WO2017034112A1 - High-speed communication system and method with enhanced security - Google Patents

High-speed communication system and method with enhanced security Download PDF

Info

Publication number
WO2017034112A1
WO2017034112A1 PCT/KR2016/001658 KR2016001658W WO2017034112A1 WO 2017034112 A1 WO2017034112 A1 WO 2017034112A1 KR 2016001658 W KR2016001658 W KR 2016001658W WO 2017034112 A1 WO2017034112 A1 WO 2017034112A1
Authority
WO
WIPO (PCT)
Prior art keywords
communication
optical
signal
noises
communication user
Prior art date
Application number
PCT/KR2016/001658
Other languages
French (fr)
Korean (ko)
Inventor
이창희
황일평
유상화
계명균
안승현
정용준
조승래
김종완
Original Assignee
한국과학기술원
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 한국과학기술원 filed Critical 한국과학기술원
Priority to US15/754,919 priority Critical patent/US20180259737A1/en
Priority to CN201680049109.1A priority patent/CN108141288A/en
Priority claimed from KR1020160019300A external-priority patent/KR101916995B1/en
Publication of WO2017034112A1 publication Critical patent/WO2017034112A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B10/00Transmission systems employing electromagnetic waves other than radio-waves, e.g. infrared, visible or ultraviolet light, or employing corpuscular radiation, e.g. quantum communication
    • H04B10/07Arrangements for monitoring or testing transmission systems; Arrangements for fault measurement of transmission systems
    • H04B10/071Arrangements for monitoring or testing transmission systems; Arrangements for fault measurement of transmission systems using a reflected signal, e.g. using optical time domain reflectometers [OTDR]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B10/00Transmission systems employing electromagnetic waves other than radio-waves, e.g. infrared, visible or ultraviolet light, or employing corpuscular radiation, e.g. quantum communication
    • H04B10/50Transmitters
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B10/00Transmission systems employing electromagnetic waves other than radio-waves, e.g. infrared, visible or ultraviolet light, or employing corpuscular radiation, e.g. quantum communication
    • H04B10/80Optical aspects relating to the use of optical transmission for specific applications, not provided for in groups H04B10/03 - H04B10/70, e.g. optical power feeding or optical transmission through water
    • H04B10/85Protection from unauthorised access, e.g. eavesdrop protection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords

Definitions

  • the present invention relates to a high speed communication system and method with improved security.
  • both parties attempting to exchange messages are known as alice and bob, while eavesdroppers who attempt to gain unauthorized access to the message are known as eves. .
  • conditionally secure techniques One problem with conditionally secure techniques is that the reliability of the security depends on the mathematical results of the complexity theory that still remain unproven. Thus, if appropriate mathematical tools can be developed, it is not at present certain that there will be no future breakdown of such techniques using the resources of a traditional computer.
  • the encryption method based on the two key distribution uses the basic principle of quantum mechanics to completely secure the security regardless of the eavesdropping ability of the eavesdropper, but based on the single photon light source, the key generation rate (effective key bit / total transmission bit) is about 10 Lower than -4 and vulnerable to side channel attacks that physically attack and compromise security of communications systems.
  • the key generation rate can be confirmed by wyner's information theory approach.
  • the key generation rate can be the channel capacity of the sender (alice) and the receiver (bob) minus the channel capacity of the sender (alice) and the eavesman (eve).
  • the channel capacity of the sender (alice) and the eavesdropper (eve) can be changed according to the construction method of the communication channel environment.
  • the present invention is based on this.
  • An object of the present invention is to provide a high-speed communication system and method with improved security to build an absolute security system to block the possibility of eavesdropping by utilizing the physical characteristics inherent in the channel, unlike a security system depending on the complexity of the calculation .
  • the present invention is not based on a single photon light source provides a communication system and method that can increase the encryption key generation rate to the transmission rate of the existing information.
  • Another object of the present invention is to provide a high-speed communication system and method with improved security that can be applied or used in a variety of communication channels, including various technologies of the existing optical communication, economical and compatibility is increased.
  • the object of the present invention is to optimize the channel capacity between the transmitter and the receiver by utilizing the physical characteristics inherent in the channel, unlike the security system depending on the computational complexity, but to minimize the eavesdropping channel based on the information theory by minimizing the channel capacity of the eavesdropper.
  • the present invention provides a high-speed communication system and method with improved security for establishing an absolute security system for blocking.
  • an optical time domain reflectometer (OTDR) with increased sensitivity provided in a security-enhanced high-speed communication system according to an embodiment of the present invention applies a first optical pulse to an optical communication line.
  • a first light source to be applied a coupler for dividing and outputting the first light pulse into at least two paths, an optical detector for determining a time point at which the first light pulse is applied to the optical communication line, and the first light pulse to the optical communication line
  • a second light source for applying a second light pulse, the intensity of which is weaker than the first light pulse, to the optical communication line in response to the time point at which the first light pulse is applied;
  • the controller may include a controller that analyzes or predicts a signal leak of the optical communication line based on the result detected by the optical receiver.
  • the first circulator transfers the first optical pulse output from the coupler to the optical communication line, and transmits the optical signal reflected from the optical communication line to the optical receiver to the optical receiver.
  • a second circulator for transmitting a second light pulse output from the second light source to the optical communication line, and for transmitting an optical signal from which the second light pulse is reflected from the optical communication line to the optical receiver. It may include.
  • the second light source and the signal are configured to control operations of the second light source and the light receiver based on a time point at which the first light pulse is applied to the optical communication line. It may further include a delay line for transmitting to the optical receiver.
  • the first circulator and the second circulator and the optical communication line is provided between, and receives the optical pulses of different wavelengths from the first circulator and the second circulator to transmit to the optical communication line
  • the apparatus may further include a wavelength division multiplexing filter (WDM) that separates each of the optical signals having different wavelengths reflected from the optical communication line and returns them to the first circulator and the second circulator.
  • WDM wavelength division multiplexing filter
  • the optical signal in which the second light pulse is reflected and returned from the optical communication line may be configured according to a refractive index corresponding to a point at which the second light pulse catches up with the first light pulse.
  • the light pulse may include the reflected light signal.
  • a security-enhanced high-speed communication method comprises the steps of generating a first key (K1) by the first communication user and transmits it to the second communication user, A second communication user generating a second key K2 and transmitting it to the first communication user, wherein the first communication user or the second communication user is based on the first key and the second key; It may include the step of obtaining.
  • the first communication user and the second communication user are connected to each other through at least one or more communication paths, and the channel capacity between the first communication user and the second communication user is the first communication user or It may be larger than the channel capacity between the second communication user and the eavesdropper.
  • the first communication user m m transmission signal injected with each of n noises (n is a natural number of 1 or more) Transmitting to the second communication user through a communication path (m is one or more natural numbers), and acquiring the transmission signal based on a transmission signal injected with each of the n noises received by the second communication user. It may include.
  • the sum of the n noises becomes 0, and the second communication user may obtain the transmission signal by canceling the n noises.
  • the n noises may be generated through a complementary noise generator, and the first communication user may transmit a transmission signal injected with each of n noises (n is a natural number of 1 or more) and m communication paths (m of 1 or more). Transmitting to the second communication user through a natural number) may include modulating and distributing the signal to the m communication paths based on any one of the n noises and the transmission signal. have.
  • the method may further include generating the n noises, wherein generating the n noises comprises: outputting a BLS (broaden light source) having a wide wavelength band to a first arrayed waveguide grating (AWG); Distributing an optical source to the p channels (p is a natural number of n or more), and combining the n optical sources among the light sources distributed in the p channels with a beam splitter (BS) to form a reflective semiconductor an optical amplifier), and passing the output of the RSOA through a second AWG to divide the n noise.
  • BLS broaden light source
  • AWG first arrayed waveguide grating
  • a security-enhanced high-speed communication method the step of outputting a light source corresponding to at least two modes based on the security data and the multi-mode laser, Distributing the optical source into at least two paths based on a first WDM filter; modulating a signal transmitted from the first WDM filter based on a signal modulator; based on a signal demodulator, transmitting through an optical communication line Demodulating the decoded signal, canceling noises included in the individual modes of the demodulated signals based on the second WDM filter, and acquiring the security data.
  • outputting a light source corresponding to at least two modes based on secure data and a multimode laser may inject an output of an amplified spontaneous emission (ASE) into the multimode laser, Suppressing the noise present in the mode.
  • ASE amplified spontaneous emission
  • a security-enhanced high-speed communication method is the step of the security data is divided into at least two or more transmission signals, at least two or more noise each of the at least two or more transmission Injecting a signal, each of the at least two or more transmission signals in which the at least two or more noises are injected, to a receiver through a plurality of different paths, and at least two in which the at least two or more noises are received by the receiver Based on the above transmission signal, it may include the step of obtaining the security data.
  • the sum of the at least two noises may be zero, and the receiver may cancel the at least two noises to obtain the security data.
  • a security-enhanced high-speed communication method provides a first communication user through a single path through a signal in which the noise of some of the plurality of complementary noise is injected Transmitting to the second communication user, storing the remainder of the plurality of noises through another path, the second communication user modulating the received signal to generate a transmission signal, and transmitting the transmission signal through the single path. Transmitting to the first communication user, and acquiring the transmission signal based on the modulated signal received by the first communication user from the second communication user and the stored residual noise.
  • the acquiring of the transmission signal by the first communication user based on the modulated signal returned from the second communication user and the stored residual noise may be performed by the first communication user by the second communication user. Summing the modulated signal returned from the stored signal with the remaining noise to cancel the plurality of complementary noises, and obtaining the transmission signal.
  • the first communication user and the second communication user may secretly share an encryption key used for modulation and demodulation of a signal.
  • the length of the other path may be twice the length of the single path.
  • a security-enhanced high-speed communication method is based on at least two signal transmitter and source noise of each of the first communication user or the second communication user, the noise Modulating a signal at a source, each of the first or second communication user transmitting the modulated signal to another user through at least one or more paths, and each of the first or second communication user Suppressing noise included in the received signal and compensating for distortion of the signal, wherein the at least one path includes at least one of an optical communication line, a wireless communication channel, and a wired communication channel in which bidirectional communication is implemented. It may include.
  • an absolute security system that blocks the possibility of eavesdropping by using physical characteristics inherent in the channel may be constructed.
  • FIG. 1 is a diagram illustrating a system capable of detecting the presence of an eavesdropper with high sensitivity.
  • FIG. 2 is a diagram illustrating a known optical time domain reflectometer (OTDR).
  • FIG. 3 is a diagram illustrating a high sensitivity OTDR included in an embodiment of the present invention.
  • FIG. 4 is a diagram illustrating an operation method of a high sensitivity OTDR included in an embodiment of the present invention in detail.
  • FIG. 5 is a diagram illustrating in detail the high-sensitivity OTDR included in an embodiment of the present invention.
  • FIG. 6 is a diagram illustrating a method of making eavesdropping difficult using a communication algorithm included in an embodiment of the present invention.
  • FIG. 7 is a diagram illustrating a method of physically making eavesdropping using source noise included in an embodiment of the present invention.
  • FIG. 8 is a diagram illustrating an example of generating complementary noise included in an embodiment of the present invention.
  • FIG. 9 is a diagram illustrating an example of generating the complementary noise of FIG. 8 by actual experiment.
  • 10 and 11 are diagrams showing states before and after applying to the RSOA described with reference to FIG. 9.
  • FIG. 12 is a diagram illustrating a result of calculating a maximum channel capacity of a target receiver and an eavesdropper based on noise according to an embodiment of the present invention.
  • FIG. 13 is a diagram illustrating an example in which a multipath security system according to an embodiment of the present invention is applied in optical communication.
  • FIG. 14 is a diagram illustrating an example of applying a multipath security system using noise according to an embodiment of the present invention.
  • 15 is a diagram illustrating an example in which a single-path security system using noise is applied according to an embodiment of the present invention.
  • 16 is a diagram illustrating an example of a bidirectional multipath security system according to an embodiment of the present invention.
  • a system for limiting the amount of information obtained by the eavesdropper by sensitively detecting a leak of a signal a system for limiting the eavesdropping location and the amount of information obtained by a single eavesdropper through bidirectional communication on a single communication line, and Minimizes the possibility of eavesdropping by combining at least one or two or more of the three concepts according to a multiple-input multiple-output (MIMO) system using path complexity and source noise of the signal source Can enhance security.
  • MIMO multiple-input multiple-output
  • FIG. 1 is a diagram illustrating a system capable of detecting the presence of an eavesdropper with high sensitivity.
  • a part of the light injected by the pulse may be reflected by interaction with particles of the line in the optical communication line.
  • the reflected light can be returned to the transmitter (rayleigh scattering), and when the amount of light returned is observed over time, the leakage of the optical signal at a specific point can be confirmed. More details will be described with reference to FIG. 2.
  • FIG. 2 is a diagram illustrating a known optical time domain reflectometer (OTDR).
  • the OTDR includes a light source 201, a coupler 202, a photo detector 203, a delay line 204, a circulator 205, an optical communication line 206, an optical receiver 208, and a controller ( 209) and the like.
  • the light source 201 may inject light into the optical communication line 206 in the form of a pulse.
  • the coupler 202 divides the light pulse output from the light source 201 into at least two paths, transfers one light pulse of the divided light pulses to the optical communication line 206, and transmits the remaining light pulses to the light. May be delivered to the detector 203.
  • the photodetector (PD) 203 receives the light pulses transmitted from the coupler 202 to confirm when the light pulses are injected into the optical communication line 206.
  • the delay line 204 checks the time point at which the optical pulse is injected into the optical communication line 206 through the optical detector 203 and effectively detects the signal reflected back from the optical communication line 206. 208 serves to control.
  • the circulator 205 is a device for controlling the path of the optical pulse.
  • the circulator 205 transmits the optical pulse transmitted from the coupler 202 to the optical communication line 206 and returns the optical signal reflected from the optical communication line 206 and returned. May be delivered to the photo detector 208.
  • the optical fiber 206 is a path for transmitting an optical signal, and becomes an object to be monitored by the OTDR system.
  • the optical communication line 206 may include impurities or impurity 207 in the optical communication fiber (communication line).
  • the photo detector 208 (Avalanche photo-diode (APD)) performs a function of detecting an optical signal reflected from the optical communication line 206 and returned to the controller 209.
  • the processor 209 may analyze a state of the optical communication line 206, that is, a leak of a signal, based on the result detected by the photo detector 208.
  • n represents the refractive index, which is a factor determining the speed of light movement in the medium.
  • N0 represents an initial refractive index corresponding to no action
  • n2 represents a change rate of the refractive index of the optical fiber which is nonlinearly changed in proportion to the light intensity
  • I represents the light passing through the optical fiber (optical communication line). Indicates the intensity of the pulse.
  • the refractive index of the optical fiber 301 is temporarily changed according to the equation shown below in FIG. Will change. Specifically, when a strong light pulse 302 of several mW or more passes through the optical fiber 301, the refractive index is increased. When the light passes through the medium, the reflection of the light increases at a point where the value of the refractive index changes momentarily greatly.
  • FIG. 4 is a diagram illustrating an operation method of a high sensitivity OTDR included in an embodiment of the present invention in detail.
  • the optical fiber core 401 is a path through which the optical pulses 402, 403, 404, 405 pass, and the strong optical pulse 402 is the optical fiber 401 at the point where it is present.
  • the light intensity is strong enough to increase the refractive index of the signal.
  • the weak light pulse 403 is a light pulse whose light intensity is weaker than the strong light pulse 402, and is faster than the strong light pulse 402.
  • the reflected wave 404 of the strong light pulse represents an optical signal in which a portion of the strong light pulse 402 interacts with the optical fiber 401 (rayleigh scattering), and then returns to the transmitting end after being reflected.
  • the reflected wave 405 represents an optical signal in which a part of the weak light pulse 403 is reflected and returned to the transmitting end.
  • an optical pulse 402 that is strong enough to affect the refractive index of the optical fiber is transmitted before the weaker optical pulse 403, and then the strong optical pulse 402 is transmitted. Transmit the following weak light pulse 403.
  • the strong light pulse 402 is slower than the weak light pulse 403, the weak light pulse 403 catches up with the strong light pulse, and the optical fiber 401 at the point where the strong light pulse 402 is present. Since the refractive index increases as described above, the reflection of the weak light pulse 403 reaching the point, that is, the weak light pulse 403 at the moment of catching up with the strong light pulse 402, easily occurs.
  • the optical signal generated and returned to the transmitter is generally larger than the size of the optical signal reflected and returned to the transmitter, an embodiment of the present invention can detect a physical change of a corresponding channel more sensitively.
  • the OTDR included in the embodiment of the present invention a point at which the refractive index is increased due to the strong light pulse 402 occurs, and the weak light pulse 403 following the strong light pulse 402 at the point is generated. It can be greatly reflected. Since the reflectance at this time is increased than the known OTDR, the amount of the returned optical signal is also increased. Through the returned optical signal, the OTDR included in the embodiment of the present invention is used for the signal leakage in the communication line. The state can be detected sensitively.
  • FIG. 5 is a diagram illustrating in detail the high-sensitivity OTDR included in an embodiment of the present invention.
  • the high sensitivity OTDR includes a first light source 501, a coupler 502, a photo detector 503, delay lines 504a, 504b, 504c, a first circulator 505, and a second light source 506. ), A second circulator 507, a wavelength division multiplexing filter 508, an optical communication line 512, optical receivers 514a and 514b, a controller 515, and the like.
  • the first light source 501 may inject light into the optical communication line 512 in the form of a pulse.
  • the first light source 501 may output a light pulse 509 stronger than the second light source 506.
  • the coupler 502 divides the light pulse output from the first light source 501 into at least two paths, and divides one light pulse among the divided light pulses through the first circulator 505. And the remaining light pulses to the photo detector 503.
  • the photo detector 503 receives the optical pulse transmitted from the coupler 502 to confirm the time point at which the optical pulse is injected into the optical communication line 512.
  • the delay line 504 confirms the time point at which the optical pulse is injected into the optical communication line 512 through the photo detector 503, and provides a control signal at a time point suitable for the second light source 506 and the optical receivers 514a and 514b. It serves to convey.
  • the first circulator 505 is a device for controlling the path of the optical pulse.
  • the first circulator 505 transfers the optical pulse divided by the coupler 502 to the optical communication line 512 through the WDM filter 508, and the WDM filter 508.
  • the optical signal transmitted from may be delivered to the optical receiver 514a.
  • the second light source 506 may output the weak light pulse 510 in response to the control signal transmitted from the delay line 504b, and the weak light pulse 510 output from the second light source 506 may be the first light source. It is a pulse following the strong light pulse 509 output from the light source 501, and is moving faster than the strong light pulse 509. FIG.
  • the second circulator 507 transmits the weak optical pulse 510 output from the second light source 506 to the optical communication line 512 through the WDM filter 508, and the optical signal transmitted from the WDM filter 508. May be delivered to the optical receiver 514b.
  • the WDM filter 508 may divide the light into different paths or combine light of various wavelengths into one path according to the light wavelength.
  • the WDM filter 508 receives optical pulses having different wavelengths from the first circulator 505 and the second circulator 507 and transmits them to the optical communication line 512.
  • each of the optical signals having different wavelengths reflected from the optical communication line 512 may be transmitted to the first circulator 505 and the second circulator 507.
  • the strong light pulse 509 is a light pulse output by the first light source 501.
  • the strong light pulse 509 temporarily changes the refractive index of the optical communication line 512 in the region in which it is present because of the intensity of the pulse.
  • the refractive index of the point where the weak light pulse 510 catches up with the strong light pulse 509 is increased, and the probability that the light pulse is reflected in the opposite direction of the travel direction by the increased refractive index is also increased. do.
  • the weak light pulse 510 is a light pulse output by the second light source 506, and is then reflected 510a on the optical communication line 512 and returned to the transmitting end.
  • the reflected wave 509a of the strong light pulse 509 is transmitted to the optical receiver 514a through the WDM filter 508 and the first circulator 505, and the reflected wave 510a of the weak light pulse 510 is the WDM filter. 508 and the second circulator 507 may be delivered to the optical receiver 514b.
  • the optical communication line 512 is a path for transmitting an optical signal, and becomes an object to be monitored by the OTDR system.
  • the optical communication line 512 may include impurities or defects 513 in the optical communication fiber (communication line).
  • the optical receivers 514a, 514b, and APD perform a function of detecting an optical signal reflected from the optical communication line 512 and return the detected result to the controller 515.
  • the controller 515 may analyze or predict a state of the optical communication line 512, that is, a leak of a signal, based on the results detected by the optical receivers 514a and 514b. In the case of FIG. 5, since the amount of reflected light is large, the state of the optical communication line 512 can be detected more sensitively and accurately.
  • FIG. 6 is a diagram illustrating a method of making eavesdropping difficult using a communication algorithm included in an embodiment of the present invention.
  • the channel capacity of the sender (alice) and the eavesdropper (eve) may be better than the channel capacity of the sender (alice) and the receiver (bob). This is because in the case of conventional unidirectional communication, it is advantageous for the eavesdropper (eve) to obtain a signal at a location close to the sender (alice), so that the distance between the alice and the eaves is It may be shorter than the distance between the receiver (bob).
  • the key generation rate that guarantees perfect security may be lowered, and thus the probability of eavesdropping by the eavesdropper may increase.
  • an embodiment of the present invention uses an algorithm K1 + K2 for generating the encryption key 640 using bidirectional communication. Accordingly, an eavesdropper (eve) who wishes to eavesdrop on two-way communication included in the present invention must necessarily eavesdrop in both directions to obtain algorithms 611 and 621 and encryption key 640.
  • the best location for eavesdropping in the position of a single eavesdropper who wants to eavesdrop on two-way communication is an intermediate position between the communicator users (the first communication user 610 and the second communication user 620). This is because assuming that communicator users 610 and 620 are monitoring the eavesdropper, it would be advantageous for the eavesdropper to hide himself from the transmitting end.
  • the location of the eavesdropper (eve) is far from the sender (alice), and the channel capacity between the communication users 610 and 620 is the channel between the sender 610 and the eavesdropper (eve). It will be larger than the capacity. As a result, the channel capacity of the eavesdropper is limited compared to unidirectional communication.
  • FIG. 7 is a diagram illustrating a method of physically making eavesdropping using source noise included in an embodiment of the present invention.
  • FIG. 7 illustrates a method of transmitting at least two or more transmission signals to which at least two pure random noise signals are applied through the multipaths 731, 732, and 73m.
  • Complementary noise generator 712 may be used in the security-enhanced high-speed communication method and system according to the present invention to implement such a scheme.
  • the complementary noise generator 712 refers to a device in which a sum sum of all generated at least two noises is zero. That is, the complementary noise generator 712 may generate m noises, and the sum of the m noises is zero.
  • the present invention can inject such m noises into a plurality of transmission signals transmitted on m different paths 731, 732, and 73m.
  • each channel in which noise is injected reduces the channel capacity due to noise, thereby making it difficult to single tap.
  • a receiver receiving a plurality of noise-injected transmissions receives signals for all m paths and sums them, so the noise is canceled and the original signal (random key K) the sender wishes to transmit is canceled. It can be effectively received.
  • the security of the communication system to which the security-enhanced high-speed communication method and system according to the present invention is applied is completely guaranteed. Can be.
  • FIG. 8 is a diagram illustrating an example of generating complementary noise included in an embodiment of the present invention.
  • an output of a broken light source 801 (BLS) having a relatively wide wavelength band is passed through an AWG (arrayed waveguide grating) 802 to distribute the light source to each channel of the AWG 802. do.
  • BLS broken light source 801
  • AWG array waveguide grating
  • the optical sources distributed to each channel are noisy due to the beating noise.
  • Some of these noisy sources are combined into a BS (beam splitter) 803 and injected into a reflective semiconductor optical amplifier (RSOA) 804. .
  • BS beam splitter
  • RSOA reflective semiconductor optical amplifier
  • the BLS 801 described above may be replaced with another light source such as an F-P LD.
  • the AWG 802 may be any optical component for distributing an optical filter or a beam.
  • the position of each component is not limited to the position shown in FIG. 8, and may change according to circumstances.
  • the number of light sources shown in FIG. 8 is four, this is for convenience of explanation and may be changed.
  • FIG. 9 is a diagram illustrating an example of generating the complementary noise of FIG. 8 by actual experiment.
  • 10 and 11 are diagrams showing states before and after applying to the RSOA described with reference to FIG. 9.
  • FIG. 10 shows two noises 1001 and 1002 before being injected into the RSOA and a result 1003 of the sum of the two noises.
  • the noises 1001 and 1002 of each mode have low correlations with each other, and thus the noises 1003 are not significantly reduced even when the two noises are combined.
  • FIG. 11 shows two noises 1101 and 1102 after being injected into the RSOA and the combined result 1103.
  • the two noise sources 1101 and 1102 after injection into the RSOA, the two noise sources 1101 and 1102 have a strong correlation, and when the two modes are combined, the noises 1103 cancel each other out. Specifically, when the two noise sources 1101 and 1102 are combined (1103), the noise is reduced by about 20 dB than the respective noise sources.
  • FIG. 12 is a diagram illustrating a result of calculating a maximum channel capacity of a target receiver and an eavesdropper based on noise according to an embodiment of the present invention.
  • the secure capacity is 3.01 bits / symbol maximum based on single polarization (difference between 1202 and 1201). If both polarizations are used, the secure capacity can be up to 6.02 bits / symbol.
  • FIG. 13 is a diagram illustrating an example in which a multipath security system according to an embodiment of the present invention is applied in optical communication.
  • examples of applying the multipath security system include secure data 1301, multimode laser 1302, amplified spontaneous emission (ASE) source 1303, and a first WDM filter ( 1304, a signal modulator 1305, an optical communication line 1306, a signal demodulator 1307, a decoder, a second WDM filter 1308, a receiver 1309, and the like.
  • ASE amplified spontaneous emission
  • Secure data 1301 refers to information that a sender would like to secretly convey to or share with a recipient.
  • the multimode laser 1302 refers to a laser having a plurality of oscillation modes in a specific wavelength band.
  • the multimode laser 1302 may include a Fabry-Perot laser diode.
  • the ASE source 1303 is a light source that outputs light of a wide wavelength band, and injects the output light into the multi-mode laser 1302 to suppress noise in each mode of the multi-mode laser 1302.
  • the first WDM filter 1304 is an optical filter that receives light of a wide wavelength band and distributes the light in various paths according to the wavelength.
  • the first WDM filter 1304 may include an arrayed waveguide grating (AWG).
  • the first WDM filter 1304 may divide the multi-mode light transmitted from the multi-mode laser 1302 into various paths according to wavelengths and distribute the multi-mode light. In this case, when the multiple modes are put together, the noise is low, but the individual modes are noisy. Therefore, the light of each path divided by the first WDM filter 1304 is the light before the first WDM filter 1304 is divided. The noise may be severe in comparison with.
  • the signal modulator 1305 may serve to modulate the signal transmitted from the first WDM filter 1304 in various forms.
  • the optical communication line 1306 is a communication line through which a signal that a sender wants to send to a receiver passes, and may include a multipath as illustrated in FIG. 13.
  • the signal demodulator 1307 is a device for demodulating a signal transmitted to the sender through the optical communication line 1306.
  • the signal demodulator 1307 compensates different communication lengths for each path of the optical communication line 1306 to remove source noise due to system characteristics. You can perform such operations as.
  • the second WDM filter 1308 is an optical device that combines light of different short wavelength bands into one path and combines them to move in a single path. Can be. As a result, the total noise of the signal delivered to the receiver 1309 is reduced.
  • the receiver 1309 may be a device that receives an optical signal and reads information, or may use a coherent detection method to increase the sensitivity to the signal.
  • the multipath security system described with reference to FIG. 13 may be applied to the case of using a wired communication and a wireless communication channel as well as an optical communication line.
  • the present invention may be applied to a multipath security system of wired communication and wireless communication, a multipath security system of wireless communication and wireless communication, and a multipath security system of wired communication and wired communication.
  • the wired communication may be an optical communication line, a communication using a copper wire, and the like
  • the wireless communication may be a cellular phone network and a Wi-Fi.
  • the mobile phone network may be a receiver / receiver. Can be used for operations required to generate cryptographic keys.
  • a beam using an antenna which is a technology for adjusting a signal to be concentrated toward a receiver, in a wireless communication Forming (beam forming) may be usefully used.
  • FIG. 14 is a diagram illustrating an example of applying a multipath security system using noise according to an embodiment of the present invention.
  • the security information Before being transmitted through the signal source, the security information is divided into a plurality of transmission signals 1411 and 1412 via a signal splitter or the like, where at least two or more noises generated by the complementary noise device 1415 are injected. Each of the plurality of noise-injected transmission signals is transmitted to the receiver through a plurality of different paths 1430.
  • the receiver 1420 combines a plurality of noise-transmitted transmission signals received through a plurality of different paths 1430 through a signal combiner 1421 or the like.
  • the receiver 1420 may accurately acquire security information that the sender 1410 intends to transmit.
  • the laser used as the light source may be a single mode or multiple modes.
  • the bandwidth may be so narrow that communication is impossible when only one path is used, which makes it possible to more fully defend the eavesdropper.
  • the transmitting end 1410 includes a pure noise generator 1415 which generates complementary pure random noise, wherein each channel 1411 includes at least two noises generated therefrom. , 1412).
  • Channel 1 1411 and Channel 2 1412 are channels to which any communication signal is applied and may include all communication channels including optical communication and wireless communication.
  • the modulators 1413 and 1414 may include a first modulator 1413 and a second modulator 1414 provided in each channel, by using at least two or more noises transmitted from the pure noise generator 1415. It is possible to modulate the signal transmitted from each channel 1411, 1412.
  • the receiving end 1420 can combine the signals of the two channels (1421) to cancel the complementary pure random noise. Thereafter, the noise-injected information is transmitted to the receiving end 1420 through a plurality of different paths, and the receiving end 1420 combines the noise-injected information 1421 to cancel the complementary noise, and the transmitting end 1410. Will correctly and correctly obtain the information to be transmitted.
  • 15 is a diagram illustrating an example in which a single-path security system using noise is applied according to an embodiment of the present invention.
  • any one of the signals is transmitted through the first circulator 1514 to the second communication line 1530.
  • the other signal is transmitted to the first communication line 1513 provided in the transmitter 1510. That is, only one signal transmitted to the second communication line 1530 is shared between the first communication user 1510 and the second communication user 1520.
  • the second communication user 1520 which has received any one signal from the first communication user 1510 with the complementary noise signal, receives the signal using a pure random number generator (PRNG) 1522.
  • PRNG pure random number generator
  • the modulated signal is transmitted to the first communication user 1510, and the first communication user 1510 transmits the other signal and the second communication user 1520 to the first communication line 1513.
  • the modulated signal returned from the C1) is combined to cancel the noise, and a signal transmitted by the second communication user 1520 is obtained.
  • the signal source 1511 outputs a signal containing complementary noise to limit the eavesdropping of the eavesdropper, and each of the signals having the complementary noise is mixed with the first communication line 1513 and the second communication line 1530. Can be delivered to.
  • g (t) and g-1 (t) are encryption keys shared secretly by the first communication user 1510 and the second communication user 1520 to each other to maintain security when the signal is modulated and demodulated. Can be used.
  • the first communication line 1513 is a separate path from the second communication line 1530 connected to the second communication user 1520.
  • the first communication line 1513 is internally managed by the first communication user 1510 and the first communication line.
  • the length of 1513 should be twice the length of the second communication line 1530.
  • the first circulator 1514 receives the signal encrypted by g (t) and transmits the signal to the second communication line 1530, and transmits a signal transmitted through the second communication line 1530 to the controller 1519. It is an optical device.
  • the second communication line 1530 is a communication channel in which the first communication user 1510 and the second communication user 1520 share a signal, and the control unit 1519 uses a signal to and from the second communication line 1530.
  • the length of the first communication line 1513 should be twice the length of the second communication line 1530.
  • the second circulator 1521 transmits a signal transmitted through the second communication line 1530 to the modulator 1523, and transmits the signal modulated by the modulator 1523 to the second communication line 1530.
  • Device transmits a signal transmitted through the second communication line 1530 to the modulator 1523, and transmits the signal modulated by the modulator 1523 to the second communication line 1530.
  • the pure random number generator 1522 is a device that generates a random number that does not have any correlation and thus cannot predict the pattern.
  • the pure random number generator 1522 makes the pattern unpredictable when the eavesdropper taps the encryption key.
  • the modulator 1523 is a device for modulating the signal source transmitted through the second circulator 1521, and the modulation value reflects the random number generated by the pure random number generator 1522.
  • the controller 1519 combines the signal transmitted to the first communication line 1513 and the signal transmitted from the second communication user 1520 through the second communication line 1530 to cancel the noise, and the second communication user 1520 ) Reads a modulated signal (for example, an encryption key) through the modulator 1523.
  • a modulated signal for example, an encryption key
  • 16 is a diagram illustrating an example of a bidirectional multipath security system according to an embodiment of the present invention.
  • examples of bidirectional multipath security schemes include source noise 1611, 1621, equalizers 1612, 1622, equalizers, signal receivers, and processors 1613, 1623, Rx and processor.
  • Source noise 1611 and 1621 may be a signal source that generates a signal with mixed noise and transmits it to transmitters 1614 and 1624.
  • the equalizers 1612 and 1622 suppress noise before the signal receivers and the processors 1613 and 1623 receive the signal received from the other party, and physically compensate for the distortion of the signal generated while passing through the multi-channel 1630. Play a role.
  • Signal receivers and processors 1613 and 1623 may be devices that receive signals from equalizers 1612 and 1622 and process the received signals.
  • Each of the transmitters 1614 and 1624 may be a device that modulates a mixed signal transmitted from the source noises 1611 and 1621 and transmits the mixed signal to the multichannel 1630.
  • the multi-channel 1630 is a communication line through which the first communication user 1610 and the second communication user 1620 exchange signals, and may be various wireless communication and wired communication channels as well as an optical communication line.
  • each channel included in the multichannel 1630 makes it difficult to distinguish a signal, and bidirectional communication is implemented. If a single eavesdropper attacked with one eavesdropper, as described above, the mixed signal would not be able to distinguish the correct signal, and in order to remove the noise, the eavesdropper would eavesdrop the signal on all paths of the multichannel. Should be.
  • the multichannel 1630 is illustrated as two paths. However, the present invention is not limited thereto, and the multichannel 1630 may include at least one path.
  • two transmitters 1614 and 1624 are shown to be included in separate communication users. However, this is for convenience of description and the present invention may include at least two transmitters 1614 and 1624. .
  • each channel included in the multi-channel performs bidirectional communication
  • at least two eavesdroppers in each channel should be eavesdropping at the position as close to the communicator as it is easy to eavesdropping when the channel capacity is increased. You must try. That is, in the case of FIG. 16, at least four eavesdroppers attempt to eavesdrop to increase the likelihood of successful eavesdropping.
  • the plurality of eavesdroppers have a hard time concealing their existence from the security system.
  • the high-speed communication method and system with improved security according to the present invention can be applied to different communication networks, and it is possible to make eavesdropping by eve by implementing each communication network in a different path.
  • the first path included in the communication network is implemented as a cellular network
  • the second path is implemented as an optical communication network
  • the third path is implemented as a Wi-Fi network
  • the security-enhanced high-speed communication method and system according to the present invention can block the possibility of eavesdropping by using the physical characteristics inherent in the channel, and increase the encryption key generation rate up to the transmission rate of information. It may be applied to or used in various communication channels including various technologies.

Abstract

Disclosed is a scheme of transmitting at least two or more transmission signals, in which at least two or more pure random noise signals are contained, through multiple paths, according to one embodiment of the present invention. To implement such a scheme, a complementary noise generator may be used in a high-speed communication method and system with enhanced security according to the present invention. Here, the complementary noise generator refers to an apparatus in which a total sum of summing altogether at least two or more generated noises becomes 0. Namely, the complementary noise generator can generate m noises, and the sum of the m noises becomes 0. By injecting a plurality of noises having such feature into different paths, a channel capacity of each channel is reduced, thereby making a single wiretapping difficult. In comparison, because a receiver receiving a plurality of transmission signals with injected noises receives all noise signals and then sums up the noise signals, the noises are offset, and it is possible to effectively receive the original signal (random key K) intended for transmitting by a transmitter.

Description

보안이 향상된 고속통신 시스템 및 방법Security-enhanced high-speed communication system and method
본 발명은 보안이 향상된 고속통신 시스템 및 방법에 관한 것이다.The present invention relates to a high speed communication system and method with improved security.
통신 이론에 있어서의 근본적인 문제는 제3자가 정보를 획득할 수도 있게 되는 일이 없이 양 당사자들 간에 정보를 전송하는 방안에 관한 문제이다. 예컨대, 전자 금융 거래의 분야에서는, 양 당자사들 간의 통신에 있어 비밀을 유지하는 것이 매우 중요하다.The fundamental problem in the theory of communication is that of transmitting information between both parties without the possibility of obtaining information by a third party. For example, in the field of electronic financial transactions, it is very important to keep confidential in the communication between the parties.
일반적으로, 메시지를 교환하려 하는 양 당사자들을 각각 앨리스와 밥(alice, bob)이라 하는 것으로 알려져 있는 한편, 권한이 없이 메시지에 접근하려 하는 도청자(eavesdropper)를 이브(eve)라 하는 것으로 알려져 있다.In general, both parties attempting to exchange messages are known as alice and bob, while eavesdroppers who attempt to gain unauthorized access to the message are known as eves. .
본 문제를 해결하기 위해 많은 통신 기법들이 개발되었다. 일 부류의 기법들은 이브가 특정의 수학 연산(mathematical operation)들을 합당한 시간 내에 수행하지 못하게 하는, 이브의 계산적 한계(computational limitations)에 의존하고 있다. 예컨대, RSA 공개 키 암호화 기법의 보안은 매우 큰 정수들을 인수 분해하기가 어렵다고 하는 계산적 곤란성에 크게 의존하고 있다. 본 타입의 기법들을 "조건적으로 안전한(conditionally secure)" 또는 "계산적으로 안전한(computational secure)" 기법들이라 하는 것으로 알려져 있다.Many communication techniques have been developed to solve this problem. One class of techniques relies on Eve's computational limitations that prevent Eve from performing certain mathematical operations within a reasonable time. For example, the security of RSA public key cryptography relies heavily on the computational difficulty that it is difficult to factor in very large integers. Techniques of this type are known to be "conditionally secure" or "computational secure" techniques.
조건적으로 안전한 기법들에 있어서의 한 가지 문제점은 그 보안의 신뢰성이 여전히 입증되지 않은 채로 남아있는 복잡도 이론(complexity theory)의 수학적 결과들에 좌우된다는 것이다. 따라서, 적절한 수학적 도구(tool)가 개발될 수 있다면, 앞으로 전통적인 컴퓨터의 자원만을 사용하여 그러한 기법들을 깨뜨릴 일이 없을 것임을 현재 확신할 수 없다. One problem with conditionally secure techniques is that the reliability of the security depends on the mathematical results of the complexity theory that still remain unproven. Thus, if appropriate mathematical tools can be developed, it is not at present certain that there will be no future breakdown of such techniques using the resources of a traditional computer.
이에 대한 해결책으로, 양자키 분배(quantum key distribution)에 따른 암호방식이 있다. 양장키 분배에 따른 암호 방식은 양자역학의 기본원리를 이용하여, 도청자의 연산 능력에 무관하게 보안을 완벽하게 보장하지만, 단일광자 광원 기반에서는 키 생성률(유효 키 bit / 총 전송 bit)이 약 10-4 이하로 낮고, 물리적으로 통신 시스템을 공격 및 보안을 파괴시키는 부채널 공격 (side channel attack)에는 취약한 편이다.As a solution to this, there is an encryption method according to quantum key distribution. The encryption method based on the two key distribution uses the basic principle of quantum mechanics to completely secure the security regardless of the eavesdropping ability of the eavesdropper, but based on the single photon light source, the key generation rate (effective key bit / total transmission bit) is about 10 Lower than -4 and vulnerable to side channel attacks that physically attack and compromise security of communications systems.
키 생성률은 wyner의 정보이론적 접근에서 확인할 수 있는데, 키 생성률은 송신자(alice)와 수신자(bob)의 채널용량에서 송신자(alice)와 도청자(eve)의 채널용량을 뺀 값이 될 수 있다. 여기서, 송신자(alice)와 도청자(eve)의 채널용량은 통신 채널환경의 구축 방법에 따라 변화시킬 수 있다.The key generation rate can be confirmed by wyner's information theory approach. The key generation rate can be the channel capacity of the sender (alice) and the receiver (bob) minus the channel capacity of the sender (alice) and the eavesman (eve). Here, the channel capacity of the sender (alice) and the eavesdropper (eve) can be changed according to the construction method of the communication channel environment.
따라서, 완벽한 보안을 보장하는 키 생성률을 최대로 높이기 위하여, 송신자(alice)와 도청자(eve)의 채널용량을 최소화할 필요가 있으며, 본 발명은 이에 근거한다.Therefore, in order to maximize the key generation rate to ensure perfect security, it is necessary to minimize the channel capacity of the sender (alice) and the eavesdropper (eve), the present invention is based on this.
본 발명의 목적은 계산 복잡도에 의존한 보안체계와 달리, 채널에 내재된 물리적 특성을 활용하여 도청 가능성 자체를 원천 봉쇄하는 절대적 보안체계를 구축하는 보안이 향상된 고속통신 시스템 및 방법을 제공하는 데 있다. An object of the present invention is to provide a high-speed communication system and method with improved security to build an absolute security system to block the possibility of eavesdropping by utilizing the physical characteristics inherent in the channel, unlike a security system depending on the complexity of the calculation .
본 발명은 단일광자 광원 기반이 아니므로 암호 키 생성 속도를 기존 정보의 전송 속도까지 높일 수 있는 통신 시스템 및 방법을 제공한다. The present invention is not based on a single photon light source provides a communication system and method that can increase the encryption key generation rate to the transmission rate of the existing information.
본 발명의 또 다른 목적은 기존 광통신의 다양한 기술들을 비롯하여 다양한 통신채널에 적용되거나 또는 사용될 수 있어, 경제성과 호환성이 증가되는 보안이 향상된 고속통신 시스템 및 방법을 제공하는 데 있다.Another object of the present invention is to provide a high-speed communication system and method with improved security that can be applied or used in a variety of communication channels, including various technologies of the existing optical communication, economical and compatibility is increased.
본 발명의 목적은 계산 복잡도에 의존한 보안체계와 달리, 채널에 내재된 물리적 특성을 활용하여 송수신자 간의 채널용량은 최적화 하되, 도청자의 채널용량을 최소화 함으로써 정보이론에 근거하여 도청 가능성 자체를 원천 봉쇄하는 절대적 보안체계를 구축하는 보안이 향상된 고속통신 시스템 및 방법을 제공하는 데 있다. The object of the present invention is to optimize the channel capacity between the transmitter and the receiver by utilizing the physical characteristics inherent in the channel, unlike the security system depending on the computational complexity, but to minimize the eavesdropping channel based on the information theory by minimizing the channel capacity of the eavesdropper. The present invention provides a high-speed communication system and method with improved security for establishing an absolute security system for blocking.
위와 같은 기술적 과제를 해결하기 위해, 본 발명의 일 실시 예에 따른 보안이 향상된 고속통신 시스템에 구비되는 감도가 증가된 광손실 측정기(OTDR, optical time domain reflectometer)는 광통신 선로에 제1광 펄스를 인가하는 제1광원, 상기 제1광 펄스를 적어도 2이상의 경로로 나누어 출력하는 커플러, 상기 광통신 선로에 상기 제1광 펄스가 인가된 시점을 판단하는 광 검출기, 상기 광통신 선로에 상기 제1광 펄스가 인가된 시점에 응답하여, 상기 제1광 펄스보다 세기가 약한 제2광 펄스를 상기 광통신 선로에 인가하는 제2광원, 상기 광통신 선로에서 반사되어 돌아오는 광 신호를 수신하는 광 수신부, 및 상기 광 수신부에서 감지된 결과를 기반하여, 상기 광통신 선로의 신호 누수를 분석 또는 예측하는 제어부를 포함할 수 있다.In order to solve the above technical problem, an optical time domain reflectometer (OTDR) with increased sensitivity provided in a security-enhanced high-speed communication system according to an embodiment of the present invention applies a first optical pulse to an optical communication line. A first light source to be applied, a coupler for dividing and outputting the first light pulse into at least two paths, an optical detector for determining a time point at which the first light pulse is applied to the optical communication line, and the first light pulse to the optical communication line A second light source for applying a second light pulse, the intensity of which is weaker than the first light pulse, to the optical communication line in response to the time point at which the first light pulse is applied; The controller may include a controller that analyzes or predicts a signal leak of the optical communication line based on the result detected by the optical receiver.
실시 예에 있어서, 상기 커플러에서 출력된 제1광 펄스를 상기 광 통신 선로에 전달하고, 상기 광통신 선로에서 상기 제1광 펄스가 반사되어 돌아오는 광 신호를 상기 광 수신부에 전달하는 제1서큘레이터, 및 상기 제2광원에서 출력된 제2광 펄스를 상기 광통신 선로에 전달하고, 상기 광통신 선로에서 상기 제2광 펄스가 반사되어 돌아오는 광 신호를 상기 광 수신부에 전달하는 제2서큘레이터를 더 포함할 수 있다.In an embodiment, the first circulator transfers the first optical pulse output from the coupler to the optical communication line, and transmits the optical signal reflected from the optical communication line to the optical receiver to the optical receiver. And a second circulator for transmitting a second light pulse output from the second light source to the optical communication line, and for transmitting an optical signal from which the second light pulse is reflected from the optical communication line to the optical receiver. It may include.
실시 예에 있어서, 상기 광 검출기와 연결되고, 상기 광통신 선로에 상기 제1광 펄스가 인가된 시점에 기반하여, 상기 제2광원 및 상기 광 수신부의 동작을 제어하는 신호를 상기 제2광원 및 상기 광 수신부에 전달하는 지연선로를 더 포함할 수 있다.In example embodiments, the second light source and the signal are configured to control operations of the second light source and the light receiver based on a time point at which the first light pulse is applied to the optical communication line. It may further include a delay line for transmitting to the optical receiver.
실시 예에 있어서, 상기 제1서큘레이터 및 상기 제2서큘레이터와 상기 광통신 선로 사이에 구비되고, 서로 다른 파장의 광 펄스를 제1서큘레이터 및 제2서큘레이터로부터 수신하여 상기 광통신 선로에 전달하고, 상기 광통신 선로에서 반사되어 돌아오는 서로 다른 파장의 광 신호 각각을 구분하여 상기 제1서큘레이터 및 상기 제2서큘레이터에 전달하는 WDM 필터(wavelength division multiplexing filter)를 더 포함할 수 있다.In an embodiment, the first circulator and the second circulator and the optical communication line is provided between, and receives the optical pulses of different wavelengths from the first circulator and the second circulator to transmit to the optical communication line The apparatus may further include a wavelength division multiplexing filter (WDM) that separates each of the optical signals having different wavelengths reflected from the optical communication line and returns them to the first circulator and the second circulator.
실시 예에 있어서, 상기 광통신 선로에서 상기 제2광 펄스가 반사되어 돌아오는 광 신호는 상기 제2광 펄스가 상기 제1광 펄스를 따라잡게 되는 순간의 지점에 해당하는 굴절률에 따라, 상기 제2광 펄스가 반사된 광 신호를 포함할 수 있다.The optical signal in which the second light pulse is reflected and returned from the optical communication line may be configured according to a refractive index corresponding to a point at which the second light pulse catches up with the first light pulse. The light pulse may include the reflected light signal.
위와 같은 기술적 과제를 해결하기 위해, 본 발명의 다른 일 실시 예에 따른 보안이 향상된 고속통신방법은 제1통신 사용자가 제1키(K1)를 생성하여 제2통신 사용자에게 전송하는 단계, 상기 제2통신 사용자가 제2키(K2)를 생성하여 상기 제1통신 사용자에게 전송하는 단계, 상기 제1통신 사용자 또는 상기 제2통신 사용자가 상기 제1키 및 상기 제2키에 기반하여, 암호키를 획득하는 단계를 포함할 수 있다.In order to solve the above technical problem, a security-enhanced high-speed communication method according to another embodiment of the present invention comprises the steps of generating a first key (K1) by the first communication user and transmits it to the second communication user, A second communication user generating a second key K2 and transmitting it to the first communication user, wherein the first communication user or the second communication user is based on the first key and the second key; It may include the step of obtaining.
실시 예에 있어서, 상기 제1통신 사용자 및 상기 제2통신 사용자는 적어도 하나 이상의 통신 경로를 통하여 서로 연결되고, 상기 제1통신 사용자 및 상기 제2통신 사용자 사이의 채널용량은 상기 제1통신 사용자 또는 상기 제2통신 사용자와 도청자 사이의 채널용량보다 클 수 있다.In an embodiment, the first communication user and the second communication user are connected to each other through at least one or more communication paths, and the channel capacity between the first communication user and the second communication user is the first communication user or It may be larger than the channel capacity between the second communication user and the eavesdropper.
위와 같은 기술적 과제를 해결하기 위해, 본 발명의 또 다른 일 실시 예에 따른 보안이 향상된 고속통신방법은 제1통신 사용자가 n개의 잡음(n은 1 이상의 자연수) 각각이 주입된 송신 신호를 m개의 통신 경로(m은 1이상의 자연수)를 통하여 제2통신 사용자에게 전송하는 단계, 및 상기 제2통신 사용자가 수신된 n개의 잡음 각각이 주입된 송신 신호에 기반하여, 상기 송신 신호를 획득하는 단계를 포함할 수 있다.In order to solve the above technical problem, a security-enhanced high-speed communication method according to another embodiment of the present invention, the first communication user m m transmission signal injected with each of n noises (n is a natural number of 1 or more) Transmitting to the second communication user through a communication path (m is one or more natural numbers), and acquiring the transmission signal based on a transmission signal injected with each of the n noises received by the second communication user. It may include.
실시 예에 있어서, 상기 n개의 잡음의 합은 0이 되고, 상기 제2통신 사용자는 상기 n개의 잡음을 상쇄시켜, 상기 송신 신호를 획득할 수 있다.In example embodiments, the sum of the n noises becomes 0, and the second communication user may obtain the transmission signal by canceling the n noises.
실시 예에 있어서, 상기 n개의 잡음은 상보 잡음 발생기를 통하여 생성되고, 상기 제1통신 사용자가 n개의 잡음(n은 1 이상의 자연수) 각각이 주입된 송신 신호를 m개의 통신 경로(m은 1이상의 자연수)를 통하여 제2통신 사용자에게 전송하는 단계는 상기 n개의 잡음 중 어느 하나의 잡음 및 상기 송신 신호에 기반하여, 신호의 변조를 수행하고, 상기 m개의 통신 경로에 분배하는 단계를 포함할 수 있다.In example embodiments, the n noises may be generated through a complementary noise generator, and the first communication user may transmit a transmission signal injected with each of n noises (n is a natural number of 1 or more) and m communication paths (m of 1 or more). Transmitting to the second communication user through a natural number) may include modulating and distributing the signal to the m communication paths based on any one of the n noises and the transmission signal. have.
실시 예에 있어서, 상기 n개의 잡음을 생성하는 단계를 더 포함하고, 상기 n개의 잡음을 생성하는 단계는, 넓은 파장대역을 갖는 BLS(broaden light source)의 출력을 제1AWG(arrayed waveguide grating)에 통과시켜 광 소스를 상기 p개의 채널(p는 상기 n 이상의 자연수)로 분배하는 단계, 상기 p개의 채널로 분배된 광 소스 중 상기 n개의 광 소스를 BS(beam splitter)로 결합하여 RSOA(reflective semiconductor optical amplifier)에 주입하는 단계, 및 상기 RSOA의 출력을 제2AWG에 통과시켜 상기 n개의 잡음으로 구분하는 단계를 포함할 수 있다.The method may further include generating the n noises, wherein generating the n noises comprises: outputting a BLS (broaden light source) having a wide wavelength band to a first arrayed waveguide grating (AWG); Distributing an optical source to the p channels (p is a natural number of n or more), and combining the n optical sources among the light sources distributed in the p channels with a beam splitter (BS) to form a reflective semiconductor an optical amplifier), and passing the output of the RSOA through a second AWG to divide the n noise.
위와 같은 기술적 과제를 해결하기 위해, 본 발명의 또 다른 일 실시 예에 따른 보안이 향상된 고속통신방법은 보안 데이터 및 다중모드 레이저에 기반하여, 적어도 2이상의 모드에 해당하는 광 소스를 출력하는 단계, 제1WDM 필터에 기반하여, 상기 광 소스를 적어도 2이상의 경로로 분배하는 단계, 신호변조기에 기반하여, 상기 제1WDM 필터로부터 전달된 신호를 변조하는 단계, 신호복조기에 기반하여, 광통신 선로를 통하여 전달되는 신호를 복조하는 단계, 제2WDM 필터에 기반하여, 복조된 신호들의 개별 모드에 포함되는 잡음들을 상쇄시키는 단계, 및 상기 보안 데이터를 획득하는 단계를 포함할 수 있다.In order to solve the above technical problem, a security-enhanced high-speed communication method according to another embodiment of the present invention, the step of outputting a light source corresponding to at least two modes based on the security data and the multi-mode laser, Distributing the optical source into at least two paths based on a first WDM filter; modulating a signal transmitted from the first WDM filter based on a signal modulator; based on a signal demodulator, transmitting through an optical communication line Demodulating the decoded signal, canceling noises included in the individual modes of the demodulated signals based on the second WDM filter, and acquiring the security data.
실시 예에 있어서, 보안 데이터 및 다중모드 레이저에 기반하여, 적어도 2이상의 모드에 해당하는 광 소스를 출력하는 단계는 ASE(amplified spontaneous emission)의 출력을 상기 다중모드 레이저에 주입하여, 상기 적어도 2이상의 모드에 존재하는 잡음을 억제시키는 단계를 포함할 수 있다.In an embodiment, outputting a light source corresponding to at least two modes based on secure data and a multimode laser may inject an output of an amplified spontaneous emission (ASE) into the multimode laser, Suppressing the noise present in the mode.
위와 같은 기술적 과제를 해결하기 위해, 본 발명의 또 다른 일 실시 예에 따른 보안이 향상된 고속통신방법은 보안 데이터가 적어도 2이상의 송신 신호로 나뉘어 지는 단계, 적어도 2이상의 잡음 각각이 상기 적어도 2이상의 송신 신호에 주입되는 단계, 상기 적어도 2이상의 잡음이 주입된 적어도 2이상의 송신 신호 각각이 서로 다른 복수의 경로를 통하여 수신자에게 전송되는 단계, 및 상기 수신자가 수시된 상기 적어도 2이상의 잡음이 주입된 적어도 2이상의 송신 신호에 기반하여, 상기 보안 데이터를 획득하는 단계를 포함할 수 있다.In order to solve the above technical problem, a security-enhanced high-speed communication method according to another embodiment of the present invention is the step of the security data is divided into at least two or more transmission signals, at least two or more noise each of the at least two or more transmission Injecting a signal, each of the at least two or more transmission signals in which the at least two or more noises are injected, to a receiver through a plurality of different paths, and at least two in which the at least two or more noises are received by the receiver Based on the above transmission signal, it may include the step of obtaining the security data.
실시 예에 있어서, 상기 적어도 2이상의 잡음의 합은 0이 되고, 상기 수신자는 상기 적어도 2이상의 잡음을 상쇄시켜, 상기 보안 데이터를 획득할 수 있다.In example embodiments, the sum of the at least two noises may be zero, and the receiver may cancel the at least two noises to obtain the security data.
위와 같은 기술적 과제를 해결하기 위해, 본 발명의 또 다른 일 실시 예에 따른 보안이 향상된 고속통신방법은 제1통신 사용자가 상보적인 복수의 잡음 중 일부의 잡음이 주입된 신호를 단일 경로를 통하여 제2통신 사용자에게 전송하고, 상기 복수의 잡음 중 나머지를 다른 경로를 통하여 저장하는 단계, 상기 제2통신 사용자가 수신된 신호를 변조하여 송신 신호를 생성하고, 상기 송신 신호를 상기 단일 경로를 통하여 상기 제1통신 사용자에게 전송하는 단계, 및 상기 제1통신 사용자가 상기 제2통신 사용자로부터 되돌려 받은 변조된 신호 및 상기 저장된 나머지 잡음에 기반하여, 상기 송신 신호를 획득하는 단계를 포함할 수 있다.In order to solve the above technical problem, a security-enhanced high-speed communication method according to another embodiment of the present invention provides a first communication user through a single path through a signal in which the noise of some of the plurality of complementary noise is injected Transmitting to the second communication user, storing the remainder of the plurality of noises through another path, the second communication user modulating the received signal to generate a transmission signal, and transmitting the transmission signal through the single path. Transmitting to the first communication user, and acquiring the transmission signal based on the modulated signal received by the first communication user from the second communication user and the stored residual noise.
실시 예에 있어서, 상기 제1통신 사용자가 상기 제2통신 사용자로부터 되돌려 받은 변조된 신호 및 상기 저장된 나머지 잡음에 기반하여, 상기 송신 신호를 획득하는 단계는 상기 제1통신 사용자가 상기 제2통신 사용자로부터 되돌려 받은 변조된 신호 및 상기 저장된 나머지 잡음을 합하여, 상기 상보적인 복수의 잡음을 상쇄시키고, 상기 송신 신호를 획득하는 단계를 포함할 수 있다.The acquiring of the transmission signal by the first communication user based on the modulated signal returned from the second communication user and the stored residual noise may be performed by the first communication user by the second communication user. Summing the modulated signal returned from the stored signal with the remaining noise to cancel the plurality of complementary noises, and obtaining the transmission signal.
실시 예에 있어서, 상기 제1통신 사용자 및 상기 제2통신 사용자는 신호의 변조 및 복조에 이용되는 암호화 키를 서로 비밀리에 공유할 수 있다.In an embodiment, the first communication user and the second communication user may secretly share an encryption key used for modulation and demodulation of a signal.
실시 예에 있어서, 상기 다른 경로의 길이는 상기 단일 경로의 길이의 두배가 될 수 있다.In an embodiment, the length of the other path may be twice the length of the single path.
위와 같은 기술적 과제를 해결하기 위해, 본 발명의 또 다른 일 실시 예에 따른 보안이 향상된 고속통신방법은 제1통신 사용자 또는 제2통신 사용자 각각이 적어도 2이상의 신호 송신기 및 소스 노이즈에 기반하여, 잡음 소스에 신호를 변조하는 단계, 상기 제1통신 사용자 또는 제2통신 사용자 각각이 상기 변조된 신호를 적어도 하나 이상의 경로를 통하여 다른 사용자에게 전송하는 단계, 및 상기 제1통신 사용자 또는 제2통신 사용자 각각이 수신된 신호에 포함된 잡음을 억제하고, 신호의 왜곡 현상을 보상하는 단계를 포함하고, 상기 적어도 하나 이상의 경로는 양방향 통신이 구현되는 광통신 선로, 무선통신 채널 및 유선통신 채널 중 적어도 하나 이상의 통신망을 포함할 수 있다.In order to solve the above technical problem, a security-enhanced high-speed communication method according to another embodiment of the present invention is based on at least two signal transmitter and source noise of each of the first communication user or the second communication user, the noise Modulating a signal at a source, each of the first or second communication user transmitting the modulated signal to another user through at least one or more paths, and each of the first or second communication user Suppressing noise included in the received signal and compensating for distortion of the signal, wherein the at least one path includes at least one of an optical communication line, a wireless communication channel, and a wired communication channel in which bidirectional communication is implemented. It may include.
본 발명에 따른 보안이 향상된 고속통신방법 및 시스템의 효과에 대해 설명하면 다음과 같다.The effects of the improved high speed communication method and system according to the present invention will be described.
본 발명의 실시 예에 의하면, 계산 복잡도에 의존한 보안체계와 달리, 채널에 내재된 물리적 특성을 활용하여 도청 가능성 자체를 원천 봉쇄하는 절대적 보안체계를 구축할 수 있다. According to an embodiment of the present invention, unlike a security system that depends on computational complexity, an absolute security system that blocks the possibility of eavesdropping by using physical characteristics inherent in the channel may be constructed.
또한, 본 발명의 실시 예들 중 적어도 하나에 의하면, 단일광자 광원 기반이 아니므로 암호 키 생성속도를 정보의 전송속도까지 높일 수 있다.In addition, according to at least one of the embodiments of the present invention, since it is not based on a single photon light source, it is possible to increase the encryption key generation rate to the transmission rate of information.
또한, 본 발명의 실시 예들 중 적어도 하나에 의하면, 기존 광통신의 다양한 기술들을 비롯하여 다양한 통신채널에 적용되거나 또는 사용될 수 있어, 경제성과 호환성이 증가될 수 있다.In addition, according to at least one of the embodiments of the present invention, it can be applied to or used in various communication channels including various technologies of the existing optical communication, it is possible to increase the economics and compatibility.
도 1은 고감도로 도청자의 존재를 감지할 수 있는 시스템을 나타내는 도면이다.1 is a diagram illustrating a system capable of detecting the presence of an eavesdropper with high sensitivity.
도 2는 기존에 알려진 OTDR(optical time domain reflectometer)을 나타내는 도면이다.FIG. 2 is a diagram illustrating a known optical time domain reflectometer (OTDR).
도 3은 본 발명의 일 실시 예에 포함되는 고감도 OTDR을 나타내는 도면이다.3 is a diagram illustrating a high sensitivity OTDR included in an embodiment of the present invention.
도 4는 본 발명의 일 실시 예에 포함되는 고감도 OTDR의 동작 방식을 구체적으로 나타내는 도면이다.4 is a diagram illustrating an operation method of a high sensitivity OTDR included in an embodiment of the present invention in detail.
도 5는 본 발명의 일 실시 예에 포함되는 고감도 OTDR를 구체적으로 나타내는 도면이다.5 is a diagram illustrating in detail the high-sensitivity OTDR included in an embodiment of the present invention.
도 6은 본 발명의 일 실시 예에 포함되는 통신 알고리즘을 이용하여 도청을 어렵게 하는 방법을 나타내는 도면이다.6 is a diagram illustrating a method of making eavesdropping difficult using a communication algorithm included in an embodiment of the present invention.
도 7은 본 발명의 일 실시 예에 포함되는 잡음(source noise)을 이용하여 물리적으로 도청을 어렵게 하는 방법을 나타내는 도면이다.FIG. 7 is a diagram illustrating a method of physically making eavesdropping using source noise included in an embodiment of the present invention.
도 8은 본 발명의 일 실시 예에 포함되는 상보 잡음을 생성하는 예를 나타내는 도면이다.8 is a diagram illustrating an example of generating complementary noise included in an embodiment of the present invention.
도 9는 도 8의 상보 잡음을 생성하는 예를 실제 실험으로 구현한 것을 나타내는 도면이다.9 is a diagram illustrating an example of generating the complementary noise of FIG. 8 by actual experiment.
도 10 및 도 11은 도 9를 통하여 설명되는 RSOA에 인가된 전과 후의 상태를 나타내는 도면이다.10 and 11 are diagrams showing states before and after applying to the RSOA described with reference to FIG. 9.
도 12는 본 발명의 일 실시 예에 따른 잡음에 기반하여 수신자(Targeted Receiver)와 도청자(Eve)가 가지는 최대 채널용량을 산출한 결과를 나타내는 도면이다.FIG. 12 is a diagram illustrating a result of calculating a maximum channel capacity of a target receiver and an eavesdropper based on noise according to an embodiment of the present invention.
도 13은 광통신에서 본 발명의 일 실시 예에 따른 다중경로 보안체계가 적용된 예를 나타내는 도면이다.FIG. 13 is a diagram illustrating an example in which a multipath security system according to an embodiment of the present invention is applied in optical communication.
도 14는 본 발명의 일 실시 예에 따른 잡음을 이용한 다중경로 보안체계가 적용된 예를 나타내는 도면이다.14 is a diagram illustrating an example of applying a multipath security system using noise according to an embodiment of the present invention.
도 15는 본 발명의 일 실시 예에 따른 잡음을 이용한 단일경로 보안체계가 적용된 예를 나타내는 도면이다.15 is a diagram illustrating an example in which a single-path security system using noise is applied according to an embodiment of the present invention.
도 16은 본 발명의 일 실시 예에 따른 양방향 다중경로 보안체계의 예를 나타내는 도면이다.16 is a diagram illustrating an example of a bidirectional multipath security system according to an embodiment of the present invention.
이하, 첨부된 도면을 참조하여 본 명세서에 개시된 실시 예를 상세히 설명하되, 도면 부호에 관계없이 동일하거나 유사한 구성요소는 동일한 참조 번호를 부여하고 이에 대한 중복되는 설명은 생략하기로 한다. 이하의 설명에서 사용되는 구성요소에 대한 접미사 "모듈" 및 "부"는 명세서 작성의 용이함만이 고려되어 부여되거나 혼용되는 것으로서, 그 자체로 서로 구별되는 의미 또는 역할을 갖는 것은 아니다. 또한, 본 명세서에 개시된 실시 예를 설명함에 있어서 관련된 공지 기술에 대한 구체적인 설명이 본 명세서에 개시된 실시 예의 요지를 흐릴 수 있다고 판단되는 경우 그 상세한 설명을 생략한다. 또한, 첨부된 도면은 본 명세서에 개시된 실시 예를 쉽게 이해할 수 있도록 하기 위한 것일 뿐, 첨부된 도면에 의해 본 명세서에 개시된 기술적 사상이 제한되지 않으며, 본 발명의 사상 및 기술 범위에 포함되는 모든 변경, 균등물 내지 대체물을 포함하는 것으로 이해되어야 한다. Hereinafter, embodiments of the present disclosure will be described in detail with reference to the accompanying drawings, and the same or similar components are denoted by the same reference numerals regardless of the reference numerals, and redundant description thereof will be omitted. The suffixes "module" and "unit" for components used in the following description are given or used in consideration of ease of specification, and do not have distinct meanings or roles from each other. In addition, in describing the embodiments disclosed herein, when it is determined that the detailed description of the related known technology may obscure the gist of the embodiments disclosed herein, the detailed description thereof will be omitted. In addition, the accompanying drawings are intended to facilitate understanding of the embodiments disclosed herein, but are not limited to the technical spirit disclosed herein by the accompanying drawings, all changes included in the spirit and scope of the present invention. It should be understood to include equivalents and substitutes.
제1, 제2 등과 같이 서수를 포함하는 용어는 다양한 구성요소들을 설명하는데 사용될 수 있지만, 상기 구성요소들은 상기 용어들에 의해 한정되지는 않는다. 상기 용어들은 하나의 구성요소를 다른 구성요소로부터 구별하는 목적으로만 사용된다.Terms including ordinal numbers such as first and second may be used to describe various components, but the components are not limited by the terms. The terms are used only for the purpose of distinguishing one component from another.
어떤 구성요소가 다른 구성요소에 "연결되어" 있다거나 "접속되어" 있다고 언급된 때에는, 그 다른 구성요소에 직접적으로 연결되어 있거나 또는 접속되어 있을 수도 있지만, 중간에 다른 구성요소가 존재할 수도 있다고 이해되어야 할 것이다. 반면에, 어떤 구성요소가 다른 구성요소에 "직접 연결되어" 있다거나 "직접 접속되어" 있다고 언급된 때에는, 중간에 다른 구성요소가 존재하지 않는 것으로 이해되어야 할 것이다.When a component is referred to as being "connected" or "connected" to another component, it may be directly connected to or connected to that other component, but it may be understood that other components may be present in between. Should be. On the other hand, when a component is said to be "directly connected" or "directly connected" to another component, it should be understood that there is no other component in between.
단수의 표현은 문맥상 명백하게 다르게 뜻하지 않는 한, 복수의 표현을 포함한다. Singular expressions include plural expressions unless the context clearly indicates otherwise.
본 출원에서, "포함한다" 또는 "가지다" 등의 용어는 명세서상에 기재된 특징, 숫자, 단계, 동작, 구성요소, 부품 또는 이들을 조합한 것이 존재함을 지정하려는 것이지, 하나 또는 그 이상의 다른 특징들이나 숫자, 단계, 동작, 구성요소, 부품 또는 이들을 조합한 것들의 존재 또는 부가 가능성을 미리 배제하지 않는 것으로 이해되어야 한다.In this application, the terms "comprises" or "having" are intended to indicate that there is a feature, number, step, operation, component, part, or combination thereof described in the specification, and one or more other features. It is to be understood that the present invention does not exclude the possibility of the presence or the addition of numbers, steps, operations, components, components, or a combination thereof.
이하, 도면들을 참조하여 본 발명의 실시 예에 대해 상세히 설명하기로 한다. 본 발명은 본 발명의 정신 및 필수적 특징을 벗어나지 않는 범위에서 다른 특정한 형태로 구체화될 수 있음은 당업자에게 자명하다.Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. It is apparent to those skilled in the art that the present invention can be embodied in other specific forms without departing from the spirit and essential features of the present invention.
본 발명에서 제안되는 실시 예는 신호의 누수를 민감하게 감지하여 도청자의 정보 획득량을 제한하는 시스템, 단일 통신선로에서의 양방향 통신을 통하여 단일 도청자의 도청 위치 및 정보 획득량을 제한하는 시스템, 및 경로의 복잡도와 신호원의 잡음(source noise)을 이용한 다중-입출력(MIMO, multiple-input multiple-output) 시스템에 따른 세 가지 개념 중 적어도 하나 또는 둘 이상을 결합하여 도청 가능성을 최소화하고, 통신 시스템의 보안을 강화할 수 있다.According to an embodiment of the present invention, there is provided a system for limiting the amount of information obtained by the eavesdropper by sensitively detecting a leak of a signal, a system for limiting the eavesdropping location and the amount of information obtained by a single eavesdropper through bidirectional communication on a single communication line, and Minimizes the possibility of eavesdropping by combining at least one or two or more of the three concepts according to a multiple-input multiple-output (MIMO) system using path complexity and source noise of the signal source Can enhance security.
도 1은 고감도로 도청자의 존재를 감지할 수 있는 시스템을 나타내는 도면이다.1 is a diagram illustrating a system capable of detecting the presence of an eavesdropper with high sensitivity.
도 1을 참조하면, 빛의 펄스를 광통신 선로에 주입한 후, 펄스로 주입된 빛의 일부는 광통신 선로 내에서 선로의 입자와의 상호작용으로 반사될 수 있다. 여기서 반사된 빛은 송신단으로 되돌아 올 수 있으며(rayleigh scattering), 이렇게 되돌아 온 빛의 양을 시간에 따라 관찰하면, 특정 지점에서의 광신호의 누출을 확인할 수 있게 된다. 보다 구체적인 내용은 도 2를 통하여 설명한다.Referring to FIG. 1, after injecting a pulse of light into an optical communication line, a part of the light injected by the pulse may be reflected by interaction with particles of the line in the optical communication line. The reflected light can be returned to the transmitter (rayleigh scattering), and when the amount of light returned is observed over time, the leakage of the optical signal at a specific point can be confirmed. More details will be described with reference to FIG. 2.
도 2는 기존에 알려진 OTDR(optical time domain reflectometer)을 나타내는 도면이다.FIG. 2 is a diagram illustrating a known optical time domain reflectometer (OTDR).
도 2를 참조하면, OTDR은 광원(201), 커플러(202), 광 검출기(203), 지연 선로(204), 서큘레이터(205), 광통신 선로(206), 광 수신기(208) 및 제어부(209) 등을 포함할 수 있다.Referring to FIG. 2, the OTDR includes a light source 201, a coupler 202, a photo detector 203, a delay line 204, a circulator 205, an optical communication line 206, an optical receiver 208, and a controller ( 209) and the like.
먼저, 광원(201, light source)은 광통신 선로(206)에 빛을 펄스의 형태로 주입할 수 있다.First, the light source 201 may inject light into the optical communication line 206 in the form of a pulse.
그리고, 커플러(202, coupler)는 광원(201)으로부터 출력된 광 펄스를 적어도 2가지 경로로 나누고, 나누어진 광 펄스 중 하나의 광 펄스를 광통신 선로(206)에 전달하고, 나머지 광 펄스를 광 검출기(203)에 전달할 수 있다.The coupler 202 divides the light pulse output from the light source 201 into at least two paths, transfers one light pulse of the divided light pulses to the optical communication line 206, and transmits the remaining light pulses to the light. May be delivered to the detector 203.
광 검출기(203, photodetector; PD)는 커플러(202)로부터 전달된 광 펄스를 수신하여 광통신 선로(206)에 광 펄스가 주입된 시점을 확인할 수 있게 한다.The photodetector (PD) 203 receives the light pulses transmitted from the coupler 202 to confirm when the light pulses are injected into the optical communication line 206.
지연 선로(204, delay line)는 광 검출기(203)를 통하여 광 펄스가 광통신 선로(206)에 주입된 시점을 확인하고, 광통신 선로(206)에서 반사되어 돌아오는 신호를 효과적으로 감지하기 위하여 광 수신기(208)를 제어하는 역할을 수행한다.The delay line 204 checks the time point at which the optical pulse is injected into the optical communication line 206 through the optical detector 203 and effectively detects the signal reflected back from the optical communication line 206. 208 serves to control.
서쿨레이터(205, circulator)는 광 펄스의 경로를 제어하는 장치로서, 커플러(202)에서 나뉘어 전달된 광 펄스를 광통신 선로(206)에 전달하고, 광통신 선로(206)에서 반사되어 돌아온 광 신호를 광 검출기(208)에 전달할 수 있다.The circulator 205 is a device for controlling the path of the optical pulse. The circulator 205 transmits the optical pulse transmitted from the coupler 202 to the optical communication line 206 and returns the optical signal reflected from the optical communication line 206 and returned. May be delivered to the photo detector 208.
광통신 선로(206, optical fiber)는 광 신호를 전송하는 통로로서, OTDR 시스템의 감시를 당하는 객체가 된다. 여기서 광통신 선로(206)는 광통신 섬유(통신선로) 내에 불순물이나 결점(207, impurity)을 포함할 수 있다.The optical fiber 206 is a path for transmitting an optical signal, and becomes an object to be monitored by the OTDR system. Here, the optical communication line 206 may include impurities or impurity 207 in the optical communication fiber (communication line).
광 검출기(208, avalanche photo-diode; APD)는 광통신 선로(206)에서 반사되어 돌아온 광 신호를 감지하는 기능을 수행하며, 감지된 결과를 제어부(209)에 전달할 수 있다.The photo detector 208 (Avalanche photo-diode (APD)) performs a function of detecting an optical signal reflected from the optical communication line 206 and returned to the controller 209.
제어부(209, processor)는 광 검출기(208)에서 감지된 결과를 토대로 광통신 선로(206)의 상태, 즉 신호의 누수를 분석할 수 있다.The processor 209 may analyze a state of the optical communication line 206, that is, a leak of a signal, based on the result detected by the photo detector 208.
도 3은 본 발명의 일 실시 예에 포함되는 고감도 OTDR을 나타내는 도면이다. 여기서, n은 굴절률(refractive index)을 나타내고, 이는 매질 내에서 빛의 이동 속도를 결정하는 요소이다. 그리고, n0는 어떠한 작용도 가하지 않았을 때에 해당하는 초기 굴절률을 나타내고, n2는 비선형적으로 빛의 세기에 비례하여 변화하는 광섬유의 굴절률의 변화율을 나타내며, I는 광섬유(광통신 선로)를 통과하고 있는 광 펄스의 세기를 나타낸다.3 is a diagram illustrating a high sensitivity OTDR included in an embodiment of the present invention. Where n represents the refractive index, which is a factor determining the speed of light movement in the medium. N0 represents an initial refractive index corresponding to no action, n2 represents a change rate of the refractive index of the optical fiber which is nonlinearly changed in proportion to the light intensity, and I represents the light passing through the optical fiber (optical communication line). Indicates the intensity of the pulse.
수 mW이상의 굉장히 강한 광 펄스가 광섬유(301, 광통신 선로) 내를 통과할 때, 광 펄스(302)가 존재하는 지점에서는 광섬유(301)의 굴절률이 도 3의 아래에 도시된 수식에 따라 일시적으로 변화하게 된다. 구체적으로, 수 mW이상의 강한 광 펄스(302)가 광섬유(301) 내를 통과하는 경우, 굴절률이 증가하게 된다. 그리고, 빛이 매질을 통과할 때 굴절률의 값이 순간적으로 크게 바뀌는 지점에서는 빛의 반사가 증가하게 된다.When a very strong light pulse of several mW or more passes through the optical fiber 301 (optical communication line), at the point where the optical pulse 302 is present, the refractive index of the optical fiber 301 is temporarily changed according to the equation shown below in FIG. Will change. Specifically, when a strong light pulse 302 of several mW or more passes through the optical fiber 301, the refractive index is increased. When the light passes through the medium, the reflection of the light increases at a point where the value of the refractive index changes momentarily greatly.
도 4는 본 발명의 일 실시 예에 포함되는 고감도 OTDR의 동작 방식을 구체적으로 나타내는 도면이다.4 is a diagram illustrating an operation method of a high sensitivity OTDR included in an embodiment of the present invention in detail.
도 4를 참조하면, 광섬유 코어(401, fiber core)는 광 펄스(402, 403, 404, 405)가 통과하는 통로가 되고, 강한 광 펄스(402)는 자신이 존재하는 지점의 광섬유(401)의 굴절률을 증가시킬 수 있을 정도로 빛의 세기가 충분히 강한 신호를 나타낸다. 그리고, 약한 광 펄스(403)는 강한 광 펄스(402)보다 빛의 세기가 약한 광 펄스로서, 강한 광 펄스(402)보다 속도가 더 빠르다.Referring to FIG. 4, the optical fiber core 401 is a path through which the optical pulses 402, 403, 404, 405 pass, and the strong optical pulse 402 is the optical fiber 401 at the point where it is present. The light intensity is strong enough to increase the refractive index of the signal. The weak light pulse 403 is a light pulse whose light intensity is weaker than the strong light pulse 402, and is faster than the strong light pulse 402.
그리고, 강한 광 펄스의 반사파(404)는 강한 광 펄스(402)의 일부가 광섬유(401)와 상호작용을 하여(rayleigh scattering), 반사된 후 송신단으로 되돌아 오는 광 신호를 나타내고, 약한 광 펄스의 반사파(405)는 약한 광 펄스(403)의 일부가 반사되어 송신단으로 되돌아 오는 광 신호를 나타낸다.The reflected wave 404 of the strong light pulse represents an optical signal in which a portion of the strong light pulse 402 interacts with the optical fiber 401 (rayleigh scattering), and then returns to the transmitting end after being reflected. The reflected wave 405 represents an optical signal in which a part of the weak light pulse 403 is reflected and returned to the transmitting end.
보다 구체적으로 본 발명에 포함되는 OTDR을 설명하면, 광섬유의 굴절률에 영향을 주기에 충분히 강한 광 펄스(402)를 그보다 약한 광 펄스(403)보다 먼저 전송하고, 그 뒤에 강한 광 펄스(402)를 뒤따르는 약한 광 펄스(403)를 전송한다. 이러한 경우, 강한 광 펄스(402)가 약한 광 펄스(403)보다 느리기 때문에 약한 광 펄스(403)가 강한 광 펄스를 따라잡게 되는데, 강한 광 펄스(402)가 존재하는 지점의 광섬유(401)의 굴절률은 앞서 설명한 바와 같이 증가하기 때문에, 그 지점에 도달한 약한 광 펄스(403), 즉 강한 광 펄스(402)를 따라잡는 순간의 약한 광 펄스(403)의 반사가 쉽게 발생하게 된다. 이렇게 발생되어 송신단으로 되돌아 가는 광 신호는 일반적으로 반사되어 송신단으로 되돌아 가는 광 신호의 크기보다 크기 때문에, 본 발명의 일 실시 예는 해당 채널의 물리적인 변화를 더 크고 민감하게 감지할 수 있게 된다.In more detail, OTDR included in the present invention, an optical pulse 402 that is strong enough to affect the refractive index of the optical fiber is transmitted before the weaker optical pulse 403, and then the strong optical pulse 402 is transmitted. Transmit the following weak light pulse 403. In this case, since the strong light pulse 402 is slower than the weak light pulse 403, the weak light pulse 403 catches up with the strong light pulse, and the optical fiber 401 at the point where the strong light pulse 402 is present. Since the refractive index increases as described above, the reflection of the weak light pulse 403 reaching the point, that is, the weak light pulse 403 at the moment of catching up with the strong light pulse 402, easily occurs. Since the optical signal generated and returned to the transmitter is generally larger than the size of the optical signal reflected and returned to the transmitter, an embodiment of the present invention can detect a physical change of a corresponding channel more sensitively.
기존에 알려진 OTDR의 경우 통신선로를 한 번 확인하는데 단 하나의 강한 광 펄스를 광섬유에 주입한다. 그리고, 광 펄스의 일부는 광섬유와의 상호작용으로 반사되어 광 펄스를 주입해준 송신단으로 되돌아오게 되는데 이렇게 반사되어 되돌아 오는 광 신호의 펄스 파워는 약 0.001% 밖에 되지 않는다.In the known OTDR, only one strong light pulse is injected into an optical fiber to identify a communication line once. Part of the light pulse is reflected by interaction with the optical fiber and is returned to the transmitting end injecting the light pulse. The pulse power of the reflected light signal is only about 0.001%.
그러나, 본 발명의 일 실시 예에 포함되는 OTDR의 경우, 강한 광 펄스(402)로 인해 굴절률이 증가된 지점이 발생하고, 해당 지점에서 강한 광 펄스(402)를 뒤쫓던 약한 광 펄스(403)가 크게 반사될 수 있게 된다. 이 때의 반사율은 기존에 알려진 OTDR보다 증가하기 때문에 되돌아오는 광 신호의 양 역시 더 증가하게 되고, 이렇게 되돌아 온 광 신호를 통해서 본 발명의 일 실시 예에 포함되는 OTDR은 통신선로에서의 신호 누수의 상태를 민감하게 감지해낼 수 있게 된다.However, in the case of the OTDR included in the embodiment of the present invention, a point at which the refractive index is increased due to the strong light pulse 402 occurs, and the weak light pulse 403 following the strong light pulse 402 at the point is generated. It can be greatly reflected. Since the reflectance at this time is increased than the known OTDR, the amount of the returned optical signal is also increased. Through the returned optical signal, the OTDR included in the embodiment of the present invention is used for the signal leakage in the communication line. The state can be detected sensitively.
도 5는 본 발명의 일 실시 예에 포함되는 고감도 OTDR를 구체적으로 나타내는 도면이다.5 is a diagram illustrating in detail the high-sensitivity OTDR included in an embodiment of the present invention.
도 5를 참조하면, 고감도 OTDR은 제1광원(501), 커플러(502), 광 검출기(503), 지연 선로(504a, 504b, 504c), 제1서큘레이터(505), 제2광원(506), 제2서큘레이터(507), WDM 필터(wavelength division multiplexing filter, 508), 광통신 선로(512), 광 수신기(514a, 514b) 및 제어부(515) 등을 포함할 수 있다.Referring to FIG. 5, the high sensitivity OTDR includes a first light source 501, a coupler 502, a photo detector 503, delay lines 504a, 504b, 504c, a first circulator 505, and a second light source 506. ), A second circulator 507, a wavelength division multiplexing filter 508, an optical communication line 512, optical receivers 514a and 514b, a controller 515, and the like.
먼저, 제1광원(501)은 광통신 선로(512)에 빛을 펄스의 형태로 주입할 수 있다. 제1광원(501)은 제2광원(506)보다 강한 광 펄스(509)를 출력할 수 있다.First, the first light source 501 may inject light into the optical communication line 512 in the form of a pulse. The first light source 501 may output a light pulse 509 stronger than the second light source 506.
그리고, 커플러(502)는 제1광원(501)으로부터 출력된 광 펄스를 적어도 2가지 경로로 나누고, 나누어진 광 펄스 중 하나의 광 펄스를 제1서큘레이터(505)를 통하여 광통신 선로(512)에 전달하고, 나머지 광 펄스를 광 검출기(503)에 전달할 수 있다.The coupler 502 divides the light pulse output from the first light source 501 into at least two paths, and divides one light pulse among the divided light pulses through the first circulator 505. And the remaining light pulses to the photo detector 503.
광 검출기(503)는 커플러(502)로부터 전달된 광 펄스를 수신하여 광통신 선로(512)에 광 펄스가 주입된 시점을 확인할 수 있게 한다.The photo detector 503 receives the optical pulse transmitted from the coupler 502 to confirm the time point at which the optical pulse is injected into the optical communication line 512.
지연 선로(504)는 광 검출기(503)를 통하여 광 펄스가 광통신 선로(512)에 주입된 시점을 확인하고, 제2광원(506) 및 광 수신기(514a, 514b)에 적절한 시점에 제어 신호를 전달하는 역할을 수행한다.The delay line 504 confirms the time point at which the optical pulse is injected into the optical communication line 512 through the photo detector 503, and provides a control signal at a time point suitable for the second light source 506 and the optical receivers 514a and 514b. It serves to convey.
제1서큘레이터(505)는 광 펄스의 경로를 제어하는 장치로서, 커플러(502)에서 나뉘어 전달된 광 펄스를 WDM 필터(508)를 통하여 광통신 선로(512)에 전달하고, WDM 필터(508)로부터 전달되는 광 신호를 광 수신기(514a)에 전달할 수 있다.The first circulator 505 is a device for controlling the path of the optical pulse. The first circulator 505 transfers the optical pulse divided by the coupler 502 to the optical communication line 512 through the WDM filter 508, and the WDM filter 508. The optical signal transmitted from may be delivered to the optical receiver 514a.
제2광원(506)은 지연선로(504b)에서 전달된 제어 신호에 응답하여 약한 광 펄스(510)를 출력할 수 있고, 제2광원(506)으로부터 출력되는 약한 광 펄스(510)는 제1광원(501)에서 출력되는 강한 광 펄스(509)의 뒤를 쫓아가는 펄스이며, 강한 광 펄스(509)보다 이동 속도가 빠르다.The second light source 506 may output the weak light pulse 510 in response to the control signal transmitted from the delay line 504b, and the weak light pulse 510 output from the second light source 506 may be the first light source. It is a pulse following the strong light pulse 509 output from the light source 501, and is moving faster than the strong light pulse 509. FIG.
제2서큘레이터(507)는 제2광원(506)이 출력한 약한 광 펄스(510)를 WDM 필터(508)를 통하여 광통신 선로(512)에 전달하고, WDM 필터(508)로부터 전달되는 광 신호를 광 수신기(514b)에 전달할 수 있다.The second circulator 507 transmits the weak optical pulse 510 output from the second light source 506 to the optical communication line 512 through the WDM filter 508, and the optical signal transmitted from the WDM filter 508. May be delivered to the optical receiver 514b.
WDM 필터(508)는 빛의 파장에 따라 해당 빛을 서로 다른 경로로 나누거나, 또는 다양한 파장의 빛을 하나의 경로로 합쳐주는 역할을 수행할 수 있다. 여기서, WDM 필터(508)는 서로 다른 파장의 광 펄스를 제1서큘레이터(505) 및 제2서큘레이터(507)로부터 수신하여 광통신 선로(512)에 전달한다. 그리고, 광통신 선로(512)로부터 반사되어 되돌아 오는 서로 다른 파장의 광 신호 각각을 제1서큘레이터(505) 및 제2서큘레이터(507)에 전달할 수 있다.The WDM filter 508 may divide the light into different paths or combine light of various wavelengths into one path according to the light wavelength. Here, the WDM filter 508 receives optical pulses having different wavelengths from the first circulator 505 and the second circulator 507 and transmits them to the optical communication line 512. In addition, each of the optical signals having different wavelengths reflected from the optical communication line 512 may be transmitted to the first circulator 505 and the second circulator 507.
강한 광 펄스(509)는 제1광원(501)에 의해 출력된 광 펄스로서, 펄스의 세기가 세기 때문에 자신이 존재하는 영역의 광통신 선로(512)의 굴절률을 일시적으로 변화시킨다. 그 결과, 약한 광 펄스(510)가 강한 광 펄스(509)를 따라 잡는 순간의 해당 지점의 굴절률이 증가하게 되고, 증가된 굴절률에 의해 진행 방향의 반대 방향으로 광 펄스가 반사될 확률 역시 증가하게 된다.The strong light pulse 509 is a light pulse output by the first light source 501. The strong light pulse 509 temporarily changes the refractive index of the optical communication line 512 in the region in which it is present because of the intensity of the pulse. As a result, the refractive index of the point where the weak light pulse 510 catches up with the strong light pulse 509 is increased, and the probability that the light pulse is reflected in the opposite direction of the travel direction by the increased refractive index is also increased. do.
약한 광 펄스(510)는 제2광원(506)에 의해 출력된 광 펄스로서, 이후 광통신 선로(512)에서 반사(510a)되어 송신단으로 되돌아 오게 된다.The weak light pulse 510 is a light pulse output by the second light source 506, and is then reflected 510a on the optical communication line 512 and returned to the transmitting end.
강한 광 펄스(509)의 반사파(509a)는 WDM 필터(508) 및 제1서큘레이터(505)를 통하여 광 수신기(514a)에 전달되고, 약한 광 펄스(510)의 반사파(510a)는 WDM 필터(508) 및 제2서큘레이터(507)를 통하여 광 수신기(514b)에 전달될 수 있다.The reflected wave 509a of the strong light pulse 509 is transmitted to the optical receiver 514a through the WDM filter 508 and the first circulator 505, and the reflected wave 510a of the weak light pulse 510 is the WDM filter. 508 and the second circulator 507 may be delivered to the optical receiver 514b.
광통신 선로(512)는 광 신호를 전송하는 통로로서, OTDR 시스템의 감시를 당하는 객체가 된다. 여기서, 광통신 선로(512)는 광통신 섬유(통신선로) 내에 불순물이나 결점(513)을 포함할 수 있다.The optical communication line 512 is a path for transmitting an optical signal, and becomes an object to be monitored by the OTDR system. Here, the optical communication line 512 may include impurities or defects 513 in the optical communication fiber (communication line).
광 수신기(514a, 514b, APD)는 광통신 선로(512)에서 반사되어 돌아온 광 신호를 감지하는 기능을 수행하며, 감지된 결과를 제어부(515)에 전달할 수 있다.The optical receivers 514a, 514b, and APD perform a function of detecting an optical signal reflected from the optical communication line 512 and return the detected result to the controller 515.
제어부(515)는 광 수신기(514a, 514b)에서 감지된 결과를 토대로 광통신 선로(512)의 상태, 즉 신호의 누수를 분석 또는 예측할 수 있다. 도 5의 경우, 반사되어 돌아오는 빛의 양이 많기 때문에 광통신 선로(512)의 상태를 더욱 민감하고 정확하게 감지해낼 수 있다.The controller 515 may analyze or predict a state of the optical communication line 512, that is, a leak of a signal, based on the results detected by the optical receivers 514a and 514b. In the case of FIG. 5, since the amount of reflected light is large, the state of the optical communication line 512 can be detected more sensitively and accurately.
도 6은 본 발명의 일 실시 예에 포함되는 통신 알고리즘을 이용하여 도청을 어렵게 하는 방법을 나타내는 도면이다.6 is a diagram illustrating a method of making eavesdropping difficult using a communication algorithm included in an embodiment of the present invention.
도 6은 양방향 통신을 나타내는데, 기존의 단방향 통신의 경우 송신자(alice)와 도청자(eve)의 채널용량이 송신자(alice)와 수신자(bob)의 채널용량보다 좋은 경우가 빈번히 발생할 수 있다. 이는 기존의 단방향 통신의 경우 송신자(alice)에 가까운 위치에서 신호를 획득하는 것이 도청자(eve) 입장에서 유리하기 때문에, 송신자(alice)와 도청자(eve) 사이의 거리가 송신자(alice)와 수신자(bob) 사이의 거리보다 짧을 수 있기 때문이다. 이러한 기존의 단방향 통신의 경우, 앞서 설명한 wyner의 정보이론적 접근에 따라 완벽한 보안을 보장하는 키 생성률이 낮아질 수 있고, 그에 따라 도청자(eve)의 도청이 성공할 확률이 증가할 수 있다. 6 illustrates bidirectional communication. In the conventional unidirectional communication, the channel capacity of the sender (alice) and the eavesdropper (eve) may be better than the channel capacity of the sender (alice) and the receiver (bob). This is because in the case of conventional unidirectional communication, it is advantageous for the eavesdropper (eve) to obtain a signal at a location close to the sender (alice), so that the distance between the alice and the eaves is It may be shorter than the distance between the receiver (bob). In the case of such a conventional one-way communication, according to the information theory approach of wyner described above, the key generation rate that guarantees perfect security may be lowered, and thus the probability of eavesdropping by the eavesdropper may increase.
따라서, 본 발명의 일 실시 예는 양방향 통신을 이용하여 암호 키(640)를 생성하는 알고리즘(K1+K2)을 사용한다. 그에 따라, 본 발명에 포함되는 양방향 통신을 도청하고자 하는 도청자(eve)는 알고리즘(611, 621) 및 암호 키(640)를 획득하기 위하여 필수 불가결하게 양 방향 모두를 도청해야 한다.Accordingly, an embodiment of the present invention uses an algorithm K1 + K2 for generating the encryption key 640 using bidirectional communication. Accordingly, an eavesdropper (eve) who wishes to eavesdrop on two-way communication included in the present invention must necessarily eavesdrop in both directions to obtain algorithms 611 and 621 and encryption key 640.
이와 같이 양방향 통신을 도청하고자 하는 단일 도청자의 입장에서 도청을 수행하기 위한 가장 좋은 위치는 통신자 사용자들(제1통신 사용자(610) 및 제2통신 사용자(620))의 중간 위치가 된다. 이는 통신자 사용자들(610, 620)이 도청자(eve)를 감시하고 있다는 가정하에, 도청자는 송신단에서 멀어지는 것이 자신을 숨기기 유리하기 때문이다.As such, the best location for eavesdropping in the position of a single eavesdropper who wants to eavesdrop on two-way communication is an intermediate position between the communicator users (the first communication user 610 and the second communication user 620). This is because assuming that communicator users 610 and 620 are monitoring the eavesdropper, it would be advantageous for the eavesdropper to hide himself from the transmitting end.
이러한 경우, 단방향 통신에 비해 도청자(eve)의 위치가 송신자(alice)로부터 멀어지게 되고, 통신 사용자들(610, 620) 사이의 채널용량이 송신자(610)와 도청자(eve) 사이의 채널용량보다 커지게 된다. 그에 따라 도청자(eve)의 채널용량은 단방향 통신에 비해 제한되게 된다.In this case, compared to unidirectional communication, the location of the eavesdropper (eve) is far from the sender (alice), and the channel capacity between the communication users 610 and 620 is the channel between the sender 610 and the eavesdropper (eve). It will be larger than the capacity. As a result, the channel capacity of the eavesdropper is limited compared to unidirectional communication.
도 7은 본 발명의 일 실시 예에 포함되는 잡음(source noise)을 이용하여 물리적으로 도청을 어렵게 하는 방법을 나타내는 도면이다.FIG. 7 is a diagram illustrating a method of physically making eavesdropping using source noise included in an embodiment of the present invention.
도 7은 적어도 2 이상의 순수랜덤잡음 신호들이 인가된 적어도 2 이상의 송신신호들을 다중 경로(731, 732, 73m)를 통해 전송하는 방식을 나타낸다. 이러한 방식을 구현하기 위해 본 발명에 따른 보안이 향상된 고속통신방법 및 시스템에는 상보 잡음 발생기(712)가 사용될 수 있다. 여기서, 상보 잡음 발생기(712)는 발생시킨 적어도 2 이상의 잡음을 모두 합한 총 합(sum)이 0이 되는 장치를 말한다. 즉, 상보 잡음 발생기(712)는 m개의 잡음을 발생시킬 수 있고, 해당 m개의 잡음의 합은 0이 된다.FIG. 7 illustrates a method of transmitting at least two or more transmission signals to which at least two pure random noise signals are applied through the multipaths 731, 732, and 73m. Complementary noise generator 712 may be used in the security-enhanced high-speed communication method and system according to the present invention to implement such a scheme. Here, the complementary noise generator 712 refers to a device in which a sum sum of all generated at least two noises is zero. That is, the complementary noise generator 712 may generate m noises, and the sum of the m noises is zero.
본 발명은 이러한 m개의 잡음을 m개의 서로 다른 경로(731, 732, 73m)에 전송되는 복수의 송신신호들에 주입할 수 있다. 여기서, 잡음이 주입된 각각의 채널은 잡음으로 인해 채널용량이 감소되고, 그로 인해서 단일도청이 어렵게 된다. 그에 반해, 잡음이 주입된 복수의 송신신호들을 수신한 수신자는 m개의 모든 경로에 대한 신호를 수신하고, 이들을 합하기 때문에 해당 잡음은 상쇄되고, 송신자가 전송하고자 하는 원 신호(랜덤 키K)를 효과적으로 수신할 수 있게 된다. 그러나, 도청자(eve)는 잡음이 주입된 복수의 송신신호들 모두를 수신하는 것은 쉽지 않은 일이기 때문에, 본 발명에 따른 보안이 향상된 고속통신방법 및 시스템이 적용된 통신 시스템의 보안은 완벽하게 보장될 수 있다.The present invention can inject such m noises into a plurality of transmission signals transmitted on m different paths 731, 732, and 73m. Here, each channel in which noise is injected reduces the channel capacity due to noise, thereby making it difficult to single tap. In contrast, a receiver receiving a plurality of noise-injected transmissions receives signals for all m paths and sums them, so the noise is canceled and the original signal (random key K) the sender wishes to transmit is canceled. It can be effectively received. However, since it is not easy for an eavesdropper to receive all of a plurality of noise-injected transmission signals, the security of the communication system to which the security-enhanced high-speed communication method and system according to the present invention is applied is completely guaranteed. Can be.
도 8은 본 발명의 일 실시 예에 포함되는 상보 잡음을 생성하는 예를 나타내는 도면이다.8 is a diagram illustrating an example of generating complementary noise included in an embodiment of the present invention.
도 8을 참조하면, 먼저, AWG(arrayed waveguide grating, 802)에 상대적으로 넓은 파장대역을 가지는 BLS(broaden light source, 801)의 출력을 통과시켜, AWG(802) 각 채널로 광 소스가 분배되도록 한다. Referring to FIG. 8, first, an output of a broken light source 801 (BLS) having a relatively wide wavelength band is passed through an AWG (arrayed waveguide grating) 802 to distribute the light source to each channel of the AWG 802. do.
여기서, 각 채널로 분배된 광 소스들은 Beating noise에 의해 잡음이 큰 편인데, 이러한 잡음이 큰 소스들의 일부를 BS(beam splitter, 803)로 결합하여 RSOA(reflective semiconductor optical amplifier, 804)에 주입한다. Here, the optical sources distributed to each channel are noisy due to the beating noise. Some of these noisy sources are combined into a BS (beam splitter) 803 and injected into a reflective semiconductor optical amplifier (RSOA) 804. .
RSOA의 강한 Gain Saturation을 이용하면 각 채널들에 포함되는 잡음의 크기는 크게 변하지 않는다. 반면에, 총 Intensity의 합은 매우 작은 현상이 발생하게 된다. 즉, 도 8과 같이 상보잡음(λ1, λ2, λ3, λ4)이 형성된다.With RSOA's strong gain saturation, the amount of noise in each channel does not change much. On the other hand, the sum of total intensity is very small. That is, as shown in Fig. 8, complementary noises? 1,? 2,? 3, and? 4 are formed.
한편, 앞서 설명한 BLS(801)는 F-P LD와 같은 다른 광원으로 대체될 수 있다. 그리고, AWG(802)는 Optical Filter 또는 Beam을 분배하는 모든 Optical Component가 될 수 있다. 또한, 각 Component 들의 위치는 도 8에 도시된 위치에 한정되는 것은 아니고, 상황에 따라 바뀔 수 있다. 그리고, 도 8에 도시된 광 소스의 개수는 4개이지만, 이는 설명의 편의를 위한 것으로 변경 가능한 사항이다.Meanwhile, the BLS 801 described above may be replaced with another light source such as an F-P LD. The AWG 802 may be any optical component for distributing an optical filter or a beam. In addition, the position of each component is not limited to the position shown in FIG. 8, and may change according to circumstances. In addition, although the number of light sources shown in FIG. 8 is four, this is for convenience of explanation and may be changed.
도 9는 도 8의 상보 잡음을 생성하는 예를 실제 실험으로 구현한 것을 나타내는 도면이다.9 is a diagram illustrating an example of generating the complementary noise of FIG. 8 by actual experiment.
도 8을 통하여 설명한 바와 같이, 다중모드로 발진하는 F-P LD(901)의 출력 중에서 두 개의 모드만을 Band pass filter(902)로 분리하고, 이를 RSOA(903)에 주입해줌으로써 상보잡음(λ1, λ2)을 생성할 수 있다.As described with reference to FIG. 8, only two modes of the output of the FP LD 901 oscillating in the multi-mode are separated by the band pass filter 902 and injected into the RSOA 903 to compensate for the complementary noises λ 1 and λ 2. ) Can be created.
도 10 및 도 11은 도 9를 통하여 설명되는 RSOA에 인가된 전과 후의 상태를 나타내는 도면이다.10 and 11 are diagrams showing states before and after applying to the RSOA described with reference to FIG. 9.
먼저, 도 10은 RSOA에 주입되기 전의 두 잡음(1001, 1002) 및 두 잡음을 합친 결과(1003)를 나타낸다. 도 10을 참조하면, RSOA에 주입되기 전에는 모드 각각의 잡음(1001, 1002)이 서로 상관관계가 낮아서 두 잡음을 합쳐도 잡음(1003)이 크게 감소되지 않음을 확인할 수 있었다.First, FIG. 10 shows two noises 1001 and 1002 before being injected into the RSOA and a result 1003 of the sum of the two noises. Referring to FIG. 10, before injection into the RSOA, the noises 1001 and 1002 of each mode have low correlations with each other, and thus the noises 1003 are not significantly reduced even when the two noises are combined.
도 11은 RSOA에 주입된 후의 두 잡음(1101, 1102) 및 두 잡음을 합친 결과(1103)를 나타낸다. 도 11을 참조하면, RSOA에 주입된 후에는 두 잡음소스(1101, 1102)가 강한 상관관계를 가지게 되고, 두 모드를 합치면 잡음(1103)이 서로 상쇄됨을 확인했다. 구체적으로 두 잡음소스(1101, 1102)를 합쳤을 때(1103) 각각의 잡음소스보다 약 20dB 정도 잡음이 감소된 것을 확인할 수 있었다.11 shows two noises 1101 and 1102 after being injected into the RSOA and the combined result 1103. Referring to FIG. 11, after injection into the RSOA, the two noise sources 1101 and 1102 have a strong correlation, and when the two modes are combined, the noises 1103 cancel each other out. Specifically, when the two noise sources 1101 and 1102 are combined (1103), the noise is reduced by about 20 dB than the respective noise sources.
도 12는 본 발명의 일 실시 예에 따른 잡음에 기반하여 수신자(Targeted Receiver)와 도청자(Eve)가 가지는 최대 채널용량을 산출한 결과를 나타내는 도면이다.FIG. 12 is a diagram illustrating a result of calculating a maximum channel capacity of a target receiver and an eavesdropper based on noise according to an embodiment of the present invention.
도 12를 참조하면, Secure capacity는 single polarization을 기준으로 최대 3.01bits/symbol임을 알 수 있다(1202과 1201의 차). 만일 2개의 polarization을 전부 사용할 경우라면, Secure capacity는 최대 6.02bits/symbol임 될 수 있을 것이다.Referring to FIG. 12, it can be seen that the secure capacity is 3.01 bits / symbol maximum based on single polarization (difference between 1202 and 1201). If both polarizations are used, the secure capacity can be up to 6.02 bits / symbol.
도 13은 광통신에서 본 발명의 일 실시 예에 따른 다중경로 보안체계가 적용된 예를 나타내는 도면이다. FIG. 13 is a diagram illustrating an example in which a multipath security system according to an embodiment of the present invention is applied in optical communication.
도 8을 참조하면, 다중경로 보안체계가 적용된 예는 보안 데이터(1301, secure data), 다중모드 레이저(1302), 증폭된 자발광원(amplified spontaneous emission; ASE) 소스(1303), 제1WDM 필터(1304), 신호변조기(1305, encoder), 광통신 선로(1306), 신호복조기(1307, decoder), 제2WDM 필터(1308) 및 수신기(1309, receiver) 등을 포함할 수 있다.Referring to FIG. 8, examples of applying the multipath security system include secure data 1301, multimode laser 1302, amplified spontaneous emission (ASE) source 1303, and a first WDM filter ( 1304, a signal modulator 1305, an optical communication line 1306, a signal demodulator 1307, a decoder, a second WDM filter 1308, a receiver 1309, and the like.
보안 데이터(1301)는 송신자가 비밀리에 수신자에게 전달하고 싶어하거나 또는 수신자와 공유하고 싶어하는 정보를 말한다. Secure data 1301 refers to information that a sender would like to secretly convey to or share with a recipient.
다중모드 레이저(1302)는 특정 파장 대역에서 여러 개의 발진 모드를 가지는 레이저를 말하고, 구체적으로, 다중모드 레이저(1302)는 패브리 패롯 레이저 다이오드(fabry-perot laser diode)를 포함할 수 있다.The multimode laser 1302 refers to a laser having a plurality of oscillation modes in a specific wavelength band. Specifically, the multimode laser 1302 may include a Fabry-Perot laser diode.
ASE 소스(1303)는 넓은 파장 대역의 빛을 출력하는 광원으로, 출력된 빛을 다중 모드 레이저(1302)에 주입하여, 다중 모드 레이저(1302)의 각 모드에 존재하는 잡음을 억제할 수 있다.The ASE source 1303 is a light source that outputs light of a wide wavelength band, and injects the output light into the multi-mode laser 1302 to suppress noise in each mode of the multi-mode laser 1302.
제1WDM 필터(1304)는 넓은 파장 대역의 빛을 입력 받아서 파장에 따라 여러 경로로 분배하는 광학 필터로서, 구체적으로, 광파장분배기(arrayed waveguide grating; AWG)를 포함할 수 있다. 제1WDM 필터(1304)는 다중모드 레이저(1302)로부터 전달된 다중 모드 광을 파장에 따라 여러 경로로 나누고, 이를 분배하는 역할을 수행할 수 있다. 여기서, 다중 모드를 서로 합쳐 놓았을 때는 잡음이 적지만, 개개의 모드들은 잡음이 심하기 때문에, 제1WDM 필터(1304)에 의해 나뉜 경로 각각의 광은 제1WDM 필터(1304)에 의해 나뉘기 전의 광과 비교하여 잡음이 심할 수 있다.The first WDM filter 1304 is an optical filter that receives light of a wide wavelength band and distributes the light in various paths according to the wavelength. Specifically, the first WDM filter 1304 may include an arrayed waveguide grating (AWG). The first WDM filter 1304 may divide the multi-mode light transmitted from the multi-mode laser 1302 into various paths according to wavelengths and distribute the multi-mode light. In this case, when the multiple modes are put together, the noise is low, but the individual modes are noisy. Therefore, the light of each path divided by the first WDM filter 1304 is the light before the first WDM filter 1304 is divided. The noise may be severe in comparison with.
신호변조기(1305)는 제1WDM 필터(1304)로부터 전달된 신호를 다양한 형태로 변조하는 역할을 수행할 수 있다.The signal modulator 1305 may serve to modulate the signal transmitted from the first WDM filter 1304 in various forms.
광통신 선로(1306)는 송신자가 수신자에게 보내고자 하는 신호가 통과하는 통신선로로서, 도 13과 같이 다중경로를 포함할 수 있다.The optical communication line 1306 is a communication line through which a signal that a sender wants to send to a receiver passes, and may include a multipath as illustrated in FIG. 13.
신호복조기(1307)는 광통신 선로(1306)를 통하여 송신자에게 전달되는 신호를 복조하는 장치로서, 시스템 특성상 잡음(source noise)을 제거하기 위해 광통신 선로(1306)의 각 경로마다 서로 다른 통신 길이를 보상해주는 등의 동작을 수행할 수 있다.The signal demodulator 1307 is a device for demodulating a signal transmitted to the sender through the optical communication line 1306. The signal demodulator 1307 compensates different communication lengths for each path of the optical communication line 1306 to remove source noise due to system characteristics. You can perform such operations as.
제2WDM 필터(1308)는 서로 다른 짧은 파장 대역들의 빛을 한데 모아 하나의 경로로 이동하도록 합치는 광학 장치로서, 잡음이 심한 각각의 모드들을 시간에 맞춰 다시 합쳐주기 때문에, 개별 모드들의 잡음이 상쇄될 수 있다. 그 결과, 수신자(1309)에 전달되는 신호의 총 잡음은 감소하게 된다.The second WDM filter 1308 is an optical device that combines light of different short wavelength bands into one path and combines them to move in a single path. Can be. As a result, the total noise of the signal delivered to the receiver 1309 is reduced.
수신자(1309)는 광 신호를 수신하여 정보를 읽어 들이는 장치가 될 수 있으며, 신호에 대한 민감도를 높이기 위해 코히런트(coherent) 검출 방식을 이용할 수도 있다.The receiver 1309 may be a device that receives an optical signal and reads information, or may use a coherent detection method to increase the sensitivity to the signal.
도 13을 통해서 설명한, 다중경로 보안체계는 광통신 선로뿐만 아니라 유선통신 및 무선통신 채널을 함께 사용하는 경우에도 적용될 수 있다.The multipath security system described with reference to FIG. 13 may be applied to the case of using a wired communication and a wireless communication channel as well as an optical communication line.
구체적으로, 유선통신과 무선통신의 다중경로 보안체계, 무선통신과 무선통신의 다중경로 보안체계 및 유선통신과 유선통신의 다중경로 보안체계에 적용될 수 있다. 여기서, 유선통신은 광통신 선로, 구리도선을 이용한 통신 등이 될 수 있으며, 무선통신은 휴대전화(cellular phone) 네트워크 및 와이파이(wifi) 등이 될 수 있으며, 특히, 휴대전화 네트워크는 송/수신자간의 암호 키 생성시 필요한 연산에 사용될 수 있다.Specifically, the present invention may be applied to a multipath security system of wired communication and wireless communication, a multipath security system of wireless communication and wireless communication, and a multipath security system of wired communication and wired communication. Here, the wired communication may be an optical communication line, a communication using a copper wire, and the like, and the wireless communication may be a cellular phone network and a Wi-Fi. In particular, the mobile phone network may be a receiver / receiver. Can be used for operations required to generate cryptographic keys.
또한, 잡음을 이용한 다중입출력(MIMO) 통신방식의 경우, 다중경로 보안체계에서 유선망 경로는 단 하나의 경로만 이용될 수도 있으며, 무선통신에서 신호가 수신자 쪽으로만 집중되도록 조절하는 기술인 안테나를 이용한 빔 포밍(beam forming)이 유용하게 사용될 수도 있다.In addition, in the MIMO communication method using noise, only one path may be used for a wired network path in a multipath security system, and a beam using an antenna, which is a technology for adjusting a signal to be concentrated toward a receiver, in a wireless communication Forming (beam forming) may be usefully used.
도 14는 본 발명의 일 실시 예에 따른 잡음을 이용한 다중경로 보안체계가 적용된 예를 나타내는 도면이다.14 is a diagram illustrating an example of applying a multipath security system using noise according to an embodiment of the present invention.
신호원을 통하여 전송되기 전에, 보안 정보는 신호 분배기 등을 통하여 복수의 송신신호들(1411, 1412)로 나뉘어 지고, 여기서 상보 잡음장치(1415)에서 발생된 적어도 2 이상의 잡음이 주입된다. 그리고, 잡음이 주입된 복수의 송신신호들 각각은 서로 다른 복수의 경로(1430)를 통하여 수신자에게 전송된다.Before being transmitted through the signal source, the security information is divided into a plurality of transmission signals 1411 and 1412 via a signal splitter or the like, where at least two or more noises generated by the complementary noise device 1415 are injected. Each of the plurality of noise-injected transmission signals is transmitted to the receiver through a plurality of different paths 1430.
그리고, 수신자(1420)는 서로 다른 복수의 경로(1430)를 통하여 수신한 잡음이 주입된 복수의 송신신호들을 신호 결합기(1421) 등을 통하여 결합한다.The receiver 1420 combines a plurality of noise-transmitted transmission signals received through a plurality of different paths 1430 through a signal combiner 1421 or the like.
여기서, 상보 잡음장치(1415)에서 발생된 적어도 2 이상의 잡음은 그들의 총 합이 0이 되므로, 수신자(1420)는 송신자(1410)가 전송하고자 하는 보안 정보를 정확하게 획득할 수 있게 된다. 여기서, 광원으로 사용되는 레이저는 단일 모드이거나 또는 다중 모드일 수 있다. 그리고, 대역폭은 하나의 경로만 사용되는 경우 통신이 불가능할 정도로 좁을 수 있으며, 이는 도청자의 도청을 더욱 완벽하게 방어할 수 있게 한다.Here, since the total of at least two or more noises generated by the complementary noise device 1415 becomes zero, the receiver 1420 may accurately acquire security information that the sender 1410 intends to transmit. Here, the laser used as the light source may be a single mode or multiple modes. In addition, the bandwidth may be so narrow that communication is impossible when only one path is used, which makes it possible to more fully defend the eavesdropper.
도 14를 통하여 보다 구체적으로 설명하면, 송신단(1410)은 상보적인 순수 랜덤 잡음을 생성하는 순수 잡음 발생기(1415, pure Random generator)를 포함하고, 여기서 발생된 적어도 2 이상의 잡음을 각각의 채널(1411, 1412)에서 출력되는 정보에 주입한다. 여기서, Channel 1(1411) 및 Channel 2(1412)는 임의의 통신 신호가 인가된 채널로써, 광통신 및 무선통신 등을 비롯한 모든 통신 채널을 포괄할 수 있다. 그리고, 변조기(1413, 1414)는 각각의 채널에 구비된 제1변조기(1413) 및 제2변조기(1414)를 포함할 수 있으며, 순수 잡음 발생기(1415)로부터 전달되는 적어도 2이상의 잡음을 이용하여 각각의 채널(1411, 1412)로부터 전달되는 신호를 변조할 수 있다.More specifically with reference to FIG. 14, the transmitting end 1410 includes a pure noise generator 1415 which generates complementary pure random noise, wherein each channel 1411 includes at least two noises generated therefrom. , 1412). Here, Channel 1 1411 and Channel 2 1412 are channels to which any communication signal is applied and may include all communication channels including optical communication and wireless communication. In addition, the modulators 1413 and 1414 may include a first modulator 1413 and a second modulator 1414 provided in each channel, by using at least two or more noises transmitted from the pure noise generator 1415. It is possible to modulate the signal transmitted from each channel 1411, 1412.
여기서, 제1(1413) 및 제2변조기(1414)의 변조를 서로 상반되게 설정함으로써, 수신단(1420)은 두 채널의 신호를 합쳐(1421) 상보적인 순수 랜덤 잡음을 상쇄시킬 수 있게 된다. 이후, 잡음이 주입된 정보들은 서로 다른 복수의 경로를 통하여 수신단(1420)으로 전송되고, 수신단(1420)은 잡음이 주입된 정보들을 결합(1421)하여 상보적 잡음을 상쇄시키고, 송신단(1410)에서 전송하고자 하는 정보를 정확하고 올바르게 획득하게 된다.Here, by setting the modulation of the first 1413 and the second modulator 1414 to be opposite to each other, the receiving end 1420 can combine the signals of the two channels (1421) to cancel the complementary pure random noise. Thereafter, the noise-injected information is transmitted to the receiving end 1420 through a plurality of different paths, and the receiving end 1420 combines the noise-injected information 1421 to cancel the complementary noise, and the transmitting end 1410. Will correctly and correctly obtain the information to be transmitted.
도 15는 본 발명의 일 실시 예에 따른 잡음을 이용한 단일경로 보안체계가 적용된 예를 나타내는 도면이다. 15 is a diagram illustrating an example in which a single-path security system using noise is applied according to an embodiment of the present invention.
도 15와 같이, 잡음의 한쪽 경로는 제1통신 사용자(1510)가 가지고 나머지 한 경로를 이용해서 양방향 통신을 한다면, 도청자(eve)는 잡음을 상쇄시킬 방법이 없기 때문에 효과적인 도청을 할 수 없게 된다.As shown in FIG. 15, if one path of noise is taken by the first communication user 1510 and the two-way communication is performed using the other path, the eavesdropper cannot effectively eavesdrop because there is no way to cancel the noise. do.
도 15를 통하여 보다 구체적으로 설명하면, 신호원(1511)에서 상보적인 잡음이 섞여 있는 신호를 발생시키면, 그 중 어느 하나의 신호는 제1서큘레이터(1514)를 통하여 제2통신선로(1530)에 전달되고, 다른 하나의 신호는 송신자(1510)의 내부에 구비된 제1통신선로(1513)에 전달된다. 즉, 제2통신선로(1530)에 전달된 어느 하나의 신호만을 제1통신 사용자(1510)와 제2통신 사용자(1520)가 공유하게 된다. 제1통신 사용자(1510)로부터 상보적인 잡음이 섞여 있는 신호 중 어느 하나의 신호를 전달받은 제2통신 사용자(1520)는 순수 랜덤 숫자 생성기(1522, pure random number generator; PRNG)를 이용하여 신호를 변조한 뒤, 다시 제1통신 사용자(1510)에게 해당 변조된 신호를 전달하고, 제1통신 사용자(1510)는 제1통신선로(1513)로 전달된 다른 하나의 신호와 제2통신 사용자(1520)로부터 되돌려 받은 변조된 신호를 합쳐 잡음을 상쇄시키고, 제2통신 사용자(1520)가 전송한 신호를 획득한다.In more detail with reference to FIG. 15, when the signal source 1511 generates a signal in which complementary noise is mixed, any one of the signals is transmitted through the first circulator 1514 to the second communication line 1530. The other signal is transmitted to the first communication line 1513 provided in the transmitter 1510. That is, only one signal transmitted to the second communication line 1530 is shared between the first communication user 1510 and the second communication user 1520. The second communication user 1520, which has received any one signal from the first communication user 1510 with the complementary noise signal, receives the signal using a pure random number generator (PRNG) 1522. After the modulation, the modulated signal is transmitted to the first communication user 1510, and the first communication user 1510 transmits the other signal and the second communication user 1520 to the first communication line 1513. The modulated signal returned from the C1) is combined to cancel the noise, and a signal transmitted by the second communication user 1520 is obtained.
여기서, 신호원(1511)은 도청자의 도청을 제한하기 위해 상보적인 잡음을 섞여 있는 신호를 출력하고, 상보적인 잡음이 섞여 있는 신호 각각은 제1통신선로(1513) 및 제2통신선로(1530)에 전달될 수 있다.Here, the signal source 1511 outputs a signal containing complementary noise to limit the eavesdropping of the eavesdropper, and each of the signals having the complementary noise is mixed with the first communication line 1513 and the second communication line 1530. Can be delivered to.
g(t) 및 g-1(t)는 제1통신 사용자(1510)와 제2통신 사용자(1520)가 서로 비밀리에 공유하고 있는 암호화 키로서, 신호의 변조 및 복조시에 보안을 유지하기 위해 사용될 수 있다.g (t) and g-1 (t) are encryption keys shared secretly by the first communication user 1510 and the second communication user 1520 to each other to maintain security when the signal is modulated and demodulated. Can be used.
제1통신선로(1513)는 제2통신 사용자(1520)와 연결되는 제2통신선로(1530)와 구별되는 별도의 경로로서, 제1통신 사용자(1510)가 내부적으로 관리하며, 제1통신선로(1513)의 길이는 제2통신선로(1530)의 길이의 두 배가 되어야 한다.The first communication line 1513 is a separate path from the second communication line 1530 connected to the second communication user 1520. The first communication line 1513 is internally managed by the first communication user 1510 and the first communication line. The length of 1513 should be twice the length of the second communication line 1530.
제1서큘레이터(1514)는 g(t)로 암호화된 신호를 전달받아 제2통신선로(1530)에 전달하고, 제2통신선로(1530)를 통하여 전송되는 신호를 제어부(1519)에 전달하는 광학장치이다.The first circulator 1514 receives the signal encrypted by g (t) and transmits the signal to the second communication line 1530, and transmits a signal transmitted through the second communication line 1530 to the controller 1519. It is an optical device.
제2통신선로(1530)는 제1통신 사용자(1510)와 제2통신 사용자(1520)가 신호를 공유하는 통신 채널로서, 신호가 제2통신선로(1530)를 왕복하기 때문에 제어부(1519)에서 잡음을 제거하려면 제1통신선로(1513)의 길이는 제2통신선로(1530)의 길이의 두 배가 되어야 한다.The second communication line 1530 is a communication channel in which the first communication user 1510 and the second communication user 1520 share a signal, and the control unit 1519 uses a signal to and from the second communication line 1530. To remove the noise, the length of the first communication line 1513 should be twice the length of the second communication line 1530.
제2서큘레이터(1521)는 제2통신선로(1530)를 통하여 전달되는 신호를 변조기(1523)에 전달하고, 변조기(1523)에서 변조된 신호를 다시 제2통신선로(1530)에 전달하는 광학장치이다.The second circulator 1521 transmits a signal transmitted through the second communication line 1530 to the modulator 1523, and transmits the signal modulated by the modulator 1523 to the second communication line 1530. Device.
순수 랜덤 숫자 생성기(1522)는 순수하게 어떠한 상관관계도 갖지 않아서 패턴을 예측할 수 없는 무작위 수를 발생시키는 장치로서, 도청자가 암호 키를 도청할 때 패턴을 예측할 수 없게 하는 역할을 수행한다.The pure random number generator 1522 is a device that generates a random number that does not have any correlation and thus cannot predict the pattern. The pure random number generator 1522 makes the pattern unpredictable when the eavesdropper taps the encryption key.
변조기(1523)는 제2서큘레이터(1521)를 통하여 전달되는 신호원을 변조하는 장치로서, 변조값은 순수 랜덤 숫자 생성기(1522)에서 생성된 무작위 수를 반영한다.The modulator 1523 is a device for modulating the signal source transmitted through the second circulator 1521, and the modulation value reflects the random number generated by the pure random number generator 1522.
제어부(1519)는 제1통신선로(1513)에 전달된 신호와 제2통신 사용자(1520)로부터 제2통신선로(1530)를 통하여 전달된 신호를 합쳐 잡음을 상쇄시키고, 제2통신 사용자(1520)가 변조기(1523)를 통하여 변조한 신호(예를 들어, 암호키)를 읽어내는 장치를 말한다.The controller 1519 combines the signal transmitted to the first communication line 1513 and the signal transmitted from the second communication user 1520 through the second communication line 1530 to cancel the noise, and the second communication user 1520 ) Reads a modulated signal (for example, an encryption key) through the modulator 1523.
도 16은 본 발명의 일 실시 예에 따른 양방향 다중경로 보안체계의 예를 나타내는 도면이다.16 is a diagram illustrating an example of a bidirectional multipath security system according to an embodiment of the present invention.
도 16을 참조하면, 양방향 다중경로 보안체계의 예는 소스 노이즈(1611, 1621, source noise), 이퀄라이저(1612, 1622, equalizer), 신호 수신기 및 프로세서(1613, 1623, Rx and processor). 신호 송신기(1614, 1624, Tx) 및 다중채널(1630) 등을 포함할 수 있다.Referring to FIG. 16, examples of bidirectional multipath security schemes include source noise 1611, 1621, equalizers 1612, 1622, equalizers, signal receivers, and processors 1613, 1623, Rx and processor. Signal transmitters 1614, 1624, Tx, and multichannel 1630.
소스 노이즈(1611, 1621)는 잡음이 섞여 있는 신호를 발생시키고, 이를 송신기(1614, 1624)에 전달하는 신호원이 될 수 있다. Source noise 1611 and 1621 may be a signal source that generates a signal with mixed noise and transmits it to transmitters 1614 and 1624.
이퀄라이저(1612, 1622)는 상대방으로부터 수신된 신호를 신호 수신기 및 프로세서(1613, 1623)가 수신하기 전에 잡음을 억제하고, 다중채널(1630)을 통과하면서 발생되는 신호의 왜곡 현상들을 물리적으로 보상해주는 역할을 수행한다.The equalizers 1612 and 1622 suppress noise before the signal receivers and the processors 1613 and 1623 receive the signal received from the other party, and physically compensate for the distortion of the signal generated while passing through the multi-channel 1630. Play a role.
신호 수신기 및 프로세서(1613, 1623)는 이퀄라이저(1612, 1622)로부터 전달된 신호를 수신하고, 수신된 신호를 처리하는 장치가 될 수 있다.Signal receivers and processors 1613 and 1623 may be devices that receive signals from equalizers 1612 and 1622 and process the received signals.
송신기(1614, 1624) 각각은 소스 노이즈(1611, 1621)로부터 전달된 잡음이 섞여 있는 신호를 변조하여 다중채널(1630)에 전달하는 장치가 될 수 있다.Each of the transmitters 1614 and 1624 may be a device that modulates a mixed signal transmitted from the source noises 1611 and 1621 and transmits the mixed signal to the multichannel 1630.
다중채널(1630)은 제1통신 사용자(1610)와 제2통신 사용자(1620)가 신호를 주고 받는 통신선로로서, 광통신 선로뿐만 아니라 다양한 무선통신 및 유선통신 채널이 될 수 있다.The multi-channel 1630 is a communication line through which the first communication user 1610 and the second communication user 1620 exchange signals, and may be various wireless communication and wired communication channels as well as an optical communication line.
여기서, 다중채널(1630)에 포함되는 각각의 채널은 신호를 구분하기 힘들게 만들어 주고, 양방향 통신이 구현되게 한다. 만일 도청자(eve)가 하나인 단일 도청자의 공격은 앞서 설명한 바와 같이 잡음이 섞여 있는 신호로 인해서 제대로 된 신호를 구분해낼 수 없고, 잡음을 제거하기 위해 도청자는 다중채널의 모든 경로에서 신호를 도청해야 한다. Here, each channel included in the multichannel 1630 makes it difficult to distinguish a signal, and bidirectional communication is implemented. If a single eavesdropper attacked with one eavesdropper, as described above, the mixed signal would not be able to distinguish the correct signal, and in order to remove the noise, the eavesdropper would eavesdrop the signal on all paths of the multichannel. Should be.
한편, 도 16의 경우 다중채널(1630)이 2개 경로로 도시되어 있으나, 본 발명은 이에 한정되지 않고, 다중채널(1630)은 적어도 하나 이상의 경로가 포함될 수 있다. 또한, 도 16의 경우 2개의 송신기(1614, 1624)가 개별 통신 사용자에게 포함되는 것으로 도시되어 있으나, 이는 설명의 편의를 위한 것으로 본 발명은 적어도 2 이상의 송신기(1614, 1624)를 포함할 수 있다.Meanwhile, in FIG. 16, the multichannel 1630 is illustrated as two paths. However, the present invention is not limited thereto, and the multichannel 1630 may include at least one path. In addition, in FIG. 16, two transmitters 1614 and 1624 are shown to be included in separate communication users. However, this is for convenience of description and the present invention may include at least two transmitters 1614 and 1624. .
또한, 다중채널의 포함되는 각 채널은 양방향 통신을 수행하고 있으므로, 송신자에 가까운 위치에서 도청해야 채널 용량이 증가하여 도청하기 용이하기 때문에 각 채널당 최소 두 명의 도청자가 최대한 통신자에 가까운 위치에서 도청을 시도해야 한다. 즉, 도 16의 경우 최소 네 명의 도청자가 도청을 시도해야 도청을 성공할 가능성이 높아지지만, 그만큼 복수의 도청자는 보안 시스템으로부터 자신의 존재를 감추기 힘들어질 수 밖에 없다. In addition, since each channel included in the multi-channel performs bidirectional communication, at least two eavesdroppers in each channel should be eavesdropping at the position as close to the communicator as it is easy to eavesdropping when the channel capacity is increased. You must try. That is, in the case of FIG. 16, at least four eavesdroppers attempt to eavesdrop to increase the likelihood of successful eavesdropping. However, the plurality of eavesdroppers have a hard time concealing their existence from the security system.
이와 같이, 본 발명에 따른 보안이 향상된 고속통신방법 및 시스템은 서로 다른 통신망에 적용될 수 있으며, 각각의 통신망을 다른 경로로 구현하여 도청자(eve)의 도청을 더욱 어렵게 할 수 있다. 예를 들어, 통신망에 포함되는 제1 경로를 셀룰러망으로 구현하고, 제2 경로는 광통신망으로 구현하고, 제3 경로는 와이파이망으로 구현한 후, 이들을 혼합하여 정보를 전달하면, 도청자(eve)의 도청은 더욱 어려워 지고, 해당 통신망의 보안은 더욱 완벽해 질 수 있다.As described above, the high-speed communication method and system with improved security according to the present invention can be applied to different communication networks, and it is possible to make eavesdropping by eve by implementing each communication network in a different path. For example, if the first path included in the communication network is implemented as a cellular network, the second path is implemented as an optical communication network, and the third path is implemented as a Wi-Fi network, a mixture of them is transmitted to transmit information. eavesdropping becomes more difficult, and the security of the network can be more complete.
결국, 본 발명에 따른 보안이 향상된 고속통신방법 및 시스템은, 채널에 내재된 물리적 특성을 활용하여 도청 가능성 자체를 원천 봉쇄하고, 암호 키 생성 속도를 정보의 전송속도까지 높일 수 있으며, 기존 광통신의 다양한 기술들을 비롯하여 다양한 통신채널에 적용되거나 또는 사용될 수 있다.As a result, the security-enhanced high-speed communication method and system according to the present invention can block the possibility of eavesdropping by using the physical characteristics inherent in the channel, and increase the encryption key generation rate up to the transmission rate of information. It may be applied to or used in various communication channels including various technologies.
이상의 상세한 설명은 모든 면에서 제한적으로 해석되어서는 아니되고 예시적인 것으로 고려되어야 한다. 본 발명의 범위는 첨부된 청구항의 합리적 해석에 의해 결정되어야 하고, 본 발명의 등가적 범위 내에서의 모든 변경은 본 발명의 범위에 포함된다.The above detailed description should not be construed as limiting in all respects but should be considered as illustrative. The scope of the invention should be determined by reasonable interpretation of the appended claims, and all changes within the equivalent scope of the invention are included in the scope of the invention.

Claims (20)

  1. 감도가 증가된 광손실 측정기(OTDR, optical time domain reflectometer)를 구비하는 보안이 향상된 고속통신 시스템에 있어서,In a security-enhanced high-speed communication system including an optical time domain reflectometer (OTDR) with increased sensitivity,
    상기 감도가 증가된 광손실 측정기는,The optical loss meter with increased sensitivity,
    광통신 선로에 제1광 펄스를 인가하는 제1광원;A first light source for applying a first light pulse to the optical communication line;
    상기 제1광 펄스를 적어도 2이상의 경로로 나누어 출력하는 커플러;A coupler for dividing and outputting the first optical pulse into at least two paths;
    상기 광통신 선로에 상기 제1광 펄스가 인가된 시점을 판단하는 광 검출기;An optical detector for determining a time point at which the first optical pulse is applied to the optical communication line;
    상기 광통신 선로에 상기 제1광 펄스가 인가된 시점에 응답하여, 상기 제1광 펄스보다 세기가 약한 제2광 펄스를 상기 광통신 선로에 인가하는 제2광원;A second light source configured to apply a second light pulse having a lower intensity than the first light pulse to the optical communication line in response to the time when the first light pulse is applied to the optical communication line;
    상기 광통신 선로에서 반사되어 돌아오는 광 신호를 수신하는 광 수신부; 및An optical receiver which receives an optical signal reflected from the optical communication line and returned; And
    상기 광 수신부에서 감지된 결과를 기반하여, 상기 광통신 선로의 신호 누수를 분석 또는 예측하는 제어부를 포함하는 보안이 향상된 고속통신 시스템.And a controller configured to analyze or predict a signal leak of the optical communication line based on the result detected by the optical receiver.
  2. 제1항에 있어서,The method of claim 1,
    상기 커플러에서 출력된 제1광 펄스를 상기 광 통신 선로에 전달하고, 상기 광통신 선로에서 상기 제1광 펄스가 반사되어 돌아오는 광 신호를 상기 광 수신부에 전달하는 제1서큘레이터; 및A first circulator for transmitting a first optical pulse output from the coupler to the optical communication line, and transmitting an optical signal from which the first optical pulse is reflected from the optical communication line to the optical receiver; And
    상기 제2광원에서 출력된 제2광 펄스를 상기 광통신 선로에 전달하고, 상기 광통신 선로에서 상기 제2광 펄스가 반사되어 돌아오는 광 신호를 상기 광 수신부에 전달하는 제2서큘레이터를 더 포함하는 보안이 향상된 고속통신 시스템.And a second circulator for transmitting a second optical pulse output from the second light source to the optical communication line, and transmitting an optical signal from the optical communication line to the optical receiver, in which the second optical pulse is reflected. High speed security system with improved security.
  3. 제2항에 있어서,The method of claim 2,
    상기 광 검출기와 연결되고, 상기 광통신 선로에 상기 제1광 펄스가 인가된 시점에 기반하여, 상기 제2광원 및 상기 광 수신부의 동작을 제어하는 신호를 상기 제2광원 및 상기 광 수신부에 전달하는 지연선로를 더 포함하는 보안이 향상된 고속통신 시스템.A signal connected to the photo detector and transmitting a signal controlling the operation of the second light source and the light receiver to the second light source and the light receiver based on a time point at which the first light pulse is applied to the optical communication line. Security-enhanced high speed communication system further comprising a delay line.
  4. 제2항에 있어서,The method of claim 2,
    상기 제1서큘레이터 및 상기 제2서큘레이터와 상기 광통신 선로 사이에 구비되고, 서로 다른 파장의 광 펄스를 제1서큘레이터 및 제2서큘레이터로부터 수신하여 상기 광통신 선로에 전달하고, 상기 광통신 선로에서 반사되어 돌아오는 서로 다른 파장의 광 신호 각각을 구분하여 상기 제1서큘레이터 및 상기 제2서큘레이터에 전달하는 WDM 필터(wavelength division multiplexing filter)를 더 포함하는 보안이 향상된 고속통신 시스템.It is provided between the first circulator and the second circulator and the optical communication line, and receives optical pulses of different wavelengths from the first circulator and the second circulator to transmit to the optical communication line, in the optical communication line And a wavelength division multiplexing filter (WDM filter) for dividing each of the optical signals having different wavelengths and returning the reflected light signals to the first circulator and the second circulator.
  5. 제2항에 있어서,The method of claim 2,
    상기 광통신 선로에서 상기 제2광 펄스가 반사되어 돌아오는 광 신호는,The optical signal that the second optical pulse is reflected back from the optical communication line,
    상기 제2광 펄스가 상기 제1광 펄스를 따라잡게 되는 순간의 지점에 해당하는 굴절률에 따라, 상기 제2광 펄스가 반사된 광 신호를 포함하는 보안이 향상된 고속통신 시스템.And a light signal reflected by the second light pulse according to a refractive index corresponding to a point in time at which the second light pulse catches up with the first light pulse.
  6. 제1통신 사용자가 제1키(K1)를 생성하여 제2통신 사용자에게 전송하는 단계;Generating, by the first communication user, the first key K1 and transmitting it to the second communication user;
    상기 제2통신 사용자가 제2키(K2)를 생성하여 상기 제1통신 사용자에게 전송하는 단계; 및Generating, by the second communication user, a second key K2 and transmitting it to the first communication user; And
    상기 제1통신 사용자 또는 상기 제2통신 사용자가 상기 제1키 및 상기 제2키에 기반하여, 암호키를 획득하는 단계를 포함하는 보안이 향상된 고속통신방법.Obtaining, by the first communication user or the second communication user, an encryption key based on the first key and the second key.
  7. 제6항에 있어서,The method of claim 6,
    상기 제1통신 사용자 및 상기 제2통신 사용자는,The first communication user and the second communication user,
    적어도 하나 이상의 통신 경로를 통하여 서로 연결되고,Connected to each other through at least one communication path,
    상기 제1통신 사용자 및 상기 제2통신 사용자 사이의 채널용량은,Channel capacity between the first communication user and the second communication user,
    상기 제1통신 사용자 또는 상기 제2통신 사용자와 도청자 사이의 채널용량보다 큰 보안이 향상된 고속통신방법.And improved security greater than the channel capacity between the first communication user or the second communication user and the eavesdropper.
  8. 제1통신 사용자가 n개의 잡음(n은 1 이상의 자연수) 각각이 주입된 송신 신호를 m개의 통신 경로(m은 1이상의 자연수)를 통하여 제2통신 사용자에게 전송하는 단계; 및Transmitting, by the first communication user, the transmission signal injected with each of n noises (n is one or more natural numbers) to the second communication user through m communication paths (m is one or more natural numbers); And
    상기 제2통신 사용자가 수신된 n개의 잡음 각각이 포함된 송신 신호에 기반하여, 상기 송신 신호를 획득하는 단계를 포함하는 보안이 향상된 고속통신방법.And obtaining, by the second communication user, the transmission signal based on the transmission signal including each of the n noises received.
  9. 제8항에 있어서,The method of claim 8,
    상기 n개의 잡음의 합은 0이 되고,The sum of the n noises is zero,
    상기 제2통신 사용자는,The second communication user,
    상기 n개의 잡음을 상쇄시켜, 상기 송신 신호를 획득하는 보안이 향상된 고속통신방법.A security enhanced security method for canceling the n noises to obtain the transmission signal.
  10. 제8항에 있어서,The method of claim 8,
    상기 n개의 잡음은 상보 잡음 발생기를 통하여 생성되고,The n noises are generated through a complementary noise generator,
    상기 제1통신 사용자가 n개의 잡음(n은 1 이상의 자연수) 각각이 주입된 송신 신호를 m개의 통신 경로(m은 1이상의 자연수)를 통하여 제2통신 사용자에게 전송하는 단계는,The first communication user transmits a transmission signal injected with each of n noises (n is a natural number of 1 or more) to a second communication user through m communication paths (m is a natural number of 1 or more).
    상기 n개의 잡음 중 어느 하나의 잡음 및 상기 송신 신호에 기반하여, 신호의 변조를 수행하고, 상기 m개의 통신 경로에 분배하는 단계를 포함하는 보안이 향상된 고속통신방법.And modulating the signal based on any one of the n noises and the transmission signal, and distributing the signal to the m communication paths.
  11. 제8항에 있어서,The method of claim 8,
    상기 n개의 잡음을 생성하는 단계를 더 포함하고,Generating the n noises,
    상기 n개의 잡음을 생성하는 단계는,Generating the n noises,
    넓은 파장대역을 가지는 BLS(broaden light source)의 출력을 제1AWG(arrayed waveguide grating)에 통과시켜 광 소스를 상기 p개의 채널(p는 상기 n 이상의 자연수)로 분배하는 단계;Distributing a light source having a broad wavelength band through a first arrayed waveguide grating (AWG) to distribute the light source into the p channels (p is a natural number of n or more);
    상기 p개의 채널로 분배된 광 소스 중 상기 n개의 광 소스를 BS(beam splitter)로 결합하여 RSOA(reflective semiconductor optical amplifier)에 주입하는 단계; 및Combining the n light sources among the light sources distributed in the p channels into a beam splitter (BS) and injecting the same into a reflective semiconductor optical amplifier (RSAA); And
    상기 RSOA의 출력을 제2AWG에 통과시켜 상기 n개의 잡음으로 구분하는 단계를 포함하는 보안이 향상된 고속통신방법.And passing the output of the RSOA through a second AWG to separate the n noises.
  12. 보안 데이터 및 다중모드 레이저에 기반하여, 적어도 2이상의 모드에 해당하는 광 소스를 출력하는 단계;Outputting a light source corresponding to at least two modes based on the security data and the multimode laser;
    제1WDM 필터에 기반하여, 상기 광 소스를 적어도 2이상의 경로로 분배하는 단계;Distributing the light source into at least two paths based on a first WDM filter;
    신호변조기에 기반하여, 상기 제1WDM 필터로부터 전달된 신호를 변조하는 단계;Based on a signal modulator, modulating a signal transmitted from the first WDM filter;
    신호복조기에 기반하여, 광통신 선로를 통하여 전달되는 신호를 복조하는 단계;Based on a signal demodulator, demodulating a signal transmitted through an optical communication line;
    제2WDM 필터에 기반하여, 복조된 신호들의 개별 모드에 포함되는 잡음들을 상쇄시키는 단계; 및Canceling noises included in the individual modes of the demodulated signals, based on the second WDM filter; And
    상기 보안 데이터를 획득하는 단계를 포함하는 보안이 향상된 고속통신방법.Obtaining improved security data.
  13. 제12항에 있어서,The method of claim 12,
    보안 데이터 및 다중모드 레이저에 기반하여, 적어도 2이상의 모드에 해당하는 광 소스를 출력하는 단계는,Based on the security data and the multi-mode laser, outputting a light source corresponding to at least two modes,
    ASE(amplified spontaneous emission)의 출력을 상기 다중모드 레이저에 주입하여, 상기 적어도 2이상의 모드에 존재하는 잡음을 억제시키는 단계를 포함하는 보안이 향상된 고속통신방법.Injecting an output of an AMP (amplified spontaneous emission) into the multimode laser, thereby suppressing noise present in the at least two or more modes.
  14. 보안 데이터가 적어도 2이상의 송신 신호로 나뉘어 지는 단계;Dividing the security data into at least two transmission signals;
    적어도 2이상의 신호가 상기 적어도 2이상의 잡음 소스에 변조되는 단계;Modulating at least two signals on the at least two noise sources;
    상기 적어도 2이상의 잡음이 주입된 적어도 2이상의 송신 신호 각각이 서로 같거나 다른 경로를 통하여 수신자에게 전송되는 단계; 및Transmitting each of the at least two or more transmitted signals in which the at least two or more noises are injected to the receiver through the same or different paths; And
    상기 수신자가 수신된 상기 적어도 2이상의 잡음이 포함된 적어도 2이상의 송신 신호에 기반하여, 상기 보안 데이터를 획득하는 단계를 포함하는 보안이 향상된 고속통신방법.And obtaining, by the receiver, the secure data based on at least two transmitted signals including the at least two noises received.
  15. 제14항에 있어서,The method of claim 14,
    상기 적어도 2이상의 잡음의 합은 0이 되고,The sum of the at least two noises is zero,
    상기 수신자는,The recipient,
    상기 적어도 2이상의 잡음을 상쇄시켜, 상기 보안 데이터를 획득하는 보안이 향상된 고속통신방법.A security enhanced high speed communication method for canceling the at least two or more noises to obtain the security data.
  16. 제1통신 사용자가 상보적인 복수의 잡음 중 일부의 잡음이 포함된 신호를 단일 경로를 통하여 제2통신 사용자에게 전송하고, 상기 복수의 잡음 중 나머지를 다른 경로를 통하여 저장하는 단계;Transmitting, by the first communication user, a signal including the noise of some of the plurality of complementary noises to the second communication user through a single path, and storing the remaining of the plurality of noises through another path;
    상기 제2통신 사용자가 수신된 신호를 변조하여 송신 신호를 생성하고, 상기 송신 신호를 상기 단일 경로를 통하여 상기 제1통신 사용자에게 전송하는 단계; 및The second communication user modulating the received signal to generate a transmission signal, and transmitting the transmission signal to the first communication user via the single path; And
    상기 제1통신 사용자가 상기 제2통신 사용자로부터 되돌려 받은 변조된 신호 및 상기 저장된 나머지 잡음에 기반하여, 상기 송신 신호를 획득하는 단계를 포함하는 보안이 향상된 고속통신방법.Obtaining, by the first communication user, the transmission signal based on the modulated signal returned from the second communication user and the stored residual noise.
  17. 제16항에 있어서,The method of claim 16,
    상기 제1통신 사용자가 상기 제2통신 사용자로부터 되돌려 받은 변조된 신호 및 상기 저장된 나머지 잡음에 기반하여, 상기 송신 신호를 획득하는 단계는,Acquiring the transmission signal based on the modulated signal received by the first communication user from the second communication user and the stored residual noise;
    상기 제1통신 사용자가 상기 제2통신 사용자로부터 되돌려 받은 변조된 신호 및 상기 저장된 나머지 잡음을 합하여, 상기 상보적인 복수의 잡음을 상쇄시키고, 상기 송신 신호를 획득하는 단계를 포함하는 보안이 향상된 고속통신방법.Security-enhanced high-speed communication comprising the first communication user adding the modulated signal returned from the second communication user and the stored residual noise to cancel the complementary plurality of noises and obtaining the transmission signal Way.
  18. 제16항에 있어서,The method of claim 16,
    상기 제1통신 사용자 및 상기 제2통신 사용자는,The first communication user and the second communication user,
    신호의 변조 및 복조에 이용되는 암호화 키를 서로 비밀리에 공유하는 보안이 향상된 고속통신방법.High-speed communication method with improved security for secretly sharing encryption keys used for signal modulation and demodulation.
  19. 제16항에 있어서,The method of claim 16,
    상기 다른 경로의 길이는,The length of the other path is,
    상기 단일 경로의 길이의 2배가 되는 보안이 향상된 고속통신방법.A security-enhanced high-speed communication method that doubles the length of the single path.
  20. 제1통신 사용자 또는 제2통신 사용자 각각이 적어도 2이상의 신호 송신기 및 소스 노이즈에 기반하여, 잡음들에 신호를 변조하는 단계;Modulating a signal to noises based on at least two signal transmitters and source noise by each of the first communication user or the second communication user;
    상기 제1통신 사용자 또는 제2통신 사용자 각각이 상기 변조된 신호를 적어도 하나 이상의 경로를 통하여 다른 사용자에게 전송하는 단계; 및Transmitting each of the first communication user and the second communication user to another user through at least one path; And
    상기 제1통신 사용자 또는 제2통신 사용자 각각이 수신된 신호에 포함된 잡음을 억제하고, 신호의 왜곡 현상을 보상하는 단계를 포함하고,Suppressing noise included in the received signal by each of the first communication user or the second communication user, and compensating for distortion of the signal;
    상기 적어도 하나 이상의 경로는,The at least one route is,
    양방향 통신이 구현되는 광통신 선로, 무선통신 채널 및 유선통신 채널 중 적어도 하나 이상의 통신망을 포함하는 보안이 향상된 고속통신방법.A security enhanced high speed communication method comprising at least one communication network of an optical communication line, a wireless communication channel, and a wired communication channel for implementing bidirectional communication.
PCT/KR2016/001658 2015-08-24 2016-02-18 High-speed communication system and method with enhanced security WO2017034112A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US15/754,919 US20180259737A1 (en) 2015-08-24 2016-02-18 High-Speed Communication System and Method with Enhanced Security
CN201680049109.1A CN108141288A (en) 2015-08-24 2016-02-18 High-speed communication system and method with enhancing safety

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
KR10-2015-0119056 2015-08-24
KR20150119056 2015-08-24
KR10-2016-0019300 2016-02-18
KR1020160019300A KR101916995B1 (en) 2015-08-24 2016-02-18 System and method for high speed communication with enhanced security

Publications (1)

Publication Number Publication Date
WO2017034112A1 true WO2017034112A1 (en) 2017-03-02

Family

ID=58100577

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2016/001658 WO2017034112A1 (en) 2015-08-24 2016-02-18 High-speed communication system and method with enhanced security

Country Status (1)

Country Link
WO (1) WO2017034112A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109660342A (en) * 2018-12-24 2019-04-19 江苏亨通智能物联系统有限公司 Wireless speech transfers net system based on quantum cryptography
CN111953410A (en) * 2020-08-20 2020-11-17 中电科仪器仪表有限公司 Submarine optical cable simulation test device and method for coherent optical time domain reflectometer
CN111970287A (en) * 2020-08-24 2020-11-20 中南大学 Round-trip continuous variable quantum key distribution noise compensation method and system thereof
CN113612544A (en) * 2021-07-13 2021-11-05 杭州电子科技大学 Optical chaotic secret communication system with four-dimensional key space

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000278249A (en) * 1999-03-04 2000-10-06 Lucent Technol Inc System and method for making secret multiple wavelength communication on optical fiber
KR20070122560A (en) * 2005-05-18 2007-12-31 모토로라 인코포레이티드 Method and apparatus for rapid secure session establishment on half-duplex ad-hoc group voice cellular network channels
WO2010093195A2 (en) * 2009-02-13 2010-08-19 한국과학기술원 Low-noise optical signal transmitter with low-noise multi-wavelength light source, broadcast signal transmitter using low-noise multi-wavelength light source, and optical network with the same
US20120148046A1 (en) * 2010-12-10 2012-06-14 Chunjie Duan Secure Wireless Communication Using Rate-Adaptive Codes
KR20130085538A (en) * 2011-12-19 2013-07-30 엘에스전선 주식회사 Optical line monitoring system
US20140186033A1 (en) * 2012-12-28 2014-07-03 Alcatel-Lucent Usa Inc. Secure data transmission via spatially multiplexed optical signals

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000278249A (en) * 1999-03-04 2000-10-06 Lucent Technol Inc System and method for making secret multiple wavelength communication on optical fiber
KR20070122560A (en) * 2005-05-18 2007-12-31 모토로라 인코포레이티드 Method and apparatus for rapid secure session establishment on half-duplex ad-hoc group voice cellular network channels
WO2010093195A2 (en) * 2009-02-13 2010-08-19 한국과학기술원 Low-noise optical signal transmitter with low-noise multi-wavelength light source, broadcast signal transmitter using low-noise multi-wavelength light source, and optical network with the same
US20120148046A1 (en) * 2010-12-10 2012-06-14 Chunjie Duan Secure Wireless Communication Using Rate-Adaptive Codes
KR20130085538A (en) * 2011-12-19 2013-07-30 엘에스전선 주식회사 Optical line monitoring system
US20140186033A1 (en) * 2012-12-28 2014-07-03 Alcatel-Lucent Usa Inc. Secure data transmission via spatially multiplexed optical signals

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109660342A (en) * 2018-12-24 2019-04-19 江苏亨通智能物联系统有限公司 Wireless speech transfers net system based on quantum cryptography
CN111953410A (en) * 2020-08-20 2020-11-17 中电科仪器仪表有限公司 Submarine optical cable simulation test device and method for coherent optical time domain reflectometer
CN111953410B (en) * 2020-08-20 2022-03-04 中电科思仪科技股份有限公司 Submarine optical cable simulation test device and method for coherent optical time domain reflectometer
CN111970287A (en) * 2020-08-24 2020-11-20 中南大学 Round-trip continuous variable quantum key distribution noise compensation method and system thereof
CN113612544A (en) * 2021-07-13 2021-11-05 杭州电子科技大学 Optical chaotic secret communication system with four-dimensional key space

Similar Documents

Publication Publication Date Title
KR101916995B1 (en) System and method for high speed communication with enhanced security
US20200389299A1 (en) Quantum security systems
US7471793B2 (en) Method and apparatus for use in encrypted communication
WO2016117976A1 (en) Mobile terminal having quantum cryptographic security function for mobile commerce, and authentication method
WO2016117978A1 (en) Mobile commerce and authentication method having improved security by quantum cryptography
US7889868B2 (en) Quantum key distribution system
US8374350B2 (en) Quantum communication system
US7613396B2 (en) Multiplexing communication system and crosstalk elimination method
US7796896B2 (en) Secure optical communication
US20060222180A1 (en) Chip-scale transmitter for quantum cryptography
WO2017034112A1 (en) High-speed communication system and method with enhanced security
WO2017204440A1 (en) Code-based quantum cryptographic key distribution method, apparatus, and system
KR20010090257A (en) Key distributing method in secure communication system using multiplexed access manner
US7242774B1 (en) Quantum cryptography based on phase entangled photons
US11641241B2 (en) Optical communication system using mode-locked frequency comb and all-optical phase encoding for spectral and temporal encrypted and stealthy transmission, and for optical processing-gain applications
US11616645B1 (en) Encrypted data transmission in optical- and radio-access networks based on quantum key distribution
US8428259B2 (en) Apparatus and method for all-optical encryption and decryption of an optical signal
Liang et al. Quantum noise protected data encryption in a WDM network
Aleksic et al. Distribution of quantum keys in optically transparent networks: Perspectives, limitations and challenges
CN113454944A (en) Efficient quantum key security in point-to-multipoint passive optical networks
CN108173655A (en) A kind of quantum key dispatching system based on two-way polarization compensation
KR101898417B1 (en) System and method for high speed communication with enhanced security
KR101897531B1 (en) System and method for high speed communication with enhanced security
Townsend et al. Secure optical communications systems using quantum cryptography
Tomita et al. High speed quantum key distribution system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16839403

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 15754919

Country of ref document: US

122 Ep: pct application non-entry in european phase

Ref document number: 16839403

Country of ref document: EP

Kind code of ref document: A1