KR101897531B1 - System and method for high speed communication with enhanced security - Google Patents

Abstract

A high-speed communication method with improved security according to the present invention is a high-speed communication method with improved security, which is performed by a transmitter and a receiver, the method comprising: a transmitter outputting a light source corresponding to at least two modes; Distributing a light source through at least two paths through a first WDM filter (Wavelength Division Multiplexing filter); And modulating a signal transmitted from the first WDM filter, wherein the receiver demodulates the signal transmitted through the optical communication line; Summing and canceling the noise included in the individual modes of the demodulated signals; And obtaining security data from the noise canceled signal.

Description

[0001] SYSTEM AND METHOD FOR HIGH SPEED COMMUNICATION WITH ENHANCED SECURITY [0002]

The present invention relates to a high-speed communication system and method with improved security.

The fundamental problem in communication theory is the question of how to transfer information between the two parties without the third party being able to obtain the information. For example, in the field of electronic financial transactions, it is very important to maintain confidentiality in the communication between the parties.

In general, it is known that eavesdroppers, which are known to both parties to exchange messages, are called alice and bob, respectively, while attempting to gain unauthorized access to messages .

Many communication techniques have been developed to solve this problem. One class of techniques relies on Eve's computational limitations that prevent Eve from performing certain mathematical operations in a reasonable amount of time. For example, the security of RSA public key cryptography relies heavily on the computational difficulty of factoring very large integers. Techniques of this type are known to be "conditionally secure" or "computational secure" techniques.

One problem with conditionally secure techniques is that the reliability of the security is still dependent on the mathematical results of the complexity theory that remains unproven. Thus, if appropriate mathematical tools can be developed, we can not currently be confident that we will not break those techniques using only traditional computer resources in the future.

As a solution to this, there is a cryptosystem according to a quantum key distribution. The cryptographic scheme according to the cryptographic key distribution uses the basic principle of quantum mechanics to completely guarantee the security irrespective of the computing ability of the eavesdropper. However, in the case of the single photon source, the key generation rate (effective key bit / total transmission bit) -4 and is vulnerable to a side channel attack that physically attacks the communication system and destroys security.

The key generation rate can be confirmed by wyner's information theory approach. The key generation rate can be the channel capacity of the sender (alice) and the receiver (bob) minus the channel capacity of the sender (alice) and the eavesdropper (eve). Here, the channel capacities of the sender (alice) and the eavesdropper (eve) can be changed according to the construction method of the communication channel environment.

Therefore, in order to maximize the key generation rate that ensures perfect security, it is necessary to minimize the channel capacity of the sender (alice) and the eavesdropper (eve), and the present invention is based on this.

It is an object of the present invention to provide a high-speed communication system and method with improved security for establishing an absolute security system that blocks the possibility of eavesdropping by utilizing the physical characteristics inherent in a channel, unlike a security system that depends on computational complexity .

Since the present invention is not based on a single photon source, the present invention provides a communication system and method capable of increasing a cipher key generation rate up to a transmission rate of existing information.

It is still another object of the present invention to provide a high-speed communication system and method with improved security, which can be applied or used in various communication channels including various technologies of existing optical communication, thereby improving economy and compatibility.

The object of the present invention is to optimize the channel capacity between transmitters and receivers by utilizing the physical characteristics inherent in the channel, unlike the security system which depends on the calculation complexity, but by minimizing the channel capacity of the eavesdropper, And to provide a security-enhanced high-speed communication system and method for establishing an absolute security system for blocking the communication.

According to an aspect of the present invention, there is provided an OTDR (Optical Time Domain Reflectometer) provided in a high-speed communication system with improved security, including a first optical pulse A coupler for dividing the first optical pulse into at least two paths, a photodetector for determining when the first optical pulse is applied to the optical communication line, a second optical pulse A second light source for applying a second optical pulse whose intensity is weaker than that of the first optical pulse to the optical communication line in response to a time point at which the first optical pulse is applied to the optical communication line, And a controller for analyzing or predicting the signal leakage of the optical communication line based on the result detected by the optical receiver.

The first circulator transmits the first optical pulse output from the coupler to the optical communication line and transmits the optical signal reflected from the optical transmission line to the optical receiver, And a second circulator for transmitting a second optical pulse output from the second light source to the optical communication line and for transmitting an optical signal reflected from the optical communication line to the optical receiving unit .

In the embodiment, a signal, which is connected to the photodetector and controls the operation of the second light source and the light receiving unit, based on a time point when the first optical pulse is applied to the optical communication line, And a delay line for transmitting the signal to the light receiving unit.

In the embodiment, optical pulses of different wavelengths, which are provided between the first circulator and the second circulator and the optical communication line, are received from the first circulator and the second circulator and are transmitted to the optical communication line And a WDM filter (wavelength division multiplexing filter) for dividing optical signals of different wavelengths reflected from the optical communication line and transmitting the optical signals to the first circulator and the second circulator.

In an embodiment, the optical signal reflected by the second optical pulse in the optical communication line may be reflected by the second optical pulse in accordance with a refractive index corresponding to a moment at which the second optical pulse follows the first optical pulse, The optical pulse may include a reflected optical signal.

According to another aspect of the present invention, there is provided a security-enhanced high-speed communication method including: generating a first key (K1) by a first communication user and transmitting the same to a second communication user; 2 communication user generates and transmits a second key (K2) to the first communication user, wherein the first communication user or the second communication user is configured to generate, based on the first key and the second key, May be obtained.

In an embodiment, the first communication user and the second communication user are connected to each other via at least one communication path, and the channel capacity between the first communication user and the second communication user is different from the first communication user May be greater than the channel capacity between the second communication user and the eavesdropper.

According to another aspect of the present invention, there is provided a security-enhanced high-speed communication method in which a first communication user inputs m (n is a natural number) (M is a natural number greater than or equal to 1) to the second communication user, and the second communication user acquiring the transmission signal based on the transmission signal injected with each of the n noise received .

In an embodiment, the sum of the n noise is zero, and the second communication user can cancel the n noise to obtain the transmission signal.

In an embodiment, the n noise is generated through a complementary noise generator, and the first communication user transmits a transmission signal in which n noise (n is a natural number of 1 or more) is injected into m communication paths (m is 1 or more The natural number) may include modulating the signal and distributing it to the m communication paths based on any one of the n noises and the transmission signal have.

The method of claim 1, further comprising generating the n noise, wherein generating the n noise comprises: outputting a broadening light source (BLS) having a wide wavelength band to an arrayed waveguide grating Dividing the light source into the p channels (where p is a natural number equal to or greater than n), combining the n light sources among the light sources divided into the p channels by a beam splitter (BS) optical amplifier, and dividing the output of the RSOA into n noise by passing the output of the RSOA through a second AWG.

According to another aspect of the present invention, there is provided a security-enhanced high-speed communication method including: outputting a light source corresponding to at least two modes based on security data and a multi-mode laser; Distributing the light source to at least two or more paths based on a first WDM filter, modulating a signal transmitted from the first WDM filter based on the signal modulator, transmitting the optical signal based on the signal demodulator, , Canceling out the noise contained in the separate mode of demodulated signals based on the second WDM filter, and obtaining the secure data.

In an embodiment, the step of outputting a light source corresponding to at least two or more modes based on security data and a multimode laser may include injecting an output of an amplified spontaneous emission (ASE) into the multimode laser, And suppressing the noise present in the mode.

According to another aspect of the present invention, there is provided a security-enhanced high-speed communication method including the steps of: dividing security data into at least two transmission signals; Wherein at least two or more than two transmission signals into which at least two or more noises are injected are transmitted to the receiver through a plurality of different paths, and at least two of the at least two noise- And acquiring the secure data based on the transmitted signal.

In an embodiment, the sum of the at least two noises is zero, and the receiver can cancel the at least two noises to obtain the security data.

According to another aspect of the present invention, there is provided a security-enhanced high-speed communication method in which a first communication user transmits a noise-compensated signal of a plurality of complementary noises through a single path, 2 communication user and storing the rest of the plurality of noises through another path, the second communication user modulates the received signal to generate a transmission signal, and transmits the transmission signal through the single path To the first communication user and obtaining the transmission signal based on the modulated signal and the stored residual noise that the first communication user has returned from the second communication user.

In an embodiment, the step of acquiring the transmission signal based on the modulated signal and the stored residual noise that the first communication user has returned from the second communication user may include receiving the transmission signal from the first communication user, And summing the modulated signal received from the receiver and the stored residual noise to cancel the complementary plurality of noise and obtaining the transmission signal.

In an embodiment, the first communication user and the second communication user may secretly share encryption keys used for modulating and demodulating signals.

In an embodiment, the length of the other path may be twice the length of the single path.

According to another aspect of the present invention, there is provided a security-enhanced high-speed communication method in which a first communication user or a second communication user communicates with a first communication user or a second communication user based on at least two signal transmitters and source noises, Modulating a signal to a source, each of the first communication user or a second communication user transmitting the modulated signal to another user via at least one or more paths, and the first communication user or the second communication user Suppressing a noise included in the received signal and compensating for a distortion of a signal, wherein the at least one path includes at least one of an optical communication line, a wireless communication channel, and a wired communication channel in which bidirectional communication is implemented . ≪ / RTI >

The effect of the high-speed communication method and system with improved security according to the present invention will be described as follows.

According to the embodiment of the present invention, unlike the security system which depends on the computational complexity, an absolute security system that blocks the possibility of eavesdropping by utilizing the physical characteristics inherent in the channel can be constructed.

In addition, according to at least one embodiment of the present invention, the cryptographic key generation rate can be increased to the transmission rate of information since it is not based on a single photon source.

Further, according to at least one of the embodiments of the present invention, it can be applied to or used in various communication channels including various technologies of existing optical communication, so that economical efficiency and compatibility can be increased.

1 is a diagram showing a system capable of detecting the presence of an eavesdropper with high sensitivity.
2 is a diagram showing a known OTDR (optical time domain reflectometer).
3 is a diagram illustrating a high-sensitivity OTDR included in an embodiment of the present invention.
4 is a diagram specifically illustrating an operation method of a high-sensitivity OTDR included in an embodiment of the present invention.
5 is a diagram specifically illustrating a high-sensitivity OTDR included in an embodiment of the present invention.
6 is a diagram illustrating a method of making it difficult to eavesdrop using a communication algorithm included in an embodiment of the present invention.
7 is a diagram illustrating a method for physically preventing eavesdropping using source noise included in an embodiment of the present invention.
8 is a diagram illustrating an example of generating complementary noise included in an embodiment of the present invention.
FIG. 9 is a diagram showing an example of generating the complementary noise of FIG. 8 as an actual experiment.
Figs. 10 and 11 are diagrams showing states before and after being applied to the RSOA explained with reference to Fig. 9. Fig.
12 is a diagram illustrating a result of calculating a maximum channel capacity of a target receiver and an eavesdropper based on noise according to an embodiment of the present invention.
13 is a diagram illustrating an example in which a multi-path security system according to an embodiment of the present invention is applied to optical communication.
14 is a diagram illustrating an example in which a multipath security system using noise is applied according to an embodiment of the present invention.
15 is a diagram illustrating an example in which a single path security system using noise according to an embodiment of the present invention is applied.
16 is a diagram illustrating an example of a bi-directional multipath security system according to an embodiment of the present invention.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings, wherein like reference numerals are used to designate identical or similar elements, and redundant description thereof will be omitted. The suffix "module" and " part "for the components used in the following description are given or mixed in consideration of ease of specification, and do not have their own meaning or role. In the following description of the embodiments of the present invention, a detailed description of related arts will be omitted when it is determined that the gist of the embodiments disclosed herein may be blurred. It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory and are intended to provide further explanation of the invention as claimed. , ≪ / RTI > equivalents, and alternatives.

Terms including ordinals, such as first, second, etc., may be used to describe various elements, but the elements are not limited to these terms. The terms are used only for the purpose of distinguishing one component from another.

It is to be understood that when an element is referred to as being "connected" or "connected" to another element, it may be directly connected or connected to the other element, . On the other hand, when an element is referred to as being "directly connected" or "directly connected" to another element, it should be understood that there are no other elements in between.

The singular expressions include plural expressions unless the context clearly dictates otherwise.

In the present application, the terms "comprises", "having", and the like are used to specify that a feature, a number, a step, an operation, an element, a component, But do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, or combinations thereof.

Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. It will be apparent to those skilled in the art that the present invention may be embodied in other specific forms without departing from the spirit or essential characteristics thereof.

The embodiment proposed in the present invention is a system for limiting the amount of information acquired by an eavesdropper by sensitively detecting a leak of a signal, a system for limiting the amount of information acquired by a single eavesdropper through bidirectional communication on a single communication line, It is possible to minimize the possibility of eavesdropping by combining at least one or two of three concepts according to the complexity of the path and the source noise of a multiple-input multiple-output (MIMO) system, Can be enhanced.

1 is a diagram showing a system capable of detecting the presence of an eavesdropper with high sensitivity.

Referring to FIG. 1, after a pulse of light is injected into an optical communication line, a part of the light injected by the pulse can be reflected by interaction with particles of the optical line in the optical communication line. Here, the reflected light can be returned to the transmitting end (rayleigh scattering), and the amount of the returned light can be observed over time, so that leakage of the optical signal at a specific point can be confirmed. A more detailed description will be given with reference to FIG.

2 is a diagram showing a known OTDR (optical time domain reflectometer).

2, the OTDR includes a light source 201, a coupler 202, a photodetector 203, a delay line 204, a circulator 205, an optical communication line 206, an optical receiver 208, 209), and the like.

First, a light source 201 may inject light into the optical communication line 206 in the form of pulses.

The coupler 202 divides the optical pulse output from the light source 201 into at least two paths, transfers one of the divided optical pulses to the optical communication line 206, To the detector (203).

The photodetector (PD) 203 receives the optical pulse transmitted from the coupler 202 and allows the user to confirm when the optical pulse is injected into the optical communication line 206.

The delay line 204 is used to confirm when the optical pulse is injected into the optical communication line 206 through the optical detector 203 and to detect the optical signal reflected from the optical communication line 206, Lt; RTI ID = 0.0 > 208 < / RTI >

The circulator 205 is a device for controlling the path of the optical pulse and transmits the optical pulse divided by the coupler 202 to the optical communication line 206 and the optical signal reflected back from the optical communication line 206 To the photodetector (208).

An optical fiber (optical fiber) 206 is a path through which an optical signal is transmitted, and is an object to be monitored by the OTDR system. Here, the optical communication line 206 may include an impurity or defect (impurity) 207 in the optical communication fiber (communication line).

A photodetector 208 detects the optical signal reflected by the optical communication line 206 and transmits the sensed result to the controller 209.

The controller 209 can analyze the state of the optical communication line 206, that is, the leakage of the signal, based on the result detected by the optical detector 208.

3 is a diagram illustrating a high-sensitivity OTDR included in an embodiment of the present invention. Here, n represents a refractive index, which is an element that determines the speed of light travel in the medium. N0 represents the refractive index of the optical fiber that changes in proportion to the intensity of light in a nonlinear manner, I represents the rate of change of the refractive index of the optical fiber (optical communication line), n0 represents the refractive index of the optical fiber Represents the intensity of the pulse.

When a very strong optical pulse of a few mW or more passes through the optical fiber 301, the refractive index of the optical fiber 301 at the point where the optical pulse 302 exists is temporally changed according to the formula shown in the lower part of Fig. Change. Specifically, when a strong optical pulse 302 of several mW or more passes through the optical fiber 301, the refractive index increases. When the light passes through the medium, the reflection of light increases at a point where the value of the refractive index changes momentarily.

4 is a diagram specifically illustrating an operation method of a high-sensitivity OTDR included in an embodiment of the present invention.

4, a fiber core 401 is a path through which optical pulses 402, 403, 404, and 405 pass, and a strong optical pulse 402 is a path through which the optical fiber 401, The intensity of the light is sufficiently strong enough to increase the refractive index of the light. The weak light pulse 403 is a light pulse whose intensity is weaker than the strong light pulse 402, and is faster than the strong light pulse 402.

The strong optical pulse reflected wave 404 represents an optical signal in which a part of the strong optical pulse 402 interacts with the optical fiber 401 and returns to the transmitting end after being reflected, The reflected wave 405 represents an optical signal in which a part of the weak optical pulse 403 is reflected and returned to the transmitting end.

More specifically, the OTDR included in the present invention will be described by transmitting an optical pulse 402 strong enough to affect the refractive index of the optical fiber before the weaker optical pulse 403, followed by a strong optical pulse 402 Followed by a weaker light pulse 403. In this case the weak optical pulse 403 follows the strong optical pulse 402 because the strong optical pulse 402 is slower than the weak optical pulse 403, Since the refractive index increases as described above, the weak light pulse 403 arriving at the point, that is, the weak light pulse 403 at the moment of catching the strong light pulse 402, easily occurs. Since the optical signal generated in this way and returned to the transmitting end is generally larger than the optical signal reflected back to the transmitting end, an embodiment of the present invention can detect the physical change of the corresponding channel more sensitively.

In the case of the known OTDR, once the communication line is confirmed, only one strong optical pulse is injected into the optical fiber. A part of the optical pulse is reflected by the interaction with the optical fiber and returns to the transmitting end injecting the optical pulse. The pulse power of the returned optical signal is only about 0.001%.

However, in the OTDR according to an embodiment of the present invention, a point where the refractive index increases due to the strong optical pulse 402 occurs, and a weak optical pulse 403 following the strong optical pulse 402 at the point So that it can be largely reflected. Since the reflectance at this time is higher than that of the known OTDR, the amount of the returned optical signal is further increased. Through the optical signal thus returned, the OTDR included in the embodiment of the present invention can prevent the signal leakage The state can be sensitively detected.

5 is a diagram specifically illustrating a high-sensitivity OTDR included in an embodiment of the present invention.

5, the high-sensitivity OTDR includes a first light source 501, a coupler 502, a photodetector 503, delay lines 504a, 504b and 504c, a first circulator 505, a second light source 506 A second circulator 507, a wavelength division multiplexing filter 508, an optical communication line 512, optical receivers 514a and 514b, and a control unit 515, and the like.

First, the first light source 501 may inject light into the optical communication line 512 in the form of pulses. The first light source 501 can output a stronger optical pulse 509 than the second light source 506. [

The coupler 502 divides the optical pulse output from the first light source 501 into at least two paths and outputs one optical pulse of the divided optical pulses to the optical communication line 512 through the first circulator 505, And transmit the remaining optical pulses to the photodetector 503.

The photodetector 503 receives the optical pulse transmitted from the coupler 502 and can confirm the time when the optical pulse is injected into the optical communication line 512.

The delay line 504 confirms when the optical pulse is injected into the optical communication line 512 through the photodetector 503 and outputs a control signal to the second light source 506 and the optical receivers 514a and 514b at an appropriate time To-date.

The first circulator 505 is a device for controlling the path of optical pulses and transmits the optical pulses split by the coupler 502 to the optical communication line 512 via the WDM filter 508 and the WDM filter 508, To the optical receiver 514a.

The second light source 506 may output a weak light pulse 510 in response to a control signal transmitted from the delay line 504b and the weak light pulse 510 output from the second light source 506 may output a weak light pulse 510, Is a pulse following the strong optical pulse 509 output from the light source 501 and has a faster moving speed than the strong optical pulse 509. [

The second circulator 507 transmits the weak optical pulse 510 output from the second light source 506 to the optical communication line 512 via the WDM filter 508 and outputs the optical signal 510 transmitted from the WDM filter 508 To the optical receiver 514b.

The WDM filter 508 may divide the light into different paths according to the wavelength of the light, or may combine the lights of various wavelengths into one path. Here, the WDM filter 508 receives optical pulses of different wavelengths from the first circulator 505 and the second circulator 507, and transmits the optical pulses to the optical communication line 512. Each of the optical signals of different wavelengths reflected from the optical communication line 512 can be transmitted to the first circulator 505 and the second circulator 507.

The strong optical pulse 509 is an optical pulse output by the first light source 501, and temporarily changes the refractive index of the optical communication line 512 in the region where the strong optical pulse 509 is present because the intensity of the pulse is strong. As a result, the refractive index of the point at which the weak light pulse 510 catches the strong light pulse 509 is increased, and the probability that the light pulse is reflected in the opposite direction of the traveling direction due to the increased refractive index also increases do.

The weak light pulse 510 is a light pulse output by the second light source 506 and then reflected (510a) on the optical communication line 512 and returned to the transmitting end.

The reflected wave 509a of the strong optical pulse 509 is transmitted to the optical receiver 514a through the WDM filter 508 and the first circulator 505 and the reflected wave 510a of the weak optical pulse 510 is transmitted through the WDM filter 510a, May be transmitted to the optical receiver 514b via the first circulator 508 and the second circulator 507.

The optical communication line 512 is an object to be monitored by the OTDR system as a path through which optical signals are transmitted. Here, the optical communication line 512 may include impurities or defects 513 in the optical fiber (communication line).

The optical receivers 514a, 514b, and APD sense the optical signal reflected by the optical communication line 512 and return the sensed result to the controller 515. [

The control unit 515 can analyze or predict the state of the optical communication line 512, that is, the leak of the signal, based on the result detected by the optical receivers 514a and 514b. 5, the state of the optical communication line 512 can be detected more sensitively and accurately since the amount of reflected and returned light is large.

6 is a diagram illustrating a method of making it difficult to eavesdrop using a communication algorithm included in an embodiment of the present invention.

FIG. 6 illustrates bidirectional communication. In the conventional unidirectional communication, the channel capacity of the sender (alice) and the eavesdropper (eve) may frequently be higher than the channel capacity of the sender (alice) and the receiver (bob). This is because the distance between the sender (alice) and the eavesdropper (eve) is smaller than the distance between the sender (alice) and the eavesdropper (eve) And may be shorter than the distance between the receivers bob. In the conventional unidirectional communication, the key generation rate that guarantees perfect security can be lowered according to the information theoretical approach of the wyner described above, and the probability of successful eavesdropping of the eavesdropper can be increased.

Thus, an embodiment of the present invention uses an algorithm (K1 + K2) to generate cryptographic key 640 using bi-directional communication. Accordingly, an eavesdropper who wishes to eavesdrop on the two-way communication included in the present invention must tap both directions indispensably to obtain algorithms 611, 621 and cryptographic key 640. [

The best position for performing the eavesdropping in the context of a single eavesdropper who wishes to eavesdraw the two-way communication is the intermediate location of the communication users (the first communication user 610 and the second communication user 620). This is because it is advantageous for the eavesdropper to hide himself from the transmitting terminal, assuming that the communication users 610 and 620 are monitoring eavesdroppers.

In this case, the position of the eavesdropper is farther away from the sender than the unidirectional communication, and the channel capacity between the communication users 610 and 620 is greater than the channel between the sender 610 and the eavesdropper Capacity. Accordingly, the channel capacity of the eavesdropper (eve) is limited as compared with unidirectional communication.

7 is a diagram illustrating a method for physically preventing eavesdropping using source noise included in an embodiment of the present invention.

7 shows a method of transmitting at least two transmission signals to which at least two pure random noise signals are applied through the multipaths 731, 732 and 73m. To implement this scheme, a complementary noise generator 712 may be used in the high-speed communication method and system according to the present invention. Here, the complementary noise generator 712 refers to a device in which the total sum of at least two or more generated noises is zero. That is, the complementary noise generator 712 can generate m noise, and the sum of the m noise is zero.

The present invention can inject such m noises into a plurality of transmission signals transmitted to m different paths 731, 732, and 73m. In this case, the channel capacity of each channel injected with noise is reduced due to noise, which makes single tapping difficult. On the other hand, a receiver receiving a plurality of transmission signals injected with noises receives signals for all m paths and adds them together, so that the noise is canceled and the original signal (random key K) So that it can be effectively received. However, since it is difficult for the eavesdropper to receive all of the plurality of transmitted signals injected with noises, the security of the communication system to which the high-speed communication method and system according to the present invention is applied is completely guaranteed .

8 is a diagram illustrating an example of generating complementary noise included in an embodiment of the present invention.

Referring to FIG. 8, an output of a broadening light source (BLS) 801 having a relatively wide wavelength band is passed through an arrayed waveguide grating (AWG) 802 so that a light source is distributed to each channel of the AWG 802 do.

Here, the light sources distributed to the respective channels have a large noise due to the beating noise. A part of the sources having a large noise level is coupled to a BS (beam splitter) 803 and injected into a reflective semiconductor optical amplifier (RSOA) 804 .

Using the strong Gain Saturation of RSOA, the magnitude of the noise included in each channel does not change much. On the other hand, the sum of the total intensities is very small. That is, complementary noises (? 1,? 2,? 3,? 4) are formed as shown in FIG.

On the other hand, the BLS 801 described above can be replaced with another light source such as an F-P LD. The AWG 802 may be any optical component that distributes the optical filter or beam. In addition, the position of each Component is not limited to the position shown in Fig. 8, and can be changed according to the situation. The number of the light sources shown in Fig. 8 is four, but this is for convenience of description and can be changed.

FIG. 9 is a diagram showing an example of generating the complementary noise of FIG. 8 as an actual experiment.

8, only two modes out of the outputs of the FP LD 901 oscillating in the multi-mode are separated into the band pass filter 902 and the RSOA 903 is injected into the complementary noises lambda 1 and lambda 2 Can be generated.

Figs. 10 and 11 are diagrams showing states before and after being applied to the RSOA explained with reference to Fig. 9. Fig.

10 shows a result (1003) of two noises 1001 and 1002 before being injected into RSOA and a sum of two noises. Referring to FIG. 10, it can be seen that the noise 1001 and 1002 of each mode are not correlated with each other before the signal is injected into the RSOA, so that the noise 1003 is not significantly reduced even when the two noise are combined.

FIG. 11 shows a result 1103 of two noises 1101 and 1102 and two noises after being injected into the RSOA. Referring to FIG. 11, after being injected into the RSOA, the two noise sources 1101 and 1102 have a strong correlation, and it is confirmed that the noise 1103 cancel each other when the two modes are combined. Specifically, it can be seen that when the two noise sources 1101 and 1102 are combined 1103, the noise is reduced by about 20 dB from each noise source.

12 is a diagram illustrating a result of calculating a maximum channel capacity of a target receiver and an eavesdropper based on noise according to an embodiment of the present invention.

Referring to FIG. 12, it can be seen that Secure capacity is a maximum of 3.01 bits / symbol based on a single polarization (difference between 1202 and 1201). If you are using all of the two polarizations, the Secure capacity will be up to 6.02 bits / symbol.

13 is a diagram illustrating an example in which a multi-path security system according to an embodiment of the present invention is applied to optical communication.

8, an example in which a multi-path security scheme is applied includes secure data 1301, a multimode laser 1302, an amplified spontaneous emission (ASE) source 1303, a first WDM filter 1302, 1304, a signal modulator 1305, an optical communication line 1306, a signal demodulator 1307, a second WDM filter 1308, and a receiver 1309.

Security data 1301 refers to information that the sender would like to secretly communicate to the recipient or to share with the recipient.

The multi-mode laser 1302 refers to a laser having multiple oscillation modes in a specific wavelength band. Specifically, the multi-mode laser 1302 may include a fabry-perot laser diode.

The ASE source 1303 is a light source that outputs light of a wide wavelength band and can inject the output light into the multimode laser 1302 to suppress noise existing in each mode of the multimode laser 1302.

The first WDM filter 1304 is an optical filter that receives light of a wide wavelength band and distributes the light according to a wavelength, and may include an arrayed waveguide grating (AWG). The first WDM filter 1304 divides the multimode light transmitted from the multimode laser 1302 into a plurality of paths according to wavelengths and distributes the multimode light. Since the individual modes are noisy when the multiple modes are combined, the light of each path divided by the first WDM filter 1304 is split by the first WDM filter 1304, The noise may be more severe.

The signal modulator 1305 may perform a function of modulating the signal transmitted from the first WDM filter 1304 in various forms.

The optical communication line 1306 is a communication line through which a signal to be sent to a receiver by a sender passes, and may include multiple paths as shown in FIG.

The signal demodulator 1307 is a device for demodulating a signal transmitted to a transmitter through an optical communication line 1306. The demodulator 1307 compensates different communication lengths for each path of the optical communication line 1306 in order to remove source noise, And the like can be performed.

The second WDM filter 1308 is an optical device that combines the light beams of different short wavelength bands together so as to move to a single path. Since each of the noise-rich modes is recombined in time, . As a result, the total noise of the signal transmitted to the receiver 1309 is reduced.

The receiver 1309 may be a device that receives optical signals to read information, and a coherent detection method may be used to increase the sensitivity to signals.

The multi-path security system described with reference to FIG. 13 can be applied not only to optical communication lines but also to wired communication and wireless communication channels together.

Specifically, it can be applied to a multipath security system for wire communication and wireless communication, a multipath security system for wireless communication and wireless communication, and a multipath security system for wired communication and wire communication. Here, the wired communication may be an optical communication line, a communication using a copper wire, and the wireless communication may be a cellular phone network and a wifi, and in particular, It can be used for the computation required when generating the encryption key.

Also, in the case of a MIMO communication system using a noise, only one path may be used for a wired network path in a multipath security system, and a beam using an antenna Beam forming may also be useful.

14 is a diagram illustrating an example in which a multipath security system using noise is applied according to an embodiment of the present invention.

Before being transmitted through a signal source, the security information is divided into a plurality of transmission signals 1411 and 1412 through a signal distributor or the like, where at least two or more noise generated in the complementary noise generator 1415 is injected. Each of the plurality of transmission signals to which the noise is injected is transmitted to the receiver through a plurality of different paths 1430.

The receiver 1420 combines a plurality of noise-injected transmission signals received through a plurality of different paths 1430 through a signal combiner 1421 or the like.

Here, since the total sum of at least two or more noises generated in the complementary noise apparatus 1415 is 0, the receiver 1420 can correctly obtain security information to be transmitted by the sender 1410. Here, the laser used as the light source may be a single mode or a multi-mode. And the bandwidth can be narrow enough that communication is not possible if only one path is used, which makes it possible to more fully defend the eavesdropping of the eavesdropper.

14, the transmitting terminal 1410 includes a pure random generator 1415 for generating complementary pure random noise, and at least two or more noises generated therein are transmitted to each of the channels 1411 And 1412, respectively. Here, Channel 1 1411 and Channel 2 1412 are channels to which an arbitrary communication signal is applied, and can encompass all communication channels including optical communication and wireless communication. The modulators 1413 and 1414 may include a first modulator 1413 and a second modulator 1414 provided in respective channels and may use at least two or more noise transmitted from the pure noise generator 1415 It is possible to modulate the signals transmitted from the respective channels 1411 and 1412.

By setting the modulation of the first 1413 and the second 1414 to be opposite to each other, the receiver 1420 can combine the signals of the two channels 1421 to cancel the complementary pure random noise. The received information is transmitted to the receiving end 1420 through a plurality of different paths. The receiving end 1420 combines the information injected with the noise 1421 to cancel the complementary noise, The information to be transmitted is accurately and correctly obtained.

15 is a diagram illustrating an example in which a single path security system using noise according to an embodiment of the present invention is applied.

As shown in FIG. 15, if the first communication user 1510 performs bidirectional communication using one path as shown in FIG. 15, the eavesdropper eve can not effectively intercept the noise because there is no way to cancel the noise do.

15, when a complementary noise mixed signal is generated in the signal source 1511, any one of the signals is transmitted to the second communication line 1530 through the first circulator 1514, And the other signal is transmitted to the first communication line 1513 provided inside the sender 1510. [ That is, only one signal transmitted to the second communication line 1530 is shared by the first communication user 1510 and the second communication user 1520. The second communication user 1520 receiving any one of the complementary noise mixed signals from the first communication user 1510 transmits the signal using the pure random number generator 1522 The first communication user 1510 transmits the modulated signal to the first communication user 1510 and the second communication user 1520 transmits the modulated signal to the first communication user 1510. [ To cancel the noise and to acquire the signal transmitted by the second communication user 1520. [

Here, the signal source 1511 outputs a signal containing complementary noises in order to restrict the eavesdropping of the eavesdropper, and each of the signals including the complementary noises is transmitted to the first communication line 1513 and the second communication line 1530, Lt; / RTI >

g (t) and g-1 (t) are encryption keys that the first communication user 1510 and the second communication user 1520 secretly share with each other to maintain security in modulating and demodulating the signals Can be used.

The first communication line 1513 is internally managed by the first communication user 1510 as a separate path different from the second communication line 1530 connected to the second communication user 1520, The length of the second communication line 1513 should be twice the length of the second communication line 1530.

The first circulator 1514 receives the signal encrypted with g (t) and transfers it to the second communication line 1530 and transmits the signal transmitted through the second communication line 1530 to the controller 1519 Optical device.

The second communication line 1530 is a communication channel through which the first communication user 1510 and the second communication user 1520 share a signal and the control unit 1519 transmits the signal to the second communication line 1530 The length of the first communication line 1513 should be twice the length of the second communication line 1530 in order to remove noise.

The second circulator 1521 transmits the signal transmitted through the second communication line 1530 to the modulator 1523 and transmits the signal modulated by the modulator 1523 to the second communication line 1530 Device.

The pure random number generator 1522 is a device that generates a random number that has no pure correlation and can not predict the pattern. The random random number generator 1522 serves to prevent the pattern from being predicted when the eavesdropper eavesdrops the cipher key.

The modulator 1523 is a device for modulating the signal source transmitted through the second circulator 1521, and the modulation value reflects the random number generated by the pure random number generator 1522.

The control unit 1519 combines the signal transmitted to the first communication line 1513 with the signal transmitted from the second communication user 1520 to the second communication line 1530 to cancel the noise and the second communication user 1520 (For example, a cryptographic key) modulated by the modulator 1523 through the modulator 1523. [

16 is a diagram illustrating an example of a bi-directional multi-path security system according to an embodiment of the present invention.

16, an example of a bi-directional multipath security scheme includes source noise 1611, 1621, an equalizer 1612, a signal receiver, and a processor 1613, 1623, Rx and processor. Signal transmitters 1614, 1624, Tx and multiple channels 1630, and the like.

The source noise 1611, 1621 may be a signal source that generates a noise mixed signal and transmits it to the transmitters 1614, 1624.

Equalizers 1612 and 1622 may be used to suppress noise before receiving the signal received from the other party and before the signal receiver and processors 1613 and 1623 receive the signal and to physically compensate for distortions in the signal generated as it passes through multiple channels 1630 Role.

The signal receiver and processors 1613 and 1623 can be devices that receive signals from the equalizers 1612 and 1622 and process the received signals.

Each of the transmitters 1614 and 1624 may be a device for modulating a signal mixed with noise transmitted from the source noises 1611 and 1621 and transmitting the modulated signal to the multiple channels 1630.

The multiple channels 1630 are communication lines through which the first communication user 1610 and the second communication user 1620 exchange signals, and may be various optical communication lines as well as various wireless communication and wired communication channels.

Here, each of the channels included in the multiple channels 1630 makes it difficult to distinguish the signals and enables bidirectional communication to be realized. If a single eavesdropper's attack, which is one eavesdropper (eve), can not distinguish a proper signal due to a mixed signal, as described above, the eavesdropper can intercept the signal on all channels of multiple channels Should be.

16, the multiple channels 1630 are shown as two paths, but the present invention is not limited to this, and the multiple channels 1630 may include at least one path. 16, two transmitters 1614 and 1624 are shown to be included in an individual communication user, but this is for convenience of description, and the present invention may include at least two or more transmitters 1614 and 1624.

In addition, since each channel included in a multi-channel performs bidirectional communication, it is easy to eavesdrop on a channel close to the sender because the channel capacity increases, so that at least two eavesdroppers per each channel can tap You should try. In other words, in the case of FIG. 16, at least four eavesdroppers try to eavesdrop, but the eavesdroppers are forced to hide their existence from the security system.

As described above, the high-speed communication method and system with improved security according to the present invention can be applied to different communication networks, and it is possible to implement eavesdropping of an eaves by implementing each communication network in different routes. For example, if a first path included in a communication network is implemented as a cellular network, a second path is implemented as an optical communication network, a third path is implemented as a Wi-Fi network, eve's eavesdropping becomes more difficult and the security of the network can be more complete.

As a result, the security-enhanced high-speed communication method and system according to the present invention can prevent the possibility of eavesdropping by utilizing the physical characteristics inherent in the channel, increase the encryption key generation rate to the transmission rate of information, It can be applied or used in various communication channels including various technologies.

The foregoing detailed description should not be construed in any way as being restrictive and should be considered illustrative. The scope of the present invention should be determined by rational interpretation of the appended claims, and all changes within the scope of equivalents of the present invention are included in the scope of the present invention.

Claims (2)

A high-speed communication method with improved security, which is performed by a transmitter and a receiver,
The transmitter comprising:
Outputting a light source corresponding to at least two modes;
Distributing the light source through at least two paths through a first WDM filter (Wavelength Division Multiplexing filter); And
Modulating a signal transmitted from the first WDM filter,
The receiver comprising:
Demodulating a signal transmitted through an optical communication line;
Summing and canceling the noise included in the individual modes of the demodulated signals; And
And obtaining security data from the noise canceled signal.
The method according to claim 1,
Wherein the step of outputting the light source corresponding to the at least two modes comprises:
Wherein an output of an amplified spontaneous emission (ASE) is injected into the multi-mode laser.

Images