS codes employ incoherent chip pulses to constitute the codes and
hence each chip pulse of a WHTS code already carries all the data information. Since the
chip pulses of WHTS codes do not exactly overlap in the temporal domain, it is possible
for an adversary to isolate each chip pulse of the desired WHTS code and intercept the data
[5]. By isolating a single chip pulse of the code, the adversary can obtain the data
information by detecting it with a photodetector. This is illustrated in the figure below.
Fig. 13 Detecting the data by WHTS codes in a multi-user channel without a decoder
SPE system: The approach that compromises the WHTS system cannot be used in SPE
systems due to the coherence. The adversary will have to find the entire phase code pattern
of the user to be able to intercept the data [5]. For example, for an SPE code with eight
phase chips, even if seven phase chips are set correctly and auto-correlation peak is not
generated. This is because all the spectral components are still not in phase. A brute-force
attack is remains the only option that can compromise the system. The number of codes
being used is limited to N since the codes need to be orthogonal. Hence the maximum
number of tries that an adversary needs in a brute force attack is N.
Single-user or multi-user OCDMA system cannot guarantee the security of the transmitted
data. Additional measures are required based on the above systems to improve the
confidentiality performance.
5.2 Quantum cryptography
The problem with symmetric cryptography is that the same key is used to both encrypt and
decrypt the messages. If for some reason that key is leaked to some third party, then it can
be used to decrypt communication between two trusted devices or persons. In the worst
case, the communication can be intercepted and altered. Another major problem with this
type of cryptography is how to decide which key to use and how to share between trusted
devices or persons.
In public key cryptography, most keys are at least 128-bit keys which are considered to be
very strong. An attacker can easily get hold of the public key because it is shared by the
user. But to generate a private key for that public key involves huge amounts of
calculations with permutations and combinations. At present a supercomputer is what you
need to crack a PKC and many years to complete it. But it will become pretty much
possible with the advances in technology.
Quantum cryptography deals with secure key distribution. It uses photons to send a key.
The key is ransmitted at a lower rate than the data but at a higher security level. The key
information is coded into the quantum states of a photon. A photon is the smallest particle
of light.
It has three types of spins:
1. Horizontal
2. Vertical
3. Diagonal (Right and Left)
Polarization can be used to polarize (pass through a filter) a photon so that it has a
particular spin, vertical or horizontal or diagonal. Polarization of a photon is performed
using polarization filters. According to Heisenberg’s Uncertainty Principle, it is impossible
to measure together the speed and position of a particle with highest accuracy, and its state
will change when measured. In other words, if an eavesdropper intercepts the transmitted
photons and passes it through its polarizer, if it is wrong it will make the receiver get the
wrong photon. Hence the interception of communication will get detected.
It means that if a photon is polarized using say X filter (Diagonal Polarization), then to get
the original spin of the photon only X filter can be used. If a + filter (Rectilinear
Polarization) is used on the photon, then it will either be absorbed by the filter or the
polarized photon will be of different spin than the original photon. For example, a
horizontal spinning photon when passed through a wrong filter will lead to diagonal spin,
which is incorrect.
The below table shows output spin for used polarization:
Polarization Output Spin
Rectilinear Polarization (+) Horizontal Spin (–) Vertical Spin (|)
Diagonal Polarization (X) Left Diagonal Spin () Right Diagonal Spin (/)
The photons used in quantum cryptography are called as qubits and the ‘0’ and ‘1’ mapping
we decide to use for each polarization state is called a basis. The rectilinear and diagonal
basis are as shown in the table:
Spin
Horizontal Spin
(–)
Vertical Spin
(|)
Left Diagonal Spin
()
Right Diagonal Spin
(/)
Value 0 1 0 1
Suppose Alice applies polarizations on photons and gets the spin and keeps a note of it.
Every spin has a value associated with it. Hence the qbit sequence being sent to Bob is
110001001010. The transmission of these qubits takes place on a secure optical channel.
Bob is listening for incoming photons and randomly applies any polarization filter
(rectilinear or diagonal) and keeps a note of applied polarization, spin and the output value.
The probability that the correct polarization filter is applied so that the qbit is correctly
recovered is 0.5. If the qbit is correctly recovered with the correct polarization filter, the
output is 1 else it is 0.
Suppose Bob applies the polarization filters as shown below; then the qbit sequence
received by Bob is 011001101010.
Fig. 14 Quantum cryptography
Now when the transmission has completed, Alice and Bob communicate on a public
channel that need not be encrypted. Bob tells Alice the polarizations (not the spin or value)
he applied in the exact same sequence, and Alice only says YES/NO. In this
communication, Bob gets to know the wrong polarizations. After successful key
transmission and fixing of wrong polarization, encrypted data can be sent and decrypted
when received.
If a user is intercepting the communication between sender and receiver, then he too will
have to randomly apply polarization on the photons sent (like Bob). After polarization, he
will forward the photons to Bob. But it is impossible for the eavesdropper to guess all
polarizations correctly. Hence, the eavesdropper changes some of the qubits in trying to
intercept them. So when Bob and Alice validate the polarizations, and Bob fails to decrypt
the data, then the interception of communication will get detected.
Although the quantum channel provides a high security level to the key distribution, the
requirement of single photon transmission and detection leads to difficulty in practically
realizing the system. It demands separate channels linking the source with the many
destinations, which implies high cost [14][12]. The transmission range (max. 250 km) [14]
and data rate is limited by the noise and attenuation in the single photon transmission
channel [9][13]. Also, use of amplifiers is limited since this will change the polarization of
the qubits [11]. Jamming a transmission is very easy in quantum systems. Something as
simple as a paper clip inserted in a fiber will change the polarization state of the qubits and
lead to misinterpretation of data [14].
5.3 Chaos based encryption
Among the various approaches tried to assure privacy and security in optical networks,
chaos based encryption have a promising future. As chaos is a pseudo-random signal with
wide bandwidth and it is unpredictable for a long term, it can be used to securely hide the
confidential message [6]. It is a hardware-based technique at the physical layer.
Fig. 15 shows the operating principle of chaos-based optical communications. The
transmitter consists of an optical oscillator, which operates in the chaotic regime, producing
an optical carrier with a broad (GHz-wide) spectrum. Information is encoded on this
chaotic carrier using different techniques. Assuming a high complexity in signal carrier and
low message amplitude, it is practically impossible to extract this encoded information
using techniques like linear filtering, frequency-domain analysis etc. At the receiver side, a
second chaotic oscillator is used, ‘similar’ to that of the transmitter. This similarity refers to
structural, emission, and intrinsic parameters of the semiconductor laser, to the feedback
loop characteristics, and to the operating parameters.
Fig. 15 Chaos based optical communication system
At the receiver, part of the received message with the encoded information is injected into
the receiver. Assuming efficient synchronization of transmitter and receiver, the receiver
generates, at its output, a chaotic carrier almost identical to the injected carrier, but without
the encoded information. Therefore, subtracting this chaotic carrier from the incoming
chaotic signal, which includes the encoded information, reveals the transmitted
information.
The message extraction is based on synchronization of transmitter and receiver. In the
context of chaos terminology, synchronization means that the irregular time evolution of
the chaotic emitter’s output in the optical power can be perfectly reproduced by the
receiver, provided that the emitter and receiver are identical. Even minor discrepancies
between the emitter and receiver oscillators can result in degraded synchronization.
There are three main methods of message encryption using optical chaotic communications
[6]:
1. Chaotic masking (CMS): The chaotic carrier is generated by the transmitter laser (TL).
The message is directly added with this carrier, as shown in Fig. 16 (a).
2. Chaotic shift keying (CSK): The message directly modulates the injection current of the
TL. Hence, the TL produces the chaotic carrier with message hidden in it. Fig. 16 (b)
illustrates CSK.
3. Chaotic modulation (CMO): The output power of TL is added with the message. Then
this mixed signal is sent back to the TL by a feedback loop as a modulation to generate
the chaotic carrier. Fig. 16 (c) illustrates CMO.
Fig. 16 Methods of message encryption using optical chaotic communications
(a) CMS, (b) CSK, (c) CMO
Studies and experiments show that - information can be transmitted at high bit rates using
deterministic chaos in a manner that is robust to perturbations and channel disturbances that
are unavoidable under real-world conditions, for distances on the order of 200km [10].
5.4 Optical steganography
Optical steganography aims at transmitting stealth signals in public fiber optic
communication channels without being detected. The basic principle of optical
steganography is to temporally stretch a stealth data pulse using chromatic dispersion. This
reduces the amplitudes to a very low level such that the stealth signal is not detected in the
system noise. At the receiver, using matched dispersion compensation the signal can be
retrieved.
However, this approach provides a weak security. If an eavesdropper suspects the presence
of a stealth signal, using a tunable dispersion compensation device, the privacy of the data
can be compromised.
A second approach with temporal phase modulation is proposed and analyzed in [7]. After
a temporal phase mask is applied on the stretched signal, different portions of the signal
undergo different phase shifts. Corresponding phase recovery along with dispersion
compensation is required at the receiver to recover the signal.
The spectra of the public signal and the combined signal have very insignificant differences
and are indistinguishable in real optic networks. The received stealth channel experiences
only <0.1dB performance degradation resulting from the temporal phase modulation,
compared with the approach without phase modulation [7].
Fig. 17 Temporal signal with and without phase mask encryption
Yet another approach to optical steganography has been explored in [8]. The amplified
spontaneous emission, ASE noise from EDFAs is used to provide security. The data signal
is added onto the ASE noise. Since ASE noise exists in optical networks, an eavesdropper
will not be able to distinguish between “signal with ASE” and “noise ASE”.
The BER curves of the stealth signal with and without the public channel are
indistinguishable [8]. The BER measurements of the public channel show that adding the
stealth channel only causes a 0.2 to 0.3 dBm power penalty.
Fig. 18 (a) Spectrum of channel with and without ASE, stealth signal (b) BER measurements
with and without stealth channel and AASE.
Chapter 6
Conclusion
The table below compares the various security techniques.
Technique Limitations Advantages
OCDMA Effected by dispersions in the
fiber; hence range of
transmission gets limited to
no longer than 100 km [3].
It is a multiple access system;
plurality of codes can exist in
the same channel.
Confidentiality is not as
strong as that provided by
data encryption.
Chaos based encryption Synchronization of receiver
and transmitter is critical to
proper functioning. It is very
difficult to get lasers of the
same parameters for
synchronization.
There is high level of
robustness at high bit rates
It can create jamming as well
as avoid jamming to a high
degree.
Quantum cryptography Use of amplifiers will change
the qubits. Hence the range of
transmission is limited.
This method can notify of
interception of data [12].
It needs a dedicated channel
of high quality for key
exchange between every pair
of sender and receiver. Hence
multiplexing is not possible.
Very vulnerable to jamming.
Optical steganography:
(a) Temporal stretching of
pulse
Data can be intercepted using
tunable dispersion
compensation devices.
Simplest in implementation.
(b) Temporal phase mask Robust against adversary
attacks.
(c) ASE noise Optical delays between
receiver and transmitter must
be matched exactly to get the
stealth signal.
Public channel does not
induce any power penalty on
the stealth channel and the
stealth channel induces a
power penalty of only 0.2-0.3
dBm on the public channel.
An optical system has low latency and is immune to electromagnetic interference; hence optical
encryption is especially important in areas that require a high level of security without
compromising the processing speed.
Although a variety of approaches have been proposed and demonstrated to protect multiple threats
in the physical layer of an optical network, one can conclude that the technique to be applied must
be carefully selected by analyzing factors like infrastructure, criticality of data being exchanged,
cost and size of the optical network (transmission range).
References
[1] Banjac Z., OrliĆ V., PeriĆ M., MiliĆeviĆ S. "Securing data on fiber optic transmission lines." 20th
Telecommunications forum TELFOR (2012).
[2] Marija, Furdek. "Physical-Layer Attacks in Optical WDM Networks and Attack-Aware Network
Planning."
[3] KITAYAMA Ken-ichi, SOTOBAYASHI Hideyuki, WADA Naoya. "Optical Code Division
Multiplexing (OCDM) and its applications to photonic networks.", IEICE Trans. Fundamentals
Vol. E82-A.No. 12 (1999).
[4] Fok Mable P., Wang Zhexing, Deng Yanhua, Prucnal Paul R. "Optical Layer Security in Fiber-
Optic Networks." IEEE Transactions on Information Forensics and Security 6.3 (2011).
[5] Fok Mable P., Wang Zhexing, Prucnal Paul R. "Physical Encoding in Optical Layer Security."
[6] Hongxi, Zhao Qingchun and Yin. "Suggested Rules for Designing Secure Communication Systems
Utilizing Chaotic Lasers: A Survey ."
[7] Wang Z., Fok M. P., Xu L., Chang J., and Prucnal P. R.", Improving the privacy of optical
steganography with temporal phase masks." Optics Express 18.6 (2010).
[8] Wu Ben, Wang Zhenxing, Tian Yue, Fok Mable P., Shastri Bhavin J., Kanoff Daniel R., and
Prucnal Paul R. "Optical steganography based on amplified spontaneous emission noise." Optics
Express 21.2 (2013).
[9] Akhgar Babak, Arabnia Hamid R. Emerging Trends in ICT Security. MK, n.d.
[10] Antonis, Syvridis Dimitris and Bogris. "Secure communications links based on chaotic optical
carriers." 2006.
[11] Christoph, Guenther. "The Relevance of Quantum Cryptography in Modern Cryptographic
Systems." December 2003. SANS Institute InfoSec Reading Room. <https://www.sans.org/reading-
room/whitepapers/awareness/relevance-quantum-cryptography-modern-cryptographic-systems-
1334>.
[12] SWISS Quantum. June 2009. <http://swissquantum.idquantique.com/?-Quantum-Cryptography->.
[13] Brassard Gilles, L¨utkenhaus Norbert , Mor Tal and Sanders Barry C. "Security Aspects of
Practical Quantum Cryptography." Physical Review Letters September 2000.
[14] Ojha Vibha, Sharma Anand, Goar Vishal, Trivedi Prakriti. "Limitations of Practical Quantum
Cryptography." International Journal of Computer Trends and Technology March-April 2011.

More Related Content

What's hot

Optical cdma and tdma
Optical cdma and tdmaOptical cdma and tdma
Optical cdma and tdmaKush Singla
 
A Review of Routing Protocols for Wireless Sensor Network
A Review of Routing Protocols for Wireless Sensor NetworkA Review of Routing Protocols for Wireless Sensor Network
A Review of Routing Protocols for Wireless Sensor NetworkIJMER
 
Iaetsd improving the location of nodes in wireless ad
Iaetsd improving the location of nodes in wireless adIaetsd improving the location of nodes in wireless ad
Iaetsd improving the location of nodes in wireless adIaetsd Iaetsd
 
Enhanced signal detection slgorithm using trained neural network for cognitiv...
Enhanced signal detection slgorithm using trained neural network for cognitiv...Enhanced signal detection slgorithm using trained neural network for cognitiv...
Enhanced signal detection slgorithm using trained neural network for cognitiv...IJECEIAES
 
Free space optical communication
Free space optical communicationFree space optical communication
Free space optical communicationAhmed El-Sayed
 
Chapter 2 e.commerce
Chapter  2 e.commerceChapter  2 e.commerce
Chapter 2 e.commerceAbdinorAbukar
 
Performance of energy balanced territorial predator scent marking algorithm b...
Performance of energy balanced territorial predator scent marking algorithm b...Performance of energy balanced territorial predator scent marking algorithm b...
Performance of energy balanced territorial predator scent marking algorithm b...eSAT Publishing House
 
Transmission media (data communication)
Transmission media (data communication)Transmission media (data communication)
Transmission media (data communication)Pritom Chaki
 
FSO networks under turbulence - Northumbria University 2013 Research Conference
FSO networks under turbulence - Northumbria University 2013 Research ConferenceFSO networks under turbulence - Northumbria University 2013 Research Conference
FSO networks under turbulence - Northumbria University 2013 Research ConferenceJoaquin Perez
 

What's hot (19)

Optical cdma and tdma
Optical cdma and tdmaOptical cdma and tdma
Optical cdma and tdma
 
G0261041046
G0261041046G0261041046
G0261041046
 
Transmission media
Transmission mediaTransmission media
Transmission media
 
A Review of Routing Protocols for Wireless Sensor Network
A Review of Routing Protocols for Wireless Sensor NetworkA Review of Routing Protocols for Wireless Sensor Network
A Review of Routing Protocols for Wireless Sensor Network
 
Localization
LocalizationLocalization
Localization
 
Iaetsd improving the location of nodes in wireless ad
Iaetsd improving the location of nodes in wireless adIaetsd improving the location of nodes in wireless ad
Iaetsd improving the location of nodes in wireless ad
 
Enhanced signal detection slgorithm using trained neural network for cognitiv...
Enhanced signal detection slgorithm using trained neural network for cognitiv...Enhanced signal detection slgorithm using trained neural network for cognitiv...
Enhanced signal detection slgorithm using trained neural network for cognitiv...
 
OPTICAL CDMA system
OPTICAL CDMA system OPTICAL CDMA system
OPTICAL CDMA system
 
Free space optical communication
Free space optical communicationFree space optical communication
Free space optical communication
 
Chapter 2 e.commerce
Chapter  2 e.commerceChapter  2 e.commerce
Chapter 2 e.commerce
 
Sem 1 Ch 3
Sem 1 Ch 3Sem 1 Ch 3
Sem 1 Ch 3
 
Performance of energy balanced territorial predator scent marking algorithm b...
Performance of energy balanced territorial predator scent marking algorithm b...Performance of energy balanced territorial predator scent marking algorithm b...
Performance of energy balanced territorial predator scent marking algorithm b...
 
Transmission media (data communication)
Transmission media (data communication)Transmission media (data communication)
Transmission media (data communication)
 
Ccna1v3 Mod02 Class
Ccna1v3 Mod02 ClassCcna1v3 Mod02 Class
Ccna1v3 Mod02 Class
 
FSO networks under turbulence - Northumbria University 2013 Research Conference
FSO networks under turbulence - Northumbria University 2013 Research ConferenceFSO networks under turbulence - Northumbria University 2013 Research Conference
FSO networks under turbulence - Northumbria University 2013 Research Conference
 
9345.pdf
9345.pdf9345.pdf
9345.pdf
 
file4.pdf
file4.pdffile4.pdf
file4.pdf
 
Hint for transmission media
Hint for transmission mediaHint for transmission media
Hint for transmission media
 
wireless sensor network
wireless sensor networkwireless sensor network
wireless sensor network
 

Viewers also liked

Turundus ja müügistrateegiad 2012
Turundus ja müügistrateegiad 2012Turundus ja müügistrateegiad 2012
Turundus ja müügistrateegiad 2012Kristi Aru
 
Secure and reliable routing protocols for heterogeneous multihop wireless net...
Secure and reliable routing protocols for heterogeneous multihop wireless net...Secure and reliable routing protocols for heterogeneous multihop wireless net...
Secure and reliable routing protocols for heterogeneous multihop wireless net...Pvrtechnologies Nellore
 
Secure and reliable routing protocols
Secure and reliable routing protocolsSecure and reliable routing protocols
Secure and reliable routing protocolsDevdutta Chakrabarti
 
Dual Layer Security Of Data Using LSB Image Steganography And AES Encryption ...
Dual Layer Security Of Data Using LSB Image Steganography And AES Encryption ...Dual Layer Security Of Data Using LSB Image Steganography And AES Encryption ...
Dual Layer Security Of Data Using LSB Image Steganography And AES Encryption ...Bikash Chandra Prusty
 
Mse%204001%20 Wireless%20 Optical%20 Mouse
Mse%204001%20 Wireless%20 Optical%20 MouseMse%204001%20 Wireless%20 Optical%20 Mouse
Mse%204001%20 Wireless%20 Optical%20 Mouseadamwentworth
 
SRS on online auction system
SRS on online auction systemSRS on online auction system
SRS on online auction systemsagar_paperwala
 
SRS FOR CHAT APPLICATION
SRS FOR CHAT APPLICATIONSRS FOR CHAT APPLICATION
SRS FOR CHAT APPLICATIONAtul Kushwaha
 
Literature Review: Security on cloud computing
Literature Review: Security on cloud computingLiterature Review: Security on cloud computing
Literature Review: Security on cloud computingSuranga Nisiwasala
 

Viewers also liked (9)

Turundus ja müügistrateegiad 2012
Turundus ja müügistrateegiad 2012Turundus ja müügistrateegiad 2012
Turundus ja müügistrateegiad 2012
 
Secure and reliable routing protocols for heterogeneous multihop wireless net...
Secure and reliable routing protocols for heterogeneous multihop wireless net...Secure and reliable routing protocols for heterogeneous multihop wireless net...
Secure and reliable routing protocols for heterogeneous multihop wireless net...
 
Secure and reliable routing protocols
Secure and reliable routing protocolsSecure and reliable routing protocols
Secure and reliable routing protocols
 
Dual Layer Security Of Data Using LSB Image Steganography And AES Encryption ...
Dual Layer Security Of Data Using LSB Image Steganography And AES Encryption ...Dual Layer Security Of Data Using LSB Image Steganography And AES Encryption ...
Dual Layer Security Of Data Using LSB Image Steganography And AES Encryption ...
 
Format preserving encryption bachelor thesis
Format preserving encryption bachelor thesisFormat preserving encryption bachelor thesis
Format preserving encryption bachelor thesis
 
Mse%204001%20 Wireless%20 Optical%20 Mouse
Mse%204001%20 Wireless%20 Optical%20 MouseMse%204001%20 Wireless%20 Optical%20 Mouse
Mse%204001%20 Wireless%20 Optical%20 Mouse
 
SRS on online auction system
SRS on online auction systemSRS on online auction system
SRS on online auction system
 
SRS FOR CHAT APPLICATION
SRS FOR CHAT APPLICATIONSRS FOR CHAT APPLICATION
SRS FOR CHAT APPLICATION
 
Literature Review: Security on cloud computing
Literature Review: Security on cloud computingLiterature Review: Security on cloud computing
Literature Review: Security on cloud computing
 

Similar to Secure communication over optical networks

PHYSICAL LAYER SECURITY OF OPTICAL NETWORKS.pdf
PHYSICAL LAYER SECURITY OF OPTICAL NETWORKS.pdfPHYSICAL LAYER SECURITY OF OPTICAL NETWORKS.pdf
PHYSICAL LAYER SECURITY OF OPTICAL NETWORKS.pdfadeel paracha
 
Review of the Security Challenges of Fiber Optics Technologies in Network Con...
Review of the Security Challenges of Fiber Optics Technologies in Network Con...Review of the Security Challenges of Fiber Optics Technologies in Network Con...
Review of the Security Challenges of Fiber Optics Technologies in Network Con...inventionjournals
 
Review of the Security Challenges of Fiber Optics Technologies in Network Con...
Review of the Security Challenges of Fiber Optics Technologies in Network Con...Review of the Security Challenges of Fiber Optics Technologies in Network Con...
Review of the Security Challenges of Fiber Optics Technologies in Network Con...inventionjournals
 
9 Aab32 Dd Bdb9 137 E Ca2184 F057753212 154710
9 Aab32 Dd Bdb9 137 E Ca2184 F057753212 1547109 Aab32 Dd Bdb9 137 E Ca2184 F057753212 154710
9 Aab32 Dd Bdb9 137 E Ca2184 F057753212 154710guestbd2263
 
COMPUTER NETWORKS - SHORT NOTES
COMPUTER NETWORKS - SHORT NOTESCOMPUTER NETWORKS - SHORT NOTES
COMPUTER NETWORKS - SHORT NOTESsuthi
 
Wireless channel-based ciphering key generation: effect of aging and treatment
Wireless channel-based ciphering key generation: effect of aging and treatmentWireless channel-based ciphering key generation: effect of aging and treatment
Wireless channel-based ciphering key generation: effect of aging and treatmentIJECEIAES
 
REAL TIME SECURING OF ALL-OPTICAL NETWORKS AGAINST SECURITY ATTACKS AT THE PH...
REAL TIME SECURING OF ALL-OPTICAL NETWORKS AGAINST SECURITY ATTACKS AT THE PH...REAL TIME SECURING OF ALL-OPTICAL NETWORKS AGAINST SECURITY ATTACKS AT THE PH...
REAL TIME SECURING OF ALL-OPTICAL NETWORKS AGAINST SECURITY ATTACKS AT THE PH...IJNSA Journal
 
REAL TIME SECURING OF ALL-OPTICAL NETWORKS AGAINST SECURITY ATTACKS AT THE PH...
REAL TIME SECURING OF ALL-OPTICAL NETWORKS AGAINST SECURITY ATTACKS AT THE PH...REAL TIME SECURING OF ALL-OPTICAL NETWORKS AGAINST SECURITY ATTACKS AT THE PH...
REAL TIME SECURING OF ALL-OPTICAL NETWORKS AGAINST SECURITY ATTACKS AT THE PH...IJNSA Journal
 
Framework for wireless network security using quantum cryptography
Framework for wireless network security using quantum cryptographyFramework for wireless network security using quantum cryptography
Framework for wireless network security using quantum cryptographyIJCNCJournal
 
FUTURE TRENDS IN FIBER OPTICS COMMUNICATION
FUTURE TRENDS IN FIBER OPTICS COMMUNICATIONFUTURE TRENDS IN FIBER OPTICS COMMUNICATION
FUTURE TRENDS IN FIBER OPTICS COMMUNICATIONIJCI JOURNAL
 
Data Security via Public-Key Cryptography in Wireless Sensor Network
Data Security via Public-Key Cryptography in Wireless Sensor NetworkData Security via Public-Key Cryptography in Wireless Sensor Network
Data Security via Public-Key Cryptography in Wireless Sensor NetworkIJCI JOURNAL
 
Body third generation of fiber optic communication systems
Body third generation of fiber optic communication systemsBody third generation of fiber optic communication systems
Body third generation of fiber optic communication systemsMohammad Jahangir Hosen Bhuiyan
 
OPTICAL SWITCHING.pptx
OPTICAL SWITCHING.pptxOPTICAL SWITCHING.pptx
OPTICAL SWITCHING.pptxAkshay712352
 
Data Rates Performance Analysis of Point to Multi-Point Wireless Link in Univ...
Data Rates Performance Analysis of Point to Multi-Point Wireless Link in Univ...Data Rates Performance Analysis of Point to Multi-Point Wireless Link in Univ...
Data Rates Performance Analysis of Point to Multi-Point Wireless Link in Univ...IRJET Journal
 
light tree documentation by pradeep
light tree documentation by pradeeplight tree documentation by pradeep
light tree documentation by pradeepPradeep Kumar
 
DSSS with ISAKMP Key Management Protocol to Secure Physical Layer for Mobile ...
DSSS with ISAKMP Key Management Protocol to Secure Physical Layer for Mobile ...DSSS with ISAKMP Key Management Protocol to Secure Physical Layer for Mobile ...
DSSS with ISAKMP Key Management Protocol to Secure Physical Layer for Mobile ...IJNSA Journal
 

Similar to Secure communication over optical networks (20)

PHYSICAL LAYER SECURITY OF OPTICAL NETWORKS.pdf
PHYSICAL LAYER SECURITY OF OPTICAL NETWORKS.pdfPHYSICAL LAYER SECURITY OF OPTICAL NETWORKS.pdf
PHYSICAL LAYER SECURITY OF OPTICAL NETWORKS.pdf
 
Review of the Security Challenges of Fiber Optics Technologies in Network Con...
Review of the Security Challenges of Fiber Optics Technologies in Network Con...Review of the Security Challenges of Fiber Optics Technologies in Network Con...
Review of the Security Challenges of Fiber Optics Technologies in Network Con...
 
Review of the Security Challenges of Fiber Optics Technologies in Network Con...
Review of the Security Challenges of Fiber Optics Technologies in Network Con...Review of the Security Challenges of Fiber Optics Technologies in Network Con...
Review of the Security Challenges of Fiber Optics Technologies in Network Con...
 
9 Aab32 Dd Bdb9 137 E Ca2184 F057753212 154710
9 Aab32 Dd Bdb9 137 E Ca2184 F057753212 1547109 Aab32 Dd Bdb9 137 E Ca2184 F057753212 154710
9 Aab32 Dd Bdb9 137 E Ca2184 F057753212 154710
 
COMPUTER NETWORKS - SHORT NOTES
COMPUTER NETWORKS - SHORT NOTESCOMPUTER NETWORKS - SHORT NOTES
COMPUTER NETWORKS - SHORT NOTES
 
Wireless channel-based ciphering key generation: effect of aging and treatment
Wireless channel-based ciphering key generation: effect of aging and treatmentWireless channel-based ciphering key generation: effect of aging and treatment
Wireless channel-based ciphering key generation: effect of aging and treatment
 
REAL TIME SECURING OF ALL-OPTICAL NETWORKS AGAINST SECURITY ATTACKS AT THE PH...
REAL TIME SECURING OF ALL-OPTICAL NETWORKS AGAINST SECURITY ATTACKS AT THE PH...REAL TIME SECURING OF ALL-OPTICAL NETWORKS AGAINST SECURITY ATTACKS AT THE PH...
REAL TIME SECURING OF ALL-OPTICAL NETWORKS AGAINST SECURITY ATTACKS AT THE PH...
 
REAL TIME SECURING OF ALL-OPTICAL NETWORKS AGAINST SECURITY ATTACKS AT THE PH...
REAL TIME SECURING OF ALL-OPTICAL NETWORKS AGAINST SECURITY ATTACKS AT THE PH...REAL TIME SECURING OF ALL-OPTICAL NETWORKS AGAINST SECURITY ATTACKS AT THE PH...
REAL TIME SECURING OF ALL-OPTICAL NETWORKS AGAINST SECURITY ATTACKS AT THE PH...
 
Framework for wireless network security using quantum cryptography
Framework for wireless network security using quantum cryptographyFramework for wireless network security using quantum cryptography
Framework for wireless network security using quantum cryptography
 
FUTURE TRENDS IN FIBER OPTICS COMMUNICATION
FUTURE TRENDS IN FIBER OPTICS COMMUNICATIONFUTURE TRENDS IN FIBER OPTICS COMMUNICATION
FUTURE TRENDS IN FIBER OPTICS COMMUNICATION
 
Lifi report
Lifi reportLifi report
Lifi report
 
Data Security via Public-Key Cryptography in Wireless Sensor Network
Data Security via Public-Key Cryptography in Wireless Sensor NetworkData Security via Public-Key Cryptography in Wireless Sensor Network
Data Security via Public-Key Cryptography in Wireless Sensor Network
 
Lect-3-M2M-IoT.pptx
Lect-3-M2M-IoT.pptxLect-3-M2M-IoT.pptx
Lect-3-M2M-IoT.pptx
 
Body third generation of fiber optic communication systems
Body third generation of fiber optic communication systemsBody third generation of fiber optic communication systems
Body third generation of fiber optic communication systems
 
OPTICAL SWITCHING.pptx
OPTICAL SWITCHING.pptxOPTICAL SWITCHING.pptx
OPTICAL SWITCHING.pptx
 
Data Rates Performance Analysis of Point to Multi-Point Wireless Link in Univ...
Data Rates Performance Analysis of Point to Multi-Point Wireless Link in Univ...Data Rates Performance Analysis of Point to Multi-Point Wireless Link in Univ...
Data Rates Performance Analysis of Point to Multi-Point Wireless Link in Univ...
 
light tree documentation by pradeep
light tree documentation by pradeeplight tree documentation by pradeep
light tree documentation by pradeep
 
DSSS with ISAKMP Key Management Protocol to Secure Physical Layer for Mobile ...
DSSS with ISAKMP Key Management Protocol to Secure Physical Layer for Mobile ...DSSS with ISAKMP Key Management Protocol to Secure Physical Layer for Mobile ...
DSSS with ISAKMP Key Management Protocol to Secure Physical Layer for Mobile ...
 
Br33421423
Br33421423Br33421423
Br33421423
 
Br33421423
Br33421423Br33421423
Br33421423
 

Recently uploaded

Block diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptBlock diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptNANDHAKUMARA10
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering  Unit - I & II . pptThermal Engineering  Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptDineshKumar4165
 
Design For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startDesign For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startQuintin Balsdon
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756dollysharma2066
 
A Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna MunicipalityA Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna MunicipalityMorshed Ahmed Rahath
 
Employee leave management system project.
Employee leave management system project.Employee leave management system project.
Employee leave management system project.Kamal Acharya
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlysanyuktamishra911
 
Unleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapUnleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapRishantSharmaFr
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdfKamal Acharya
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayEpec Engineered Technologies
 
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
COST-EFFETIVE  and Energy Efficient BUILDINGS ptxCOST-EFFETIVE  and Energy Efficient BUILDINGS ptx
COST-EFFETIVE and Energy Efficient BUILDINGS ptxJIT KUMAR GUPTA
 
22-prompt engineering noted slide shown.pdf
22-prompt engineering noted slide shown.pdf22-prompt engineering noted slide shown.pdf
22-prompt engineering noted slide shown.pdf203318pmpc
 
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
 
Unit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfUnit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfRagavanV2
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfJiananWang21
 

Recently uploaded (20)

(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
 
Block diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptBlock diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.ppt
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering  Unit - I & II . pptThermal Engineering  Unit - I & II . ppt
Thermal Engineering Unit - I & II . ppt
 
Design For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startDesign For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the start
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
A Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna MunicipalityA Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna Municipality
 
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
Employee leave management system project.
Employee leave management system project.Employee leave management system project.
Employee leave management system project.
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghly
 
Unleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapUnleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leap
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdf
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power Play
 
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
COST-EFFETIVE  and Energy Efficient BUILDINGS ptxCOST-EFFETIVE  and Energy Efficient BUILDINGS ptx
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
 
22-prompt engineering noted slide shown.pdf
22-prompt engineering noted slide shown.pdf22-prompt engineering noted slide shown.pdf
22-prompt engineering noted slide shown.pdf
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
 
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - NeometrixIntegrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
 
Unit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfUnit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdf
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdf
 

Secure communication over optical networks

  • 1. A Seminar Report On Secure Communication Over Fiber Optic Networks Submitted By Fiona Rozario Under the Guidance of Dr. Anup Vibhute Semester I Year 2015- 16 Department of Electronics and Telecommunication Engineering Dr. D Y Patil Educational Enterprises Charitable Trust’s Dr. D Y Patil School of Engineering & Technology Dr. D Y Patil Knowledge City, Charholi (Bk.), Via. Lohgaon, Pune – 412 105
  • 2. Dr. D Y Patil School of Engineering & Technology DEPARTMENT OF ELECTRONICS & TELECOMMUNICATION YEAR: 2015-2016 CERTIFICATE This is to certify that Seminar-I report entitled Secure Communication Over Fiber Optic Networks By Fiona Rozario is a bonafied work carried on by her in partial fulfillment of the requirement for the award of Degree of Master of Engineering in Electronics & Telecommunication (Communication Networks) of Savitribai Phule Pune University. Date: Place: Pune Dr. Anup Vibhute Prof. Mukund G. Wani Guide H.O.D. (E & TC Department) (E & TC Department)
  • 3. ACKNOWLEDGEMENT I would like to express my gratitude towards my Guide, Dr. Anup Vibhute for being a source of encouragement and also being a critic yet appreciable reviewer during the course of the seminar. I would also like to thank our M.E. coordinator, Prof. S. R. Patil, our H.O.D., Prof. Wani and our respected Principal, Dr. Ashok Kasnale for their consistent encouragement during the course of the seminar. Finally, I take this opportunity to thank one and all who have extended, directly or indirectly, all possible help in the successfully completion of the seminar. Fiona Rozario ME5206
  • 4. INDEX Chapter Contents Page No. 1 Introduction 1 2 Literature Review 2 3 Optical Networks and Security Issues 4 3.1 What is an optical network? 4 3.1.1 Principle of working of optical fibers 5 3.1.2 Fiber optic communication system 5 3.2 Security issues in optical networks 6 3.2.1 Security issues in network transmission 6 3.2.2 Security issues in optical amplifiers 7 3.2.3 Security issues in optical cross-connects 8 3.3 Security in optical networks 9 4 Encryption Systems 10 4.1 What is encryption? 10 4.2 Types of encryption algorithms 10 5 Optical Encryption Schemes 11 5.1 Optical CDMA (OCDMA) 12 5.1.1 Confidentiality analysis of OCDMA systems 13 5.2 Quantum cryptography 14 5.3 Chaos based encryption 17 5.4 Optical steganography 18 6 Conclusion 20 References 21
  • 5. Chapter 1 INTRODUCTION Optical networks form the backbone of the Internet and are an integral constituent of the physical layer of these networks. Since the physical layer forms the bottom layer in the open systems interconnection (OSI) model, the performance and security of the physical layer and especially optical networks have a critical influence on the six layers above it. The security approach in upper layers is limited by both, the processing speed of electronic devices and the capacity availability in the optical network. Fundamental improvements can be achieved for the entire network by increasing the optical network’s performance in terms of channel capacity, data rate, and processing speed. Furthermore, the security of the optical network has an impact on the security of the entire communication system. It is inherently risky to build a security system on top of a physical infrastructure that is vulnerable to attacks. Hence defending the optical network against attacks benefits the security of the upper layer. The actual implementation of a threat or an attack may vary from network to network, owing to the vast variety of optical networks. However, in spite of these many different modalities, the attacks on optical networks can be broadly classified as: • attack where an adversary tries to listen in on communications (confidentiality), • attack where an unauthorized entity tries to communicate (authentication), • attack where an entity alters or manipulates communication (integrity), • attack where an adversary tries to subvert the successful delivery of communications (availability), and • privacy risks associated with an adversary observing the existence of communications (privacy and traffic analysis). The purpose of this report is to explore and compare the various security and encryption methods available for optical networks, namely, fiber-based methods, optical key distribution, optical steganography, and optical chaos-based communication.
  • 6. Chapter 2 LITERATURE REVIEW 2. Encryption techniques in optical networks The various encryption techniques in photonics can be broadly classified as following: 1. Optical CDMA 2. Quantum cryptography 3. Chaos based encryption 4. Optical steganography 2.1 Optical CDMA In optical CDMA, multiple users are provided with orthogonal codes and the users can share the same channel to transmit data simultaneously. This works similar to the CDMA systems used by mobile users. In an optical CDMA network, multiple users have their multiplexed codes overlapped. Hence, unless an eavesdropper has knowledge of the code being used by a particular user, the user’s pulses cannot be recovered from the multiplexed stream of pulses. However, for a point-to-point link with only one pair of transmitters and receivers, the data security may be vulnerable to attack. To secure point-to-point links, Wang et al. propose a method to divide the original data stream into multiple data streams and then generate multiplexed signals. The experiment results indicate that the system is robust against various types of attack models [9]. 2.2 Quantum cryptography Quantum cryptography is not an algorithm to encrypt and decrypt data. Rather it is a technique of using photons to generate a cryptographic key and transmit it to a receiver using a suitable communication channel. The security provided by quantum key distribution is high as it can also indicate the presence of an eavesdropper trying to receive information about the key. However, the transmission and detection of a single photon of light make this method difficult to realize practically. Also, noise and attenuation in the fiber limit the transmission range and data rate. Scheuer et al. use a large fiber laser to exchange the key so that each user can compare the received signal with his or her own key to obtain the key generated by the other user. Compared to quantum key distribution, this system allows longer ranges and a higher key-establishing rate [9].
  • 7. 2.3 Chaos based encryption Chaos based encryption is a hardware based encryption technique. A random chaotic waveform is generated at the transmitter end by a deterministic system. This chaos is used to mask the confidential data. Only a receiver that has knowledge of how the chaos was produced can reproduce the chaos to cancel it and retrieve the signal. Besides providing confidentiality to the network, chaos-based communications also brings a high level of robustness to data transmission. By spreading the narrowband signal into a wideband signal, chaos-based communication can both create desired jamming and avoid malicious jamming [9]. 2.4 Optical steganography In the basic approach to steganography, a short optical pulse is stretched temporally through chromatic dispersion to give it a spectral width wider than the channel spectrum. This merges the signal in the background noise of the public channel. With the right dispersion compensation at the receiver, the stealth signal can be retrieved. In addition to protecting the privacy of data transmission, a hidden channel in the public network can also be applied to other security techniques for countering other possible threats. For example, the stealth channel can be used to transmit information having a high security level requirement, such as the key distribution for the encrypted public channel.
  • 8. Chapter 3 Optical Networks and Security Issues 3.1 What is an optical network? An optical network is a type of data communication network built with optical fiber technology. It utilizes optical fiber cables as the primary communication medium for converting data and passing data as light pulses between sender and receiver nodes. A flexible transparent fiber of extremely pure glass or plastic, generally between 10 and 200 microns in diameter, through which light can be transmitted by successive internal reflections, commonly used in telecommunications. An optical fiber consists of a core through which light is transmitted and an outer surface called cladding. Fig. 1 Optical Fiber Through its use of light as a transmission medium, an optical network is one of the fastest communication networks. It works by using an optical transmitter device to convert an electrical signal received from a network node into light pulses, which are than placed on a fiber optic cable for transport to a receiving device. Unlike copper based networks, the light pulses of an optical network may be transported quite a distance until the pulses are regenerated through an optical repeater device. After a signal is delivered to a destination network, it is converted into an electrical signal through an optical receiver device and sent to a recipient node. Moreover, an optical network is less prone to external inference and attenuation and can achieve substantially higher bandwidth speeds than copper networks.
  • 9. 3.1.1 Principle of working of optical fibers Optical fibers work on the principal of total internal reflection of light – when a ray of light travelling from an optically denser medium to an optically rarer medium is incident on the surface of separation of the media at an angle that is greater than the critical angle of the pair of media, then the ray of light undergoes complete reflection back into the denser medium instead of undergoing refraction. Fig. 2 Total internal reflection Hence, a ray of light travelling in an optical fiber undergoes total internal reflection in the core (which is of a higher refractive index than the cladding). Fig. 3 Total internal reflection in an optical fiber 3.1.2 Fiber optic communication system When the input data, in the form of electrical signals, is given to the transmitter circuitry, it converts them into light signal with the help of a light source. This source is of LED whose amplitude, frequency and phases must remain stable and free from fluctuation in order to have efficient transmission. The light beam from the source is carried by a fiber optic cable to the destination circuitry, wherein the information is converted back to the electrical signal by a receiver circuit. The receiver circuit consists of a photo detector along with an appropriate electronic circuit, which is capable of measuring magnitude, frequency and phase of the optic field. This type of communication uses the wavelengths near to the infrared band that are just above the visible range. Both LED and Laser can be used as light sources based on the application.
  • 10. Fig. 4 Block diagram of fiber optic communication system There are three main basic elements of fiber optic communication system. They are • Compact Light Source • Low loss Optical Fiber • Photo Detector Accessories like connectors, switches, couplers, multiplexing devices, amplifiers and splices are also essential elements in this communication system. 3.2 Security issues in optical networks Network attacks can be categorized as [2]: • Service disruptions, which prevent communication or degrade QoS • Tapping, which compromises privacy by providing unauthorized access to the data Attacks on optical networks may be aimed at: • Network transmission • Optical amplifiers • Optical cross connects 3.2.1 Security issues in network transmission There are various fiber optic tapping or eavesdropping methods, but most fall into the following categories [1]: a) Hooking into the ports: The attacker directly hooks the tapping device into one of the ports of the optical amplifiers or repeaters. These devices provide the easiest point of attack. However, hooking into a port is impractical if the critical points of the network are physically well secured. b) Splice methods: An optical fiber is spliced and an appropriate instrument is inserted to allow the signal to transit to the attacker. Since there is a brief interruption of data, this attack is detectable. However, if the downtime is short, the system attributes the disturbance to a network glitch and allows data transmission to continue.
  • 11. c) Splitter coupler method: By bending the fiber to a certain radius that can compromise total internal reflection, a small amount of light is made to leak out. This does not break the fiber nor cause any disturbance in the data transmission. The amount of light lost is less than 1%, which is sufficient to recreate the original electrical signal. However, use of the modern bend-insensitive fibers renders this attack futile. d) Rayleigh tapping: Due to non-uniform density of core particles, Rayleigh scattering takes place in the core, which scatters the light in all directions. Some of this light refracts out of the fiber and is susceptible to be captured if an attacker is aware of this phenomenon. The attacker needs to place a focusing device (like a lens) near the fiber and focus the light onto a separate segment of fiber for analysis. 3.2.2 Security issues in optical amplifiers The basic principle of amplification is through stimulated emission of radiation by atoms in the presence of an optical (electromagnetic) signal. The gain medium receives energy through a process called pumping, which raises some electrons into excited quantum states. This is accompanied by absorption of photons from the incident electromagnetic field. The transition of those electrons back into lower energy state is accompanied by emission of photons of the same frequency, direction of propagation, phase and polarization as the incident photons. Once the number of electrons in one excited state exceeds their number in some lower-energy state, population inversion is achieved and the amount of stimulated emission due to light that passes through is larger than the amount of absorption. Hence, the light is amplified. Due to the fact that the distribution of excited electrons is not uniform at various energy levels within the amplifier’s passband, the gain of an EDFA depends on the wavelength of the incoming signals, with a peak around 1532 nm. Each of the signals is granted photons proportionally to its power level, which can lead to a gain competition. This can be used to create an out-of-band jamming attack. The attacker injects a powerful signal on a wavelength different from those of other, legitimate signals, but still within the passband of the amplifier. The amplifier, unable to distinguish between the attack signal and legitimate data signals, will provide gain to each signal indiscriminately. This means that the stronger, attacking signal will be provided with higher gain than weaker, legitimate signals, robbing them of power. Thereby, the QoS level on the legitimate signals will deteriorate, potentially leading to service denial [2]. Fig. 5 Out-of-band jamming
  • 12. 3.2.3 Security issues in optical cross-connects Optical cross-connects (OXC) are wavelength selective and may also be referred to as wavelength routing switches (WRS). The main hazard in their functioning is crosstalk. There are two types of crosstalk [2]: • out-of-band; occurs among adjacent lightpaths at different wavelengths, and • in-band; occurs among lightpaths at the same wavelength Out-of-band crosstalk usually occurs in optical fibers, especially under high power conditions or long distances. It can also arise inside OXCs due to non-ideal demultiplexing, where one channel is selected and the others are not perfectly rejected. Optical switches may also produce out-of-band crosstalk due to imperfect isolation of different output ports. In-band crosstalk occurs because switch ports are not perfectly isolated from each other. Hence components of different signals transmitted on the same wavelength leak and interfere with each other. This means that each channel that crosses through an optical switch mixes with leakage from signals on the same wavelength. Fig. 6 Out-of-band and In-band crosstalk in optical demultiplexers In-band cross talk is more serious than out-of-band crosstalk. For example, if there are unused ports at the output of a switch to which a tapper gains access, they can analyze traffic and gain information carried at other signals on the same wavelength. If an attacker injects a high- powered signal, its components will leak onto adjacent channels on the same wavelength. This will deteriorate the signal quality of the transmission on those signals, as shown in Fig. 7. Jamming attacks exploiting in-band crosstalk in switches have some of the highest damage capabilities among all attacks [2]. Fig. 7 Jamming attack
  • 13. 3.3 Security in optical networks Security in optical networks can be classified as: • Physical security: ensures minimum privacy of data and QoS • Semantic security – protects meaning of the data even if the attacker has already reached it. This deals with cryptography.
  • 14. Chapter 4 Encryption Systems 4.1 What is encryption? Encryption is mathematically altering data (plaintext) in a consistent manner to form an unintelligible ciphertext. Encryption is a reversible process and relies on a secret key to encrypt plaintext to ciphertext and vice versa. Fig. 8 Encryption and decryption 4.2 Types of encryption algorithms: There are two types of encryption algorithms: • Symmetric algorithms • Asymmetric algorithms Symmetric encryption schemes or Private encryptions schemes use a key (any text, numbers, etc.) to encrypt data, and the same key is used to decrypt that data. The smallest change in the secret key will fail to decrypt an encrypted message. For example, text that is encrypted using AES encryption with key Infosec will fail to decrypt another cipher text which was encrypted using key INFOSEC. Asymmetric encryption schemes or Public encryption schemes use two sets of keys. One key is called a public key and other is called a private key. A public key is used to encrypt data whereas a private key is used to decrypt that data. Similar to symmetric cryptography, the smallest change in any of the two keys will make them useless to get the original data. A benefit of asymmetric cryptography is that you can share the public key with the whole world so that they can use it to send you encrypted data. And the private key is stored safely with the owner and is used for decryption. One disadvantage of this type of cryptography is that if your private key is lost or leaked then you will have to generate a new pair of public and private keys.
  • 15. Chapter 5 Optical Encryption Schemes Encryption protects data transmission by encrypting the original data into cipher text. Without knowing the key for the encryption process, the eavesdropper cannot recover the data. Compared with electronic circuits, optical processing and transmission devices have lower latency and higher speed [9]. Fiber-based devices do not generate an electromagnetic signature and hence the signal in the fiber neither radiates an electromagnetic signal nor is it jammed by external electromagnetic interference. Although, compared to electronic encryption, optical encryption has limited functionality; it still plays an important role in areas that require both strong security and fast processing speed. Fig. 9 Schematic diagram for optical encryption The optical XOR logic has been investigated and studies by many researchers as a starting point to optical encryption. The XOR logic is an important starting point for building optical layer encryption since, in cryptography, combining XOR with feedback is essential in generating long key streams from smaller keys. The implementations of block ciphers require XOR, feedback, and feed-forward capabilities. Translating these building blocks into the optical domain and using them together can provide a high-speed, electromagnetic wave-immune encryption. However, practical optical implementations of the above building blocks face many challenges. Notably, optical systems are susceptible to noise accumulation and the propagation of undesirable logic levels. As mentioned earlier, optical encryption schemes can be categorized as: 1. Optical CDMA 2. Quantum cryptography 3. Chaos based encryption 4. Optical steganography
  • 16. 5.1 Optical CDMA (OCDMA) OCDMA draws its analogy from the wireless spread spectrum CDMA systems. Where CDMA employed frequency domain spreading/despreading, OCDMA employs time domain spreading/despreading. An optical short pulse is spread over a one-bit duration T by encoding. The decoding time-despreads the signal, reconstructing the signal if the codes between the encoder and decoder match [3]. The signal remains spread over T if the codes do not match. Fig. 10 Principle of OCDMA system In a typical OCDMA system, each data stream is encoded with a specific code and it can be decoded only with the corresponding decoder. Since it is a multiple access system, many codes (orthogonal to each other) can exist in the transmission channel, which overlap in time and optical spectrum. Hence, without a priori knowledge of the codes, a given signal cannot be detected. OCDMA codes are divided into two groups [4]: • Coherent OCDMA codes: employs specific phase pattern to create codes in the spectral domain or the temporal domain. One such scheme is the spectral-phase encoding (SPE) scheme. A mode-locked laser (MLL) is used as the optical source, which generates very short repeating optical pulses. In the spectral domain, the optical pulses are represented by a series of coherent spectral components. After passing through a SPE encoder, different spectral components experience different phase shifts, forming a SPE code pattern. At the receiver, the SPE decoder performs conjugation of phase shift to each spectral component, so that all the spectral components become in-phase again and an ACP is generated. In the multiple-access channel as shown in Fig. 11, other SPE codes after the desired decoder will result in cross-correlation peaks, or the MAI, which will not interfere with the ACP when the SPE codes in the multiple-access channel are orthogonal. Time gating can be used to isolate the ACP from the MAI. A common orthogonal SPE code set is Hadamard code, which is represented by a Hadamard matrix HN, as shown in Fig. 11.
  • 17. Fig. 11 SPE system and Hadamard-8 matrix • Incoherent OCDMA code: implements the encoding through intensity modulation in the temporal domain and/or the wavelength domain. A wavelength-hopping time spreading (WHTS) system is an incoherent OCDMA system. WHTS codes use incoherent optic pulses (chip pulses) at different wavelengths and assign them to different time slots in one bit interval. To receive the desired code, a decoder is used to align all the WHTS code’s chip pulses into one chip interval, to generate an auto- correlation peak (ACP) as shown below. Fig. 12 2D – WHTS system In a multiple access channel, each WHTS code is transmitted simultaneously with other codes. The presence of codes that do not match with the decoder appears as cross- correlation peaks and causes multiple-access interference (MAI) after decoding. MAI can be minimized if all the WHTS codes in the multiple access channels are orthogonal. 5.1.1 Confidentiality analysis of OCDMA systems WHTS system: WHTS codes employ incoherent chip pulses to constitute the codes and hence each chip pulse of a WHTS code already carries all the data information. Since the chip pulses of WHTS codes do not exactly overlap in the temporal domain, it is possible
  • 18. for an adversary to isolate each chip pulse of the desired WHTS code and intercept the data [5]. By isolating a single chip pulse of the code, the adversary can obtain the data information by detecting it with a photodetector. This is illustrated in the figure below. Fig. 13 Detecting the data by WHTS codes in a multi-user channel without a decoder SPE system: The approach that compromises the WHTS system cannot be used in SPE systems due to the coherence. The adversary will have to find the entire phase code pattern of the user to be able to intercept the data [5]. For example, for an SPE code with eight phase chips, even if seven phase chips are set correctly and auto-correlation peak is not generated. This is because all the spectral components are still not in phase. A brute-force attack is remains the only option that can compromise the system. The number of codes being used is limited to N since the codes need to be orthogonal. Hence the maximum number of tries that an adversary needs in a brute force attack is N. Single-user or multi-user OCDMA system cannot guarantee the security of the transmitted data. Additional measures are required based on the above systems to improve the confidentiality performance. 5.2 Quantum cryptography The problem with symmetric cryptography is that the same key is used to both encrypt and decrypt the messages. If for some reason that key is leaked to some third party, then it can be used to decrypt communication between two trusted devices or persons. In the worst case, the communication can be intercepted and altered. Another major problem with this type of cryptography is how to decide which key to use and how to share between trusted devices or persons. In public key cryptography, most keys are at least 128-bit keys which are considered to be very strong. An attacker can easily get hold of the public key because it is shared by the user. But to generate a private key for that public key involves huge amounts of calculations with permutations and combinations. At present a supercomputer is what you need to crack a PKC and many years to complete it. But it will become pretty much possible with the advances in technology.
  • 19. Quantum cryptography deals with secure key distribution. It uses photons to send a key. The key is ransmitted at a lower rate than the data but at a higher security level. The key information is coded into the quantum states of a photon. A photon is the smallest particle of light. It has three types of spins: 1. Horizontal 2. Vertical 3. Diagonal (Right and Left) Polarization can be used to polarize (pass through a filter) a photon so that it has a particular spin, vertical or horizontal or diagonal. Polarization of a photon is performed using polarization filters. According to Heisenberg’s Uncertainty Principle, it is impossible to measure together the speed and position of a particle with highest accuracy, and its state will change when measured. In other words, if an eavesdropper intercepts the transmitted photons and passes it through its polarizer, if it is wrong it will make the receiver get the wrong photon. Hence the interception of communication will get detected. It means that if a photon is polarized using say X filter (Diagonal Polarization), then to get the original spin of the photon only X filter can be used. If a + filter (Rectilinear Polarization) is used on the photon, then it will either be absorbed by the filter or the polarized photon will be of different spin than the original photon. For example, a horizontal spinning photon when passed through a wrong filter will lead to diagonal spin, which is incorrect. The below table shows output spin for used polarization: Polarization Output Spin Rectilinear Polarization (+) Horizontal Spin (–) Vertical Spin (|) Diagonal Polarization (X) Left Diagonal Spin () Right Diagonal Spin (/) The photons used in quantum cryptography are called as qubits and the ‘0’ and ‘1’ mapping we decide to use for each polarization state is called a basis. The rectilinear and diagonal basis are as shown in the table: Spin Horizontal Spin (–) Vertical Spin (|) Left Diagonal Spin () Right Diagonal Spin (/) Value 0 1 0 1 Suppose Alice applies polarizations on photons and gets the spin and keeps a note of it. Every spin has a value associated with it. Hence the qbit sequence being sent to Bob is 110001001010. The transmission of these qubits takes place on a secure optical channel. Bob is listening for incoming photons and randomly applies any polarization filter (rectilinear or diagonal) and keeps a note of applied polarization, spin and the output value.
  • 20. The probability that the correct polarization filter is applied so that the qbit is correctly recovered is 0.5. If the qbit is correctly recovered with the correct polarization filter, the output is 1 else it is 0. Suppose Bob applies the polarization filters as shown below; then the qbit sequence received by Bob is 011001101010. Fig. 14 Quantum cryptography Now when the transmission has completed, Alice and Bob communicate on a public channel that need not be encrypted. Bob tells Alice the polarizations (not the spin or value) he applied in the exact same sequence, and Alice only says YES/NO. In this communication, Bob gets to know the wrong polarizations. After successful key transmission and fixing of wrong polarization, encrypted data can be sent and decrypted when received. If a user is intercepting the communication between sender and receiver, then he too will have to randomly apply polarization on the photons sent (like Bob). After polarization, he will forward the photons to Bob. But it is impossible for the eavesdropper to guess all polarizations correctly. Hence, the eavesdropper changes some of the qubits in trying to intercept them. So when Bob and Alice validate the polarizations, and Bob fails to decrypt the data, then the interception of communication will get detected. Although the quantum channel provides a high security level to the key distribution, the requirement of single photon transmission and detection leads to difficulty in practically realizing the system. It demands separate channels linking the source with the many destinations, which implies high cost [14][12]. The transmission range (max. 250 km) [14] and data rate is limited by the noise and attenuation in the single photon transmission channel [9][13]. Also, use of amplifiers is limited since this will change the polarization of
  • 21. the qubits [11]. Jamming a transmission is very easy in quantum systems. Something as simple as a paper clip inserted in a fiber will change the polarization state of the qubits and lead to misinterpretation of data [14]. 5.3 Chaos based encryption Among the various approaches tried to assure privacy and security in optical networks, chaos based encryption have a promising future. As chaos is a pseudo-random signal with wide bandwidth and it is unpredictable for a long term, it can be used to securely hide the confidential message [6]. It is a hardware-based technique at the physical layer. Fig. 15 shows the operating principle of chaos-based optical communications. The transmitter consists of an optical oscillator, which operates in the chaotic regime, producing an optical carrier with a broad (GHz-wide) spectrum. Information is encoded on this chaotic carrier using different techniques. Assuming a high complexity in signal carrier and low message amplitude, it is practically impossible to extract this encoded information using techniques like linear filtering, frequency-domain analysis etc. At the receiver side, a second chaotic oscillator is used, ‘similar’ to that of the transmitter. This similarity refers to structural, emission, and intrinsic parameters of the semiconductor laser, to the feedback loop characteristics, and to the operating parameters. Fig. 15 Chaos based optical communication system At the receiver, part of the received message with the encoded information is injected into the receiver. Assuming efficient synchronization of transmitter and receiver, the receiver generates, at its output, a chaotic carrier almost identical to the injected carrier, but without the encoded information. Therefore, subtracting this chaotic carrier from the incoming chaotic signal, which includes the encoded information, reveals the transmitted information. The message extraction is based on synchronization of transmitter and receiver. In the context of chaos terminology, synchronization means that the irregular time evolution of the chaotic emitter’s output in the optical power can be perfectly reproduced by the receiver, provided that the emitter and receiver are identical. Even minor discrepancies between the emitter and receiver oscillators can result in degraded synchronization.
  • 22. There are three main methods of message encryption using optical chaotic communications [6]: 1. Chaotic masking (CMS): The chaotic carrier is generated by the transmitter laser (TL). The message is directly added with this carrier, as shown in Fig. 16 (a). 2. Chaotic shift keying (CSK): The message directly modulates the injection current of the TL. Hence, the TL produces the chaotic carrier with message hidden in it. Fig. 16 (b) illustrates CSK. 3. Chaotic modulation (CMO): The output power of TL is added with the message. Then this mixed signal is sent back to the TL by a feedback loop as a modulation to generate the chaotic carrier. Fig. 16 (c) illustrates CMO. Fig. 16 Methods of message encryption using optical chaotic communications (a) CMS, (b) CSK, (c) CMO Studies and experiments show that - information can be transmitted at high bit rates using deterministic chaos in a manner that is robust to perturbations and channel disturbances that are unavoidable under real-world conditions, for distances on the order of 200km [10]. 5.4 Optical steganography Optical steganography aims at transmitting stealth signals in public fiber optic communication channels without being detected. The basic principle of optical steganography is to temporally stretch a stealth data pulse using chromatic dispersion. This reduces the amplitudes to a very low level such that the stealth signal is not detected in the system noise. At the receiver, using matched dispersion compensation the signal can be retrieved. However, this approach provides a weak security. If an eavesdropper suspects the presence of a stealth signal, using a tunable dispersion compensation device, the privacy of the data can be compromised. A second approach with temporal phase modulation is proposed and analyzed in [7]. After a temporal phase mask is applied on the stretched signal, different portions of the signal undergo different phase shifts. Corresponding phase recovery along with dispersion compensation is required at the receiver to recover the signal.
  • 23. The spectra of the public signal and the combined signal have very insignificant differences and are indistinguishable in real optic networks. The received stealth channel experiences only <0.1dB performance degradation resulting from the temporal phase modulation, compared with the approach without phase modulation [7]. Fig. 17 Temporal signal with and without phase mask encryption Yet another approach to optical steganography has been explored in [8]. The amplified spontaneous emission, ASE noise from EDFAs is used to provide security. The data signal is added onto the ASE noise. Since ASE noise exists in optical networks, an eavesdropper will not be able to distinguish between “signal with ASE” and “noise ASE”. The BER curves of the stealth signal with and without the public channel are indistinguishable [8]. The BER measurements of the public channel show that adding the stealth channel only causes a 0.2 to 0.3 dBm power penalty. Fig. 18 (a) Spectrum of channel with and without ASE, stealth signal (b) BER measurements with and without stealth channel and AASE.
  • 24. Chapter 6 Conclusion The table below compares the various security techniques. Technique Limitations Advantages OCDMA Effected by dispersions in the fiber; hence range of transmission gets limited to no longer than 100 km [3]. It is a multiple access system; plurality of codes can exist in the same channel. Confidentiality is not as strong as that provided by data encryption. Chaos based encryption Synchronization of receiver and transmitter is critical to proper functioning. It is very difficult to get lasers of the same parameters for synchronization. There is high level of robustness at high bit rates It can create jamming as well as avoid jamming to a high degree. Quantum cryptography Use of amplifiers will change the qubits. Hence the range of transmission is limited. This method can notify of interception of data [12]. It needs a dedicated channel of high quality for key exchange between every pair of sender and receiver. Hence multiplexing is not possible. Very vulnerable to jamming. Optical steganography: (a) Temporal stretching of pulse Data can be intercepted using tunable dispersion compensation devices. Simplest in implementation. (b) Temporal phase mask Robust against adversary attacks. (c) ASE noise Optical delays between receiver and transmitter must be matched exactly to get the stealth signal. Public channel does not induce any power penalty on the stealth channel and the stealth channel induces a power penalty of only 0.2-0.3 dBm on the public channel.
  • 25. An optical system has low latency and is immune to electromagnetic interference; hence optical encryption is especially important in areas that require a high level of security without compromising the processing speed. Although a variety of approaches have been proposed and demonstrated to protect multiple threats in the physical layer of an optical network, one can conclude that the technique to be applied must be carefully selected by analyzing factors like infrastructure, criticality of data being exchanged, cost and size of the optical network (transmission range). References [1] Banjac Z., OrliĆ V., PeriĆ M., MiliĆeviĆ S. "Securing data on fiber optic transmission lines." 20th Telecommunications forum TELFOR (2012). [2] Marija, Furdek. "Physical-Layer Attacks in Optical WDM Networks and Attack-Aware Network Planning." [3] KITAYAMA Ken-ichi, SOTOBAYASHI Hideyuki, WADA Naoya. "Optical Code Division Multiplexing (OCDM) and its applications to photonic networks.", IEICE Trans. Fundamentals Vol. E82-A.No. 12 (1999). [4] Fok Mable P., Wang Zhexing, Deng Yanhua, Prucnal Paul R. "Optical Layer Security in Fiber- Optic Networks." IEEE Transactions on Information Forensics and Security 6.3 (2011). [5] Fok Mable P., Wang Zhexing, Prucnal Paul R. "Physical Encoding in Optical Layer Security." [6] Hongxi, Zhao Qingchun and Yin. "Suggested Rules for Designing Secure Communication Systems Utilizing Chaotic Lasers: A Survey ." [7] Wang Z., Fok M. P., Xu L., Chang J., and Prucnal P. R.", Improving the privacy of optical steganography with temporal phase masks." Optics Express 18.6 (2010). [8] Wu Ben, Wang Zhenxing, Tian Yue, Fok Mable P., Shastri Bhavin J., Kanoff Daniel R., and Prucnal Paul R. "Optical steganography based on amplified spontaneous emission noise." Optics Express 21.2 (2013). [9] Akhgar Babak, Arabnia Hamid R. Emerging Trends in ICT Security. MK, n.d. [10] Antonis, Syvridis Dimitris and Bogris. "Secure communications links based on chaotic optical carriers." 2006. [11] Christoph, Guenther. "The Relevance of Quantum Cryptography in Modern Cryptographic Systems." December 2003. SANS Institute InfoSec Reading Room. <https://www.sans.org/reading- room/whitepapers/awareness/relevance-quantum-cryptography-modern-cryptographic-systems- 1334>. [12] SWISS Quantum. June 2009. <http://swissquantum.idquantique.com/?-Quantum-Cryptography->. [13] Brassard Gilles, L¨utkenhaus Norbert , Mor Tal and Sanders Barry C. "Security Aspects of Practical Quantum Cryptography." Physical Review Letters September 2000. [14] Ojha Vibha, Sharma Anand, Goar Vishal, Trivedi Prakriti. "Limitations of Practical Quantum Cryptography." International Journal of Computer Trends and Technology March-April 2011.