Osa optical encryption system with a binary key codes
Initially, several efforts to make transmissions more protected involved avoiding on-off keying modulation, where all data is clearly visible. The use of phase modulation, carrier-hopping or other techniques, where the intensity of the carrier remains constant also does not provide additional protection, since the same type of demodulator and detector used by the receiver can also be used by the adversary.
One of the first implementations of this technique [3—6] used a phase modulated broadband signal with homodyne detection. Without knowing the path difference in the imbalanced interferometer used, it is impossible to recover the data. Some methods involve a secret channel scrambler  or code scrambler  that makes the transmission virtually undetectable unless the same de-scrambler is used.
It, however, also requires a pre-shared secret key, which is later expanded via pseudorandom bit generation. However, if the codes change with time, then the question arises as to how to secretly distribute the codes between the parties. The ultimate solution here, one-time pad encryption see e. In short, in order to achieve security one must assume a prior security problem has been solved. More information about some methods mentioned can be found in comprehensive reviews [7, 14].
In virtually all of the methods above their authors utilized increasingly complex terminal equipment, trying to prevent data detection by the adversary. Recently there were attempts to use conceptually different ideas based on extensive statistical analysis and noise-like transmission with a feedback [15, 16], however they proved to be insecure due to errors in the security analysis .
An interesting classical key distribution system was proposed by Scheuer and Yariv , where a communication line becomes a giant fiber laser, and choosing different terminal mirrors allows one to obtain anti-correlated sequences of data at the line ends. This method has been further advanced in order to produce higher key generation rates [19,20], however, there is still a lack of proof that the system is secure under an attack where the adversary directly measures the reflectance spectrum of the mirror used.
On the contrary, it is clear that such a simple attack or a modification thereof may ruin the proposed expensive and technologically-advanced system. The last method we would like to stress upon is a Sagnac interferometer-based communication system, proposed in  and also in . It is a large Sagnac loop with an off-center transmitting phase modulator and a centered modulator generating phase noise.
This is the only system that provides asymmetry in eavesdropping. For Alice and Bob it is a simple data transmission system, where, due to the interferometer used, Bob sees plain intensity-modulated data sent by Alice. However, for Eve it is relatively difficult to recover this data. Doing simple math with the two obtained functions allows one to reconstruct the data, but as we already mentioned, this is an example of a strongly asymmetric method. To the best of our knowledge, this completes the current list of classical security methods applicable to fiber-optic communications.
Of course there is a large body of quantum cryptographic methods, including the famous BB84 and B92 protocols, but they are out of the scope of the present paper. To summarize the related work, there are only a few methods that can be used without any prior shared secrets, and these methods are vulnerable to certain types of simple attacks.
Hence, a practical optical-based secret key distribution technique that does not rely on prior security contexts is highly desirable, especially if it ensures that the complexity of potential eavesdropping is significantly more than required of legitimate parties. Potential applications The proposed method allows for the generation of identical random secret keys at the two ends of the interferometer.
As the method does not use any artificial phase scramblers or noise generators, which can be actively read out by Eve and instead uses random phase fluctuations in the whole length of the fiber link, it provides natural protection from eavesdropping. As we already pointed out, our approach cannot guarantee absolute key protection.
It only creates very serious technical challenges for the potential adversary. Thus, the use of the method by itself might not be sufficient for critical applications. However, we note that it may be used in conjunction with other security methods. For example, it is natural to envision our key establishment method being used to establish a key for AES encryption, and then further encrypt such data using public key cryptography.
Some challenges in real applications of our method will be connected with a limited key generation rate. However, this is not much different from the situation with conventional public key cryptography, where the asymmetric protocol itself is used for generation of session keys, which are then used for a much faster symmetric encryption.
Without any modifications the method works up to the length, limited by the fiber loss. Going beyond this will require the use of optical amplifiers. As both fibers used in the setup carry a bi-directional stream of light, bi-directional Erbium-doped fiber amplifiers EDFAs will be required.
Examples of their use have been successfully demonstrated in [23, 24], which provides some optimism for the future expansion of the method. In the next section we provide details related to phase fluctuations in fiber optical links, which serve as the basis for the proposed method. Next we discuss security-related questions and formulate several necessary modifications, which make the system protected from eavesdropping. Section 4 provides details about the experimental demonstration and main results obtained in the experiments.
We also analyze the achievable key generation rate and provide a simple algorithm of key extraction. In conclusion, we give a brief summary of the obtained results and a short discussion about future work towards practical realization of this secret key distribution method. Phase fluctuations in fiber optical networks Until very recently, phase fluctuations in fiber optical networks were largely ignored since all conventional forms of optical communication were immune to these line imperfections.
Even with the migration to coherent optical transmission, phase fluctuations have a negligible impact since they are orders of magnitude slower than the data rate, so bit-to-bit phase fluctuations can always be ignored.
Interference waveforms due to phase fluctuations in the Mach-Zehnder interferometer for different lengths of its arms: Polarization fluctuations are typically orders of magnitude slower than phase fluctuations because under normal conditions phase changes of the two polarizations are almost identical.
Phase fluctuations become a limiting factor when one considers the precise transfer of optical frequencies over large distances, e. As pointed out in a series of publications [25,27], most of the phase noise falls into kilohertz spectral range and leads to spectral broadening of ultrastable laser clock signals.
Other critical applications sensitive to phase jitter include large-scale quantum coherence experiments [28, 29] and quantum communications . Unlike the above mentioned applications, our key generation approach takes advantage of phase fluctuations and uses them as a source of randomness. In order to better understand underlying physics we collected some information about phase fluctuations.
One interesting study of phase fluctuations was published in , where commercially installed optical fibers were used. For comparison with this work and validation of our experimental demonstration, we performed a series of experimental measurements in our laboratory environment. Clearly, phase fluctuations depend on the length of the fiber and the environment where the fiber is located. In our study we measured phase fluctuations using a Mach-Zehnder interferometer similar to the one used in .
Three different lengths of the interferometer arms were chosen to explore phase jitter. Figures 2 and 3 show samples of measured waveforms and their spectra calculated via Fourier transform of a long measurement series.
As expected, the time scale of measured fluctuations is directly related to the length of the interferometer arms. FFT spectra of phase fluctuations in the Mach-Zehnder interferometer: The intermediate length interferometer m shows much faster oscillations with a typical change time of 0. The power spectrum lies below 60 Hz. The longest interferometer with 26 km arms exhibits qualitatively different behavior.
The time scale of such changes is in the millisecond range, while the power spectrum is around 1 kHz wide. Our study demonstrated that measured phase fluctuations, especially in the long interferometer, are mainly due to the presence of acoustic noise in the lab environment: Slower effects such as a temperature change also contribute to fluctuations: Our obtained results are in agreement with the experiment performed in a real telecom network , which allows us to generalize our further laboratory experiments to the case of real communication lines.
Security discussions Realization of most security algorithms is often connected with an operation or a function that is able to be performed only under some very specific conditions accessible by the legitimate users. In quantum cryptography, meaningful measurement of a quantum state can be made only if there were no previous attempts of measuring it.
In conventional asymmetric cryptography, factorization of a large number is possible only provided that one factor is known. Secret key generation in wireless systems  is possible because fading channel characteristics are unique for a pair of antennae, and cannot be measured by a third party.
In the optical world, there is also an operation which can be performed only if some very rigorous conditions are satisfied — this is a measurement of an optical phase.
The difficulty of phase measurement is directly connected with the incredibly high rate of the phase change. The only known and potentially achievable method of phase measurement is via interference of two optical fields.
In this way a relative phase or a difference between two optical phases can be accessed. Another strong limitation is bandwidth: Eavesdropper tapped into the system. This holds only in the two cases: Those two cases are usually referred to as coherent addition of light. An obvious requirement for such a measurement to be successful is that both optical fields must exist at the same physical location. If this is not true and they are separated by at least a few dozen meters, phase fluctuations connected with the transport of light across the separating distance can lead to significant measurement errors.
A similar problem arises if the fields are broadband and are correlated but with a significant shift in time, i. The only way to delay optical signals is to let it propagate over some distance, but this, in turn, leads to additional phase fluctuations.
Our proposed key establishment scheme, Fig. Alice and Bob, such that they keep the couplers terminating the interferometer in protected locations. If the lengths of the interferometer arms are equal, a very broadband optical signal used as the input will satisfy the coherence conditions, and the output power, or the splitting coefficient, will fluctuate at a slow frequency. Alice and Bob can track these changes and use this function to generate a secret key.
As mentioned earlier, these power fluctuations are due to the ever-changing optical path length, which is a result of thermal and mechanical effects in the fibers. If the distance between Alice and Bob is relatively long a few km and more , phase fluctuations in the interferometer are large enough to create a unique pattern measurable only by Alice and Bob but not by Eve.
It can be easily converted to a secret key, which then can be used for conventional cryptography. Below we analyze possible vulnerabilities of the system and formulate an adversary model that we use throughout this work. We also summarize all necessary precautions that should be taken to ensure proper security of the system against eavesdropping.
Phase measurements by the adversary If a broadband light source with a bandwidth beyond the capabilities of electronics is used by legitimate users, the assumptions about light interference stated above imply that the only way for Eve to perform phase measurement is if the signals from the two arms of the interferometer can be mixed such that coherence condition is satisfied. That means that Eve must ensure that the the two alternative light paths to the mixing point have the same lengths.
A possible strategy for Eve is illustrated in Fig. She taps into both fibers as shown, dividing the interferometer into four segments: If the length of segment a is equal to that of c, Eve can see interference between a and c, disclosing phase fluctuations in the left part of the interferometer.
Similar she can see phase fluctuations in the right part of the interferometer by interfering signals from b and d. System with added delays and physical separation between the arms of interferometer. From a practical point of view, even this simple job requires precise optics, electronics and significant of engineering art to be successful. Eve needs to make sure that her setup, including tapping into the interferometer, precise optical path length adjustments and the effects of a light mixing tool, do not introduce any phase jitter significant for the operation of the legitimate key extraction algorithm.
Moreover, since the measurable quantity is light intensity, but not the phase itself, she needs to perform corresponding analysis to extract phase fluctuations in both parts of the original interferometer and add them together to obtain the expected phase difference in the interferometer as a whole.
Each of the operations performed by Eve, in the real world, introduces distortions and errors compared to the pure signal measured by Alice and Bob. To increase protection of the system from such an attack, Alice and Bob may create strong asymmetry in the system by placing additional spans of fiber at their protected locations, as shown in Fig.
The length of these fiber spans should be large enough to create randomness comparable with the randomness generated by unprotected fibers. In this case to satisfy the coherence condition for the two light fields, Eve will have to apply a delay matching the length of the additional fiber spans, i.
The fibers used by Eve cause practically unavoidable random phase fluctuations in the delay line, which will corrupt her measurements. If the fibers are installed at a significant distance from each other, Eve will have to necessarily cover this distance with her fibers, which also introduces additional phase distortions.
It has to be mentioned here that there exist methods of partial phase stabilization in fiber optical links, which have had improvement recently [25, 29, 33, 34]. However, there is always some residual phase jitter, which is required to make the feedback in such schemes work. Active intrusion attack All hardware implementations of even flawless key distribution techniques, such as quantum cryptography, have a number of vulnerabilities connected with particular hardware realization, which may not distinguish between correct system operation and a smart intrusion into the system.
This is supported by a number of successful attacks performed against commercial quantum key distribution systems [35—38]. In this sense our system is not an exception and needs to be protected from such attacks. To stay within specifications, the system has to make sure that the measured intensity fluctuations are the result of interference between two broadband optical signals. For example, Eve may cut both fibers of the interferometer and send an intensity-modulated signal through one of the fibers to Alice and Bob.
Alice and Bob still will observe intensity fluctuations, but those will be under total control by Eve. In this case, the interference condition is not met. Alternatively, Eve can use narrowband spectral filters, to limit optical bandwidth of the signal received by legitimate users.
This will make the phase measurable by a standard heterodyne method, thus disclosing the distributed key. This violates the requirement of receiving broadband light. If both conditions are met, then the system will work properly. Therefore, constant monitoring of incoming light is important for system security. The first condition is measurable by tapping into both fibers before the coupler and monitoring optical power.
Each of the arms should have no intensity modulation, while their interference result is modulated due to the phase fluctuations. The second condition may be easily tested by looking at interference of the same signals with an additional delay in one of the arms. If the delay is larger than the coherence time for the broadband light, no power fluctuations will be seen. If a narrowband light is substituted instead, its coherence time is much larger and thus two beams will interfere giving the same pattern as the main system output.
Again, we note that these limitations are not fundamental, but are rather based on the practical difficulty of implementing these tasks. Besides the two assumptions mentioned above, several other assumptions are important. As most other schemes, including quantum key distribution, the proposed technique does not provide authentication, which makes it potentially vulnerable to man-in-the-middle type attack.
In our analysis, we assume that Alice and Bob have access to an authenticated public channel, which can be listened to but not modified by Eve. This allows them to exchange information for constructing correlated bit sequences from the analog waveforms and to perform error correction in the obtained raw keys.
To prevent a man-in-the-middle attack, Alice and Bob may choose to publicly exchange some portion of the generated key to make sure the interferometer is set up directly between them and not between each of them and Eve. We also assume that the key distribution algorithm is known by Eve. Eve may tap into the arms of the interferometer and make any practically possible measurements of the transmitted light. She is assumed to know all characteristics of the particular experimental realization, meaning any practically measurable quantities.
What she cannot do is to predict or indirectly measure phase fluctuations in the fibers, based on measurements of the environment where the fibers are placed. Even if it is potentially tractable for unprotected spans of fiber, fiber spans kept at protected areas controlled by Alice and Bob introduce additional randomness, completely unpredictable by Eve.
A strong advantage of the proposed approach is that the main source of randomness used for key generation is a many kilometer long distributed system rather then a local noise source, which can be controlled or affected by the adversary. Thus any attempts of controlling the system locally fail because there is enough randomness created by the uncontrolled parts of the system.
One potential vulnerability, which is easily avoided, is artificial creation of excessive phase noise by Eve, such that it provides much stronger phase fluctuations than the system normally has. In this case most of the entropy in the generated key will be caused by Eve rather than by normal phase fluctuations. To prevent this, system designers should estimate the expected key generation rate and shutdown the system if it experiences much faster phase fluctuations.
In other words, key generation rate should not exceed the entropy rate of the normal phase fluctuations in the fibers, even if the measured phase fluctuations allow for a significantly faster key generation. Experimental realization Experimental setup Our experimental setup is schematically shown in Fig.
Central wavelengths of the two sources are the same within the precision of the available off-the-shelf filters used. The single-mode fiber used in the interferometer is a standard Corning SMFe fiber. The arms of the interferometer also contain a polarization controller PC and a variable delay line T , to allow relative polarization and length adjustment of the two arms.
The total length of the interferometer is approximately 26 m, which corresponds to the total propagation delay of Adjustment of the interferometer includes two steps: The first one is the most critical, because without length equalization beating between the signals in the two arms is very broadband roughly GHz and thus cannot be measured. The measured spectrum of the signal used is shown in Fig. Due to its noise-like nature the spectrum is also very noisy on top.
A data transmission system typically requires data security during transmission. Data security processes are typically not applicable to multiple differing scenarios. Accordingly, there exists a need in the art to overcome at least some of the deficiencies and limitations described herein above.
A first aspect of the invention provides a fiber optic encryption method comprising: A second aspect of the invention provides a laser transmitter apparatus comprising a computer co-processor coupled to a computer-readable memory unit, the memory unit comprising instructions that when executed by the computer processor implements a fiber optic encryption method comprising: A third aspect of the invention provides a computer program product, comprising a computer readable hardware storage device storing a computer readable program code, the computer readable program code comprising an algorithm that when executed by a computer co-processor of a laser transmitter apparatus implements a fiber optic encryption method, the method comprising: The present invention advantageously provides a simple method and associated system capable of providing data security during transmission.
System comprises QD Vcel laser cannons a and b of a transmitter apparatus transmitting the light signals to a receiver apparatus Laser cannon a comprises an out of band OOB single laser device.
Laser cannon b comprises a multiple laser cannon device. Front view of laser canon b illustrates multiple laser crystals a. System combines a set of frequencies a and b generated by laser canons a and b together into a single multimode fiber cable The combined set of frequencies represents patterns of bits with respect to each light pulse.
System enable a process including channel hopping and encryption within a single fiber strand to secure data in transit and avoid data theft or injection. Transmitter apparatus and receiver apparatus may each comprise a specialized hardware device comprising specialized non-generic hardware and circuitry i. The specialized discrete non-generic analog, digital, and logic based circuitry may include proprietary specially designed components e.
System enables the use of a multimode fiber capacity by using differing crystal sizes i. A communications process is initiated when a transmitter enables an attenuation test by firing a laser beam with respect to each of laser crystals a.
The attenuation test is continuously run until any unsuccessful transmitter crystals of laser crystals a. In response, a maximum number of concurrent signals for transmission as well as a numeric base upon which data communication will occur are set. Additionally, a calibration phase is enabled. The calibration phase comprises transmitting a sequence of binary frames starting from a highest number of active crystals down to one active crystal and registering a definition for each color frame.
System comprises a sender apparatus and laser receiver apparatus Sender apparatus comprises a controller co-processor , a light beam , transmitter , and laser canons a and b. Receiver apparatus comprises a controller co-processor a.
Receiver apparatus is enabled to receive any light wave band color and determine via co-processor a light wave color combinations that produced a resulting wave. In response, co-processor a caches a resulting bit pattern until the bit pattern fills a complete frame. The completed bit pattern is passed through processing with respect to higher level protocols. The co-processor verifies a bit pattern checksum against received out of band information, to ensure data was received properly or requires re-transmission.
If sender apparatus comprises a legacy sender unit, system will detect a light pattern and disable co-processor a functionality to conserve power. Upon receiving an out of band signal, system initiates a bandwidth throttling calibration process. If receiver apparatus receives light pulses and no out of band signal is detected, system enables a legacy mode, and disables throttling functionality.
The calibration process comprises enabling and disabling each of the Vcel lasers and determining a received color. The calibration process includes:. Receiving by receiver apparatus from QD Vcel cannon a a group of multi-frequency light pulses via a plurality of channels. A co-processor determines that the group of multi-frequency light pulses comprises an out of band OOB signal transmitted over a first channel of the plurality of channels. Receiver apparatus received from a first laser device of QD Vcel cannon a first light pulse of the plurality of multi-frequency light pulses.
The first light pulse includes a first frequency for testing a visibility of the first light pulse at receiver apparatus The co-processor determines in response to receiving the first light pulse if the first light pulse is visible at receiver apparatus If the first light pulse is visible at receiver apparatus then all laser devices are independently tested and differing groups of the lasers are tested within a specified threshold until the calibration process has completed.
If the first light pulse is not visible at receiver apparatus then the laser device is disabled and additional laser devices are tested until the calibration process has completed. If an error detection of more than an acceptable amount of packets is determined then, the calibration process will re-start to eliminate unreliable channels.
The communication process includes:. Assigning by the computer co-processor bit locations for a plurality of multi-frequency light pulses transmitted over a plurality of channels enabled by the lasers of the QD Vcel cannon. The assignment is based on a laser pattern table generated during the calibration process describing laser generated light pulses.
The co-processor appends a parity bit associated with the OOB signal transmitted over a first channel of the plurality of channels. An odd or even number of frequencies of the plurality of multi-frequency light pulses are compared with the parity bit. It is determined based on results of the comparison if a pattern associated with the plurality of multi-frequency light pulses comprises a correct pattern. If the pattern is correct then bit locations for an additional plurality of multi-frequency light pulses transmitted over an additional plurality of channels enabled by the lasers of the QD Vcel cannon are assigned based on the laser pattern table.
If the pattern is not correct then plurality of multi-frequency light pulses are re-transmitted over the plurality of channels to determine a correct pattern. Upon completing the communication process, system executes a process for secure transmission using multiple frequencies over a multimode fiber cable.
The process includes validating that system supports the aforementioned bandwidth throttling process. In response to the validation, a secure physical channel is generated via an OOB channel enablement as described, supra.
An associated security key is validated or exchange via a selected predetermined secure algorithm to secure the OOB secure channel enablement. The associated security key may be validated or exchanged via usage of hardware pre-share keys for securing OOB secure channel enablement. Alternatively, the associated security key may be validated or exchanged via usage of hardware certificates for securing OOB secure channel enablement. Additionally, the associated security key may be validated or exchanged via usage of generated random self-signed hardware certificates for securing OOB secure channel enablement.
A communication channel bundle selection is secured in response to a user input requesting a specified number of required secure channels. The specified number of required secure channels of the bundle may include: System may selects frequencies for the channel bundle selection. System may include an N number of channels or frequencies available for data transition such that when a channel is not in use, system may dynamically include the unused channel with the communication channel bundle selection and remove an unused frequency at each random channel selection instance.
Additionally, a random channel may be selected from a communication channel bundle selection and associated random bundle bit count. A random key may be generated for securing each channel included within a secure communication channel bundle. An additional rekeying policy may be enabled. The rekeying policy may be configurable for users of system to enable user defined policies thereby enabling channel encryption and generating a communication tunnel.
The communication tunnel is enabled to transfer data such that when a channel is not used for data transfer, the unused channel may be used for overflow or migrating OOB secure channel data for the secure communication channel bundle.
Additionally, a random channel selection and associated random bundle bit count may be triggered at a predetermined threshold prior to expiration of a bit count for the secure communication channel bundle.
In response to the expiration of the bit count, system enables a channel hopping process with respect to a new randomly assigned channel within the secure communication channel bundle. Data is transferred using a resulting communication tunnel until the transfer is complete. If an error on a channel in the secure communication channel bundle is detected, the channel is disabled, an alarm is issued, and existing predetermined routing and switching methods are enabled to secure an alternative fiber path.
Each of the steps in the algorithm of FIG. In step , the process is initiated. In step , a receiver apparatus e. In step , a computer co-processor of the receiver apparatus checks for an OOB signal.
If in step , the co-processor determines that the plurality of multi-frequency light pulses comprises an OOB, then step of FIG. If in step , the co-processor determines that the plurality of multi-frequency light pulses does not comprise an OOB, then in step , a legacy communication mode is enabled. In step , communications are transmitted and step of FIG.
The process is terminated in step In step , a signal is transmitted from a transmitter device over an OOB channel. In step , the transmitter device determines a next individual frequency light pulse e. In step , next individual frequency light pulse i. In step , the receiver apparatus tests the received individual frequency light pulse for reliability. In step , it is determined if the received individual frequency light pulse is reliable i.
If in step , it is determined that the received individual frequency light pulse is not reliable then in step the transmitter apparatus disables the associated QD Vcel laser transmitting the received individual frequency light pulse and step is repeated to determine another individual frequency light pulse for transmission. If in step , it is determined that the received individual frequency light pulse is reliable then in step , it is determined if all individual laser emitters have been tested.
If in step , it is determined that all individual laser emitters have not been tested then step is repeated. If in step , it is determined that all individual laser emitters have been tested then in step , it is determined if the received individual frequency light pulse is unreliable.
If in step , it is determined that the received individual frequency light pulse is unreliable then in step , the transmitter apparatus disables an associated Vcel laser and step in executed as described, infra. If in step , it is determined that the received individual frequency light pulse is not unreliable then in step , the transmitter apparatus determines a group of multiple frequency light pulses for transmission.
In step , it is determined if the testing process has completed. If the testing process has completed then step of FIG. If the testing process has not completed then in step , the transmitter apparatus transmits a next group of multiple frequency light pulses that have not been tested for transmission.
In step , the receiver tests the next group of multiple frequency light pulses for reliability and in step it is determined if the received i. If the received group of multiple frequency light pulses is reliable then step is repeated. If the received group of multiple frequency light pulses are not reliable then in step it is determined if a testing retry threshold has been reached.
If the retry threshold has been reached then step is repeated. If the retry threshold has not been reached then in step , a request for the transmitter apparatus to retry a last frequency light pulse combination is enabled and step is repeated.
In step , a bit location is assigned to enabled lasers e.