WO2010033286A1 - Systeme et procede destines a ameliorer la resistance de securite de couches photoniques a multiplexage optique a repartition par codes a des attaques d'archivage - Google Patents

Systeme et procede destines a ameliorer la resistance de securite de couches photoniques a multiplexage optique a repartition par codes a des attaques d'archivage Download PDF

Info

Publication number
WO2010033286A1
WO2010033286A1 PCT/US2009/048877 US2009048877W WO2010033286A1 WO 2010033286 A1 WO2010033286 A1 WO 2010033286A1 US 2009048877 W US2009048877 W US 2009048877W WO 2010033286 A1 WO2010033286 A1 WO 2010033286A1
Authority
WO
WIPO (PCT)
Prior art keywords
phase
optical
signal
data
spectral
Prior art date
Application number
PCT/US2009/048877
Other languages
English (en)
Inventor
Shahab Etemad
Thomas Banwell
Janet Jackel
Ronald Menendez
Paul Toliver
Original Assignee
Telcordia Technologies, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telcordia Technologies, Inc. filed Critical Telcordia Technologies, Inc.
Priority to CA 2725804 priority Critical patent/CA2725804C/fr
Priority to EP20090814931 priority patent/EP2301170A4/fr
Publication of WO2010033286A1 publication Critical patent/WO2010033286A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B10/00Transmission systems employing electromagnetic waves other than radio-waves, e.g. infrared, visible or ultraviolet light, or employing corpuscular radiation, e.g. quantum communication
    • H04B10/50Transmitters
    • H04B10/501Structural aspects
    • H04B10/503Laser transmitters
    • H04B10/505Laser transmitters using external modulation
    • H04B10/5055Laser transmitters using external modulation using a pre-coder
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04JMULTIPLEX COMMUNICATION
    • H04J14/00Optical multiplex systems
    • H04J14/005Optical Code Multiplex
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04JMULTIPLEX COMMUNICATION
    • H04J14/00Optical multiplex systems
    • H04J14/005Optical Code Multiplex
    • H04J14/007Orthogonal Optical Code Multiplex
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04JMULTIPLEX COMMUNICATION
    • H04J14/00Optical multiplex systems
    • H04J14/02Wavelength-division multiplex systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K1/00Secret communication
    • H04K1/006Secret communication by varying or inverting the phase, at periodic or random intervals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K1/00Secret communication
    • H04K1/04Secret communication by frequency scrambling, i.e. by transposing or inverting parts of the frequency band or by inverting the whole band
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B2201/00Indexing scheme relating to details of transmission systems not covered by a single group of H04B3/00 - H04B13/00
    • H04B2201/69Orthogonal indexing scheme relating to spread spectrum techniques in general
    • H04B2201/707Orthogonal indexing scheme relating to spread spectrum techniques in general relating to direct sequence modulation
    • H04B2201/70715Orthogonal indexing scheme relating to spread spectrum techniques in general relating to direct sequence modulation with application-specific features

Definitions

  • the present invention relates generally to optical networking, and more particularly to a system and method of providing security robustness against archival attacks in an optical CDMA-based photonic layer.
  • CDMA Code Division Multiple Access
  • OCDMA optical CDMA
  • spectral efficiency which is typically low in OCDMA
  • inter-symbol interference and susceptibility to network impairments.
  • DRPA Defense Advanced Research Projects Agency
  • OCDMA networking has attractive features based on the underlying property that connectivity is managed through the use of codes like telephone numbers as compared with wavelength exchange in WDM networks.
  • phase scrambling also called phase masking
  • phase masking phase masking
  • a novel SPE approach to OCDMA is disclosed that is compatible with existing transparent reconfigurable optical networks, has high spectral efficiency, and is minimally affected by transmission impairments.
  • the underlying technologies are based on the generation of stable combs of mode-locked laser (MLL) lines and the ability to access and change their relative phase with a resolution of ⁇ 1 GHz or better.
  • MUI rejection is accomplished in the present invention by adopting an orthogonal set of codes for modifying the relative phases of the MLL lines.
  • the present invention uses a synchronous operation to push the MUI away from the central clock position and an optical time gating suppresses the MUI.
  • the initial experimental results, performed during development of the present invention demonstrated a 12.5% spectral efficiency (0.125 bit/s/Hz) using on-off keying modulation and bulk optics coders.
  • MRR micro-ring resonator
  • DPSK modulation the present invention has demonstrated a 50% spectral efficiency.
  • the present invention as described herein, has further increased the spectral efficiency to 87% with eight tributaries at 10 Gb/s each using FEC and DQPSK modulation technique.
  • An aspect of the present invention includes an optical system for transporting encrypted data.
  • the optical system has a transmitter for transmitting an encrypted signal and a receiver for receiving and decrypting the encrypted signal.
  • the transmitter includes a source for generating a sequence of optical pulses, each optical pulse having a plurality of spectral lines uniformly spaced in frequency with fixed absolute frequency and relative phase; a passive optical splitter for copying the sequence of optical pulses and outputting a plurality of channels, each channel being identical to the sequence of optical pulses; a plurality of data modulators, each associated with a respective channel of the plurality of channels, each data modulator modulating the respective channel using data to generate a modulated data signal; a respective spectral phase encoder coupled to each of the plurality of data modulators, the spectral phase encoder encoding respective modulated data signals using a plurality of mutually orthogonal phase codes that are individually associated with the respective spectral phase encoder; an optical combiner for combining the encoded data signals; and a spectral phase scrambler for code-scrambling the combined data signals using a scramble code as an encryption key to generate the encrypted signal.
  • the receiver includes a spectral phase descrambler for descramb ⁇ ing the encrypted signal signals using the scramble code as a key to generate a descrambled data signal; a plurality of spectral phase decoders for applying an inverse of the phase codes to the descrambled data signal to generate a decoded signal, each spectral phase decoder being a conjugate match to one of the respective spectral phase encoder; a respective optical time gate coupled to each of the plurality of spectral phase decoders, for time gating the decoded signal to isolate a desired data signal; and a demodulator coupled to the optical time gate for detecting and demodulating the desired data signal to retrieve the data.
  • Another aspect of the present invention is a method for transporting encrypted optical data.
  • the method includes the steps of generating a sequence of optical pulses, each optical pulse having a plurality of spectral lines uniformly spaced in frequency with fixed absolute frequency and relative phase; copying the sequence of optical pulses and outputting a plurality of channels, each respective channel being identical to the sequence of optical pulses; modulating the respective channel using data to generate modulated data signals; encoding respective modulated data signals using a plurality of mutually orthogonal phase codes to generate a plurality of encoded data signals; and combining the plurality of encoded data signals; code-scrambling the combined plurality of encoded data signals using a scramble code as an encryption key to generate an encrypted signal,
  • FIG. 1 illustrates a flow diagram of the process for performing signal encoding in accordance with an embodiment of the present invention
  • FIG. 2 illustrates a flow diagram of the process for performing signal decoding in accordance with an embodiment of the present invention
  • FIG. 3 illustrates a block representation of a micro-ring resonators (MRR) based coder in accordance with an embodiment of the present invention
  • FIG. 4a illustrates a matrix representation of Hadamard-8 orthogonal codes in accordance with an embodiment of the present invention
  • FIG. 4b illustrates a transmission spectrum of a coder after applying the Haddamarcl-8 codes shown in FIG. 4a;
  • FIG. 5 illustrates a block representation of a network system in accordance with an embodiment of the present invention
  • FIG. 6 illustrates representative signals during three stages of an embodiment of the present invention
  • FIG. 7 illustrates a block representation of another encoding/decoding system in accordance with an embodiment of the present invention.
  • Coding and decoding are based on modifying the relative spectral phases of a set of well- defined phase-locked optical frequencies that are the output of a mode-locked laser.
  • An embodiment of the present invention uses 8 or 16 equally spaced phase- locked laser lines confined to an 80-GHz window depending on the data rate for individual channels. Within the scope of the present invention, this 80-GHz window is considered to comprise 8 or 16 frequency bins, each bin being phase encode using a coder based on an ultrahigh resolution optical de-multiplexer.
  • the present invention Compared with the prior art SPE work that had used the very broad optical bandwidth of an ultra-short pulse source, the present invention has the advantage of coding individual frequency lines occupying a small tunable window.
  • the narrower spectral extent of the coded signal in an embodiment of the present invention also limits the impact of transmission impairments, such as dispersion, and results in compatibility of the present invention with transparent WDM optical networks.
  • the encoding process of an embodiment of the present invention begins with generation of a train of short pulses using return-to-zero (RZ) line coding in step 101.
  • the spectral content of the pulse train includes a stable comb of closely spaced phase-locked frequencies generated by a mode-locked laser (MLL), and have a frequency spacing equal to the MLL pulse repetition rate.
  • MLL mode-locked laser
  • An example of an appropriate MLL for use in the present embodiment is a harmonic MLL commercially available from Calmar Opticom that has been modified to include a thermally stable Fabry-Perrot filter inside the cavity.
  • the comb stability has been reduced substantially to approximately 10 MHz over the duration of data taking.
  • the MLL, as described can be limited to a 80 GHz total spectral width using an optical band pass filter, and can be positioned spectrally within any desired WDM window by tuning the optical filter, or the coder.
  • the phase-locked addition of these frequencies generates a pulse train with a pulse width of 12.5 ps, inversely proportional to the 80-GHz spectral width of the window. These pulses can subsequently be modulated to carry data.
  • the pulse train is passively split into a plurality of channels in step 103.
  • Each of the channels is an identical copy of the pulse train and of each other.
  • each channel is separately and simultaneously modulated to embed data therein.
  • each channel is spectral phase encoded in step 107.
  • the phase can be shifted by either 0 or ⁇ , as prescribed by the binary code selection in step 109.
  • the selected binary codes are converted to phase codes in step 111, for example binary 0 is converted to phase angle 0 and binary 1 is converted to phase angle ⁇ .
  • the phase shifted channels are then temporally synchronized and passively combined to produce a coded signal in step 113.
  • the coded signal generated in step 113 is scrambled using a spectral phase scrambler in step 115.
  • the spectral phase scrambler applies a scramble code to the coded signal.
  • the scramble code is generated in step 117 where a random phase setting is applied to phase codes.
  • the signals are ready for transmission outside of a secured area in step 119.
  • the process shown in FIG. 1 is performed simultaneously on all the channels. Each channel using an individual phase code for SPE and an individual scrambler code.
  • each OCDMA code of the present invention is defined by a unique choice of spectral phase shifts.
  • the set of codes are defined to make efficient use of the spectrum within a given window, and which can be separated from each other with acceptable error rates, even when a maximum number of codes occupy the window.
  • Hadamard codes are orthogonal and binary.
  • use of Hadamard codes within the present invention is intended for illustrative purposes only, and the present invention should not be construed as limited to only these codes.
  • Binary Hadamard codes are converted to phase codes by assigning to +1 's and -1 's phase shifts of 0 and ⁇ , respectively. This choice is based on the goal of achieving high spectral efficiency with minimal multichannel interference (MUI).
  • MUI multichannel interference
  • the process in the present embodiment offers true optical orthogonality, in the sense that MUI is zero at the time that the decoded signal is at a maximum.
  • the number of orthogonal codes is equal to the number of frequency bins; and if all codes were used, high spectral efficiency is possible.
  • the initial comb of frequencies produced by the MLL is spectrally broadened by the spectral content of the modulating data.
  • Encoding the data-modulated signal then consists of applying the phase shift associated with a frequency to the entire bin.
  • the output of the phase encoder is then a signal obtained by summing the phase-shifted frequency components of the modulated signal, or equivalently, by convolving the modulated optical signal at the input of the phase encoder with the inverse Fourier transform of the phase code.
  • Decoding using an incorrect decoder results in a temporal pattern that again has zero optical power at the center of the bit period and the majority of the energy for that pulse is pushed outside the time interval where the desired pulse lies.
  • the desired decoded signal can then be separated from all other channel signals by appropriate optical time gating.
  • Simulations indicate that for four simultaneous channels transmitting at 2.5 Gb/s and using a suitably chosen set of four codes among the set of 16 Hadamard codes of length 16, up to 15 ps of relative delay can be tolerated with a power penalty within 1 dB at a BER of 10-9. Better resiliency to asynchronism maybe achieved by using multiphase codes.
  • FIG. 2 shows the general steps involved for decoding a signal received from the encoding method shown in FIG. 1.
  • a scrambled signal is received in step 201.
  • the signal is descrambled using a spectral phase descrambler.
  • the spectral phase descrambler selects a scramble code in step 205 that is the compliment of the code used to scramble the original signal in step 115 of FIG. 1.
  • the scramble code can be considered a private key analogue, similar to private keys known in the art of digital data encryption.
  • the descrambled signal is decoded in step 207 using a spectral phase decoder that applies a compliment of the phase codes used in the encoding process (step 107 of FIG. 1).
  • the phase codes used in step 207 are dependent on the decoder selected in 209.
  • the signal is then passed through an optical time gating device in step 211 in order to isolate the decoded signal from all the other signals.
  • the decoded signal corresponds to one of the channels discussed above, thus in step 213 the decoded channel is detected and demodulated to extract the embedded data. At this point the extracted data is ready for output in step 215.
  • FIG. 3 shows the optical circuit for the MRR-based coder 300 used in an embodiment of the present invention.
  • the coder 300 consists of a number of stacks 308 of 4 rings 306. Each stack 308 is, in turn, coupled to an input bus 302 and an output bus 304.
  • Each stack 308 can be tuned thermally to any one of the MLL lines and their arrangement ensures that all lines experience the same optical path length.
  • Phase shifters 310 based on thermal expansion are placed between the stacks 308. These phase shifters 310 change the optical paths encountered by different wavelengths, thus altering the phase of the wavelength.
  • FIG. 4a shows a matrix representation of Hadamard-8 orthogonal codes.
  • the 0 and ⁇ phase shifts are represented by +1 and -1, respectively.
  • Each row (or column) represents a code that is orthogonal to every other row (or column).
  • FIG. 4b shows the transmission spectrum of a coder when it is set to code 2 of the Haddamard-8 set of codes, with ⁇ phase shifts between neighboring frequency bins as shown in the inset.
  • the low fiber-to-fiber insertion loss of ⁇ 4dB is mostly attributable to the coupling to input-output fibers.
  • the flattop and sharp drop at the bin edges are the result of the high quality of the MRR.
  • FIG. 5 shows system architecture 500 of an embodiment of the present invention.
  • the RZ pulsed output of the MLL 502 is shared by all channels each with its own data modulator 504 followed by its respective Spectral Phase Encoder (SPE) 506.
  • SPE Spectral Phase Encoder
  • the SPE 506 spreads the pulse energy from the center of the bit interval.
  • a delay line ensures that all channel signals enter the fiber combiner 508 in synchrony.
  • the combined signal Prior to exiting the secure area, the combined signal passes through a spectral phase scrambler 508a, which scrambles the combined code using a private key (i.e., scramble codes), thus providing a further layer of encryption to the transmission.
  • a spectral phase scrambler 508a which scrambles the combined code using a private key (i.e., scramble codes), thus providing a further layer of encryption to the transmission.
  • the now encrypted signal is received by a spectral phase descrambler 509a.
  • the spectral phase descrambler applies the private key to the scrambled signal, thus descrambling the signal.
  • the descrambled signal is multiplexed at an optical multiplexer 509 (such as a beamsplitter).
  • Each of the signal copies is processed by a spectral phase decoder (SPD) 510.
  • SPD spectral phase decoder
  • the SPD reassembles the pulse at the center using an orthogonal set of codes to minimize the energy from other channel signals in the sampling window.
  • Use of the orthogonal codes coupled with time gating provided by the Optical Time Gate (OTG) 512 suppresses multi-channel interference.
  • the OTG 512 isolates the decoded signal form the remaining signals in the signal copy.
  • a detection and modulation unit 514 extracts the data embodied in the signal.
  • FIG. 6 shows the combination of four encoded signals in the plot referenced as 602, and a decoded signal in the presence of three other codes (channel signals) is shown before gating in the plot referenced as 604.
  • an area referenced as 606 shows a region of low error. This area is termed an eye, thus in the pre-gating plot 604, the eye is beginning to open (become discernable).
  • the optical power associated with the interfering channel signals is present but is displaced in time from the decoded data, as seen in the post-gating plot 608.
  • the eye 606 is significantly more defined, thus after the gating process, the decoded signal is easily separable from the interfering channel signals.
  • the present invention uses optical time-gating provided by, for example, an semiconductor optical amplifier (SOA)- based Terahertz optical asymmetric de-multiplexer (TOAD).
  • SOA semiconductor optical amplifier
  • TOAD Terahertz optical asymmetric de-multiplexer
  • Emerging networks that are optically transparent can, in principle, allow for a variety of signal types, modulation formats, and bit rates to be transported over a common infrastructure.
  • the present invention provides compatibility with conventional WDM networks.
  • the present invention utilizes coherent spectral phase encoding and decoding of a tightly spaced comb of phase-locked wavelengths.
  • the present invention applies a specific spectral phase component to each distinct line of the multi- wavelength comb rather than to multiple lines.
  • the present invention allows for minimization of the spectral width of the OCDMA signal while still allowing for a larger code set, or potentially a greater number of channels. For example, using ultra-fine filtering technology in the embodiments described above, up to 16 distinct spectral phase components can be applied at a 5 GHz granularity. Therefore, the multi-channel composite OCDMA spectrum is confined to approximately 80 GHz, which is compatible with filtering and transmission components commonly used for conventional DWDM systems aligned to either a 100 GHz or 200 GHz ITU grid.
  • a multi-wavelength signal is first generated using a mode locked laser (MLLl) operating at a 5 GHz repetition rate, which produces a comb of phase-locked wavelengths spaced on a 5 GHz grid and spanning over 100 GHz.
  • MLLl mode locked laser
  • a continuous stream of -12.5 ps pulses results in the time domain.
  • MZM independent Mach-Zehnder modulators
  • the encoded signals from the two OCDMA channels (which each occupy the same ⁇ 80 GHz bandwidth) are then passively combined and added to a single WDM channel on the optical network using a reconfigurable optical add/drop multiplexer (ROADM).
  • ROADM reconfigurable optical add/drop multiplexer
  • an additional 6 WDM channels are also added to the network as well as a second primary reference synchronization MLL, which provides a global synchronization reference throughout the network.
  • the composite optical signal is transmitted to a second ROADM over a
  • the conventional WDM channels as well as the OCDMA signals are dropped from the network.
  • the dropped OCDMA signals are clearly difficult to resolve individually due to the encoding process.
  • the OCDMA data signals are then sent to an OCDMA receiver, which consists of a spectral phase decoder and SOA-based interferometric optical time gate (OTG).
  • OTG optical time gate
  • the OTG filters out multichannel interference by temporally extracting only the desired channel using the dropped primary reference laser signal for synchronization. The desired data channel is faithfully recovered.
  • Intra- WDM compatibility of the present invention can be exploited for taking advantage of unused capacity and/or delivering multilevel security in a given WDM window.
  • the OCDMA systems of the present invention described to this point have had the phase -locked comb frequency line contiguous within the DWDM window. However, because of the phase coherence between the comb lines, it is possible to perform phase coding on disjointed comb lines. This possibility allows the present invention to simultaneously transmit multiple OCDMA channels and a conventional OOK channel within the same ITU window.
  • the phase encoded CDMA offers the unique capability of conveying broadband signals over non-contiguous frequency bands, thus allowing the transmission of several OCDMA channels in the unused bandwidth of a single WDM channel where the SONET signal is actually present.
  • the experimental confirmation that spread spectrum signals can be conveyed over disjointed frequency bands demonstrate a truly OCDMA-overlaid WDM system.
  • suitably modified two coder phase masks are used in order to also allow for insertion of an OC-192 SONET signal in the middle of the set of MLL lines.
  • the phase mask is modified in order to allow for: 1) de-multiplexing of 20 MLL lines (a total pass-band of 100 GHz); 2) phase encoding of the first 8 and the last 8 MLL lines using Hadamard codes of length 16; 3) notching of the 4 central MLL lines.
  • the present invention is easily extendable to OCDMA-based photonic layer security and applications that can support where digital encryption is not a possibility.
  • PLS is not always intended to replace the conventional digital encryption, but it can complement and augment it. It can be effectively applied in a "nested encryption" capability that avails itself where needed.
  • PLS may be the only cost-effective means that can provide secure communications for bandwidths in excess of several terabits for applications, such as, multimedia "virtual theaters" and "on-demand grid-based supercomputing”.
  • orthogonal codes are used herein, the maximum number of simultaneous channels is equal to the number of frequency bins.
  • Coders have been constructed for use in the present invention with 16 bins, and can be extend to 32 bins. Consequently, the coders are capable of supporting 16 or 32 codes.
  • the current limitation on the maximum number of frequency bins comes from the ability to remove heat used for phase adjustment and frequency tuning of the micro-ring resonators.
  • N Hadamard codes of order N (H N ) number of possible orthogonal code states so generated is N.
  • An eavesdropper equipped with an adjustable decoder would have to guess only on the order of ⁇ possible code settings in order to tune in on any given transmission. For increased data obscurity/scrambling, it would be desirable if the eavesdropper were required to search through a far larger number of possible codes.
  • a useful technique for increasing the space of code states of a set of orthogonal codes is to apply an orthogonal matrix W M generated from H N by pre-multiplying by a monomial matrix M N of order N (a monomial matrix in a matrix in which there is only one non-zero element in each row and in each column) where the non-zero elements are arbitrarily chosen phase shifts.
  • a monomial matrix M N is a diagonal matrix D N of order N with all of the on- diagonal elements being arbitrarily chosen phase shifts.
  • the general pre- multiplication process is referred to as code-scrambling and the monomial or diagonal multiplier as the scrambling code.
  • Scrambling based on a diagonal matrix is an interesting special case because such scrambling can be implemented in shared physically separate SPE scramblers and descramblers as shown in FIG. 5.
  • the scrambled codes W N themselves must be implemented in the individual phase encoders/decoders as shown in FIG. 7, but monomial scrambling significantly increases the number of scrambler settings.
  • the modified Hadamard codes are produced.
  • Each panel is the simulated temporal intensity variation for two bit periods as might be seen by an eavesdropper.
  • the left panel shows the result of encoding with the original Hadamard-32 codes 6, 7, 9, and 12.
  • the spiky nature of the patterns and their discrete appearance in the time domain would appear to render the codes vulnerable to detection by an eavesdropper.
  • the search space can be made larger if a monomial ma D ⁇ fi s - W i o o o o o o o o o o 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 trix D i o o o o o o a i 1 1 i 1 1 I 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 ⁇ o i o o ⁇ o o 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 is 0 0 0 1 0 0 0 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 ts o o o i o o i
  • Code scrambling is achieved by applying a common random phase setting to the original Hadamard phase codes H ⁇ ,
  • the elements of the scrambler phase settings can have any arbitrary phase shift ( ⁇ ) between [0, 2 ⁇ ].
  • the concept is illustrated in the following matrix: The matrix, above, uses a Hadamard-8 as the scrambling code Av,
  • the scrambled codes W ⁇ are found in the columns of the resulting matrix product, hi this example, a diagonal scrambling code Av was constructed using binary phase shifts 0 and ⁇ only.
  • the [1,-1] elements of the codes are represented in terms of the phase shifts as ei ⁇ , where 1 and -1 indicate phase shifts of zero and ⁇ , respectively. Since the coders can be configured with arbitrary spectral phase settings, they can be used for de/encoding and de/scramblhig operations by applying the appropriate phase codes.
  • the example shown in the above matrix uses only one particular scrambling code out of the possible 2 8 choices, resulting in one realization of orthogonal modified Hadamard codes.
  • the scrambling code can be viewed as the secret key used in conventional secure communications. With the scrambling code hidden from an eavesdropper the possible search space for guessing the code settings becomes exponentially larger than the conventional JV Hadamard codes.
  • the scrambler (descrambler) corresponding to D N can be implemented in a physically separate SPE while the channels continue to use H N for encoding or decoding.
  • the scrambler (descrambler) and encoder (decoder) can be combined and implemented in a single SPE directly using the columns of D N .
  • the D N codes can be implemented directly in each coder unit.
  • the scrambling spreads the energy of the pulse more uniformly over the pulse interval, thus reducing the peak powers.
  • the signal can be descrambled and then decoded to recover the original pulse in the correct time-slot by applying a matched spectral phase code. Conversely, incorrect decoding leaves the energy of the pulse distributed away from the central position at which the correctly decoded signal is at its peak. Effective scrambling for enhanced confidentiality requires multiple codes to operate in parallel.
  • FIG. 7 An embodiment of the present invention is shown in FIG. 7 for demonstrating OCDMA-based PLS. It should be noted that while FIG. 7 shows two paths in both the transmission section and receiver section, in actuality the embodiment shown in FIG. 7 is constructed of any plurality of paths. Therefore, for simplicity the present embodiment will be described from the stand point of two encoding and decoding paths.
  • the output of a 10 GHz MLL 702 is split into two separate paths by a splitter 704. Each path is independently modulated by 5 Gb/s data streams consisting of 2 i5 -l pseudorandom bit sequences (PRBS) in the data modulator 706 to generate two independent OCDMA signals in a single polarization.
  • PRBS pseudorandom bit sequences
  • the modulated signals are then encoded in respective spectral phase encoder/scrambler 708.
  • the two encoded signals are scrambled using a randomly chosen scrambling code, for example [-1, 1, 1, 1, -1, 1, -1, -I].
  • the power of each of the scrambled OCDMA signals is equalized by variable optical attenuators 710, and connected to fiber delay lines 712 for synchronization.
  • the output from the delay lines 712 are then passively combined at a combiner 716.
  • all channels occupy the same 80 GHz (8 frequency bins x 10 GHz) spectral bandwidth, making this system compatible with existing WDM systems.
  • a splitter 720 passively splits the incoming signal into a plurality of identical copies of the incoming signal.
  • a decoder 722 is configured to correctly descramble and decode either of the two OCDMA signals by selecting the corresponding phase code.
  • An optical time gate 724 rejects the multi-channel interference by extracting the desired decoded channel from the remaining incorrectly decoded signals.
  • a detector 726 detects the decoded channel from among the plurality of channels in the signal and demodulates the channel, extracting the data.
  • the encoding (decoding) and the scrambling (descrambling) operations are shown as being performed in a single coder, however, the encoding and scrambling may be implemented in separate devices.
  • Apparatus shown in FIG. 7 can be readily modified in the context of two 5 Gb/s tributaries in each polarization resulting in four 5 Gb/s tributaries of a 20 Gb/s data stream once polarization multiplexed by a polarization beam splitter (not shown).
  • the only additional care is to ensure that the arrival of each tributary in the fiber is within the same bit period using integrated delay lines. Alternatively, such time compensation can be done electronically after the detection of each tributary.
  • Resilience to archival attack arises from the need for an eavesdropper to record the coded data with vastly higher time, amplitude, and optical phase resolution than the authorized user needs to employ. For example, if an eavesdropper attempts to record a scrambled waveform, , for post processing, he would need to measure the optical field of the complex signal, which would need to be recorded in real time with temporal resolution at least 16 times that needed to receive the decoded data and with analog (as opposed to digital) amplitude sampling. The high-speed temporal sampling requires a much higher-bandwidth receiver, which will introduce significantly more noise, corrupting the analog measurement of the signal amplitude.
  • a deployment scenario of the present invention consists of two secure areas within which OCDMA coding would be used for signal routing/addressing purposes. However, before these signals leave the secure areas, they would be scrambled by passing through a shared scrambling stage. At the entrance to the secure area received signals would be collectively de-scrambled and finally decoded by the end user.
  • This architecture satisfies obscurity conditions for practically secure, point-to-point transmission by precluding access to any single code. Specifically, it must be assumed that the groups of codes leaving the secure areas are always sent simultaneously, as would be the case if a large bandwidth signal were being sent as multiple sub-rate data streams on several codes in parallel.
  • Inverse multiplexing can be used to reach 100 GbE.
  • the key aspect of inverse multiplexing is that either all codes (for example four codes) are simultaneously in use or none are; and when the codes are present, they form a self-obscuring group.
  • the role of the scramblers which apply an arbitrarily chosen set of phase shifts to the ensemble of codes, is to present an eavesdropper with a very large search space if he is to guess the phase codes in use. Ideally, the state of the scrambler is updated on a regular basis in synchronized fashion at the two ends of the link.
  • Multilevel security has been used in both military and commercial arenas where over the same transmission medium such as optical fiber, communication channels with different levels of security coexist. For example, in a DWDM network additional security for a given channel is provided by digital electronic encryption. Therefore, secure channels are protected from inadvertent or malicious access to their data.
  • Compatibility with DWDM networks is utilized in the OCDMA scheme of the present invention to provide multilevel security.
  • a use of the OCDMA-based PLS described above is for multilevel security for avionics applications where space, weight, and power (SWaP) are of prime importance.
  • SWaP space, weight, and power
  • dedicated fibers are used in order to provide multilevel security. Recent efforts to standardize WDM networking to limit the excessive use of fiber infrastructure are a welcome improvement.
  • digital encryption has to support designated channels.
  • the OCDMA-based PLS of the present invention is an all-optical means that can readily be incorporated because of the availability and the SWaP figure of merits.
  • a set of AES signals can be transported on an OCDMA system as a means of denying an eavesdropper ready access to the digital cipher text bits and thereby frustrating an archival attack.
  • AES creates an initial state D ⁇ K 0 by computing the XOR sum of the data D and round key Ko.
  • AES then performs three operations on D ⁇ Ko: a non-linear substitution followed by row shift and column mixing. This is repeated for 10 to 14 iterations, depending on key size. Each round requires a key created through key expansion.
  • OCDMA encryption performs analogous operations in a single pass.
  • Each of n data bits modulates a set of m coherent MLL lines. This represents an m-fold expansion of the signal bandwidth, whereas AES operates with essentially the same fixed bandwidth as the plain text signal. The seeming loss in spectral efficiency represented by this expansion is recovered by the ability to transport several differently encoded signals in this same bandwidth.
  • a set of orthogonal signals is created by applying a Hadamard phase mask to each set of modulated MLL lines. State mixing is first accomplished by combining the orthogonal signals, which remain separable via the Hadamard coding.
  • a keyed pseudo-random phase rotation is finally performed on each wavelength of the mixed signal, which creates mixed, but still mutually orthogonal, states that are no-longer separable by a Hadamard phase mask. While separable states can be recovered by a complementary set of keyed phase rotations, further mixing occurs when the phase rotation is improperly corrected by an eavesdropper. Sampling that is the result of time gating constitutes one of the non-linear operations in OCDMA "encryption".
  • the OCDMA system of the present invention is linear in the fields, but ordinarily the intensities have to be measure using a square law detector. Therefore, the measured signal is nonlinear to the injection of coherent noise created by multi-channel interference (MUI) in the gated time interval.
  • MUI multi-channel interference
  • a typical 10 Gb/s ON-OFF modulated optical signal occupying a bandwidth of approximately 20 GHz is partitioned using a spectral phase mask into roughly 128 different bins and a random phase shift is applied to each spectral bin.
  • Each bin has a spectral width on the order of 0.16 GHz (for comparison, in the OCDMA PLS approach of the present invention, the width of the phase bins are on the order 5-10GHz).
  • a conjugate phase mask is applied to restore the signal spectrum to its original state and thereby recover the original digital signal.
  • the high-resolution of the phase mask translates into an optical impulse response that is tens of times longer than the bit interval of the original signal.
  • the phase mask thereby gives rise to considerable inter-symbol interference (ISI), obscuring the original single-channel signal.
  • ISI inter-symbol interference
  • the "secret key” in the Essex approach describes the state of the random phase mask much as the OCDMA system relies on "secret” scrambler spectral phase masks.
  • a difference between the Essex encoder and the OCDMA PLS system of the present invention is that the former operates on a single, modulated optical signal to introduce large ISI on an individual channel whereas the OCDMA system operates on an inverse-multiplexed combination of several orthogonally encoded signals that coherently interfere to obscure one another.
  • the number of bin edges here is far smaller (8-16 versus 128).
  • the pattern of intensity dips can reveal information about the scrambling key.
  • the absence of a dip in one code can cover the dip in another code.
  • the data modulation is designed such that little power is placed near the bin edges of the signal spectrum, further obscuring phase-mask-induced intensity dips. Such tailoring of the data modulation is not possible with the single-channel Essex approach.
  • One of the uniqueness of the Alpha Eta approach is that by limiting the initial transmitter power to appropriate levels and having sufficient number of phase states, the Alpha Eta approach can force the eavesdropper to be in a quantum noise-limited detection regime.
  • Prototypes of Alpha Eta have already been demonstrated at speeds and distances that approach those of interest for real-world systems. For example, in transmission at 622 Mb/s has been demonstrated over distances up to 850 km on the BoSSNET research link, and the experiments have shown some of the requirements that would enable a network to support this format.
  • the described embodiments of the present invention are intended to be illustrative rather than restrictive, and are not intended to represent every embodiment of the present invention. Various modifications and variations can be made without departing from the spirit or scope of the invention as set forth in the following claims both literally and in equivalents recognized in law.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Optics & Photonics (AREA)
  • Electromagnetism (AREA)
  • Optical Communication System (AREA)

Abstract

L'invention concerne un système et un procédé de transport de données cryptées, mettant en oeuvre un émetteur et un récepteur. L'émetteur génère une séquence d'impulsions optiques qui sont copiées et émises sous forme de canaux identiques. Ces canaux identiques sont modulés par une pluralité de modulateurs au moyen de données pour générer un signal de données modulé. Des codeurs de phase spectrale respectifs couplés à la pluralité de modulateurs de données codent des signaux de données modulés respectifs au moyen d'une pluralité de codes de phase mutuellement orthogonaux qui sont associés individuellement à un codeur de phase spectrale respectif. Ces signaux de données codés sont combinés et soumis à un embrouillage de codes par un embrouilleur de phase spectrale mettant en oeuvre un code d'embrouillage sous forme de clé de cryptage pour générer un signal crypté. Un récepteur inverse le cryptage pour extraire les données.
PCT/US2009/048877 2008-06-26 2009-06-26 Systeme et procede destines a ameliorer la resistance de securite de couches photoniques a multiplexage optique a repartition par codes a des attaques d'archivage WO2010033286A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CA 2725804 CA2725804C (fr) 2008-06-26 2009-06-26 Systeme et procede destines a ameliorer la resistance de securite de couches photoniques a multiplexage optique a repartition par codes a des attaques d'archivage
EP20090814931 EP2301170A4 (fr) 2008-06-26 2009-06-26 Systeme et procede destines a ameliorer la resistance de securite de couches photoniques a multiplexage optique a repartition par codes a des attaques d'archivage

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US7597908P 2008-06-26 2008-06-26
US61/075,979 2008-06-26

Publications (1)

Publication Number Publication Date
WO2010033286A1 true WO2010033286A1 (fr) 2010-03-25

Family

ID=42039802

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2009/048877 WO2010033286A1 (fr) 2008-06-26 2009-06-26 Systeme et procede destines a ameliorer la resistance de securite de couches photoniques a multiplexage optique a repartition par codes a des attaques d'archivage

Country Status (3)

Country Link
EP (1) EP2301170A4 (fr)
CA (1) CA2725804C (fr)
WO (1) WO2010033286A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3219034A1 (fr) * 2014-11-10 2017-09-20 British Telecommunications Public Limited Company Réseau de communications
US10637601B2 (en) 2014-11-10 2020-04-28 British Telecommunications Public Limited Company Communications network
WO2021009754A1 (fr) 2019-07-14 2021-01-21 B.G. Negev Technologies And Applications Ltd., At Ben-Gurion University Système de communication optique utilisant un peigne de fréquence à verrouillage de mode et un codage de phase tout optique pour émission cryptée spectrale et temporelle et pour applications de gain de traitement optique

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030072051A1 (en) * 2000-10-16 2003-04-17 Myers Michael H. Orthogonal-code, photonic multiplexing
US20040208602A1 (en) * 2001-12-01 2004-10-21 James Plante Free space optical communications link tolerant of atmospheric interference
US20040208233A1 (en) * 2002-06-06 2004-10-21 Dafesh Philip A. Direct-sequence spread-spectrum optical-frequency-shift-keying code-division-multiple-access communication system
US20060147219A1 (en) * 2003-07-16 2006-07-06 Nippon Telegraph And Telephone Corp. Optical communication system using optical frequency code, optical transmission device and optical reception device thereof, and reflection type optical communication device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030072051A1 (en) * 2000-10-16 2003-04-17 Myers Michael H. Orthogonal-code, photonic multiplexing
US20040208602A1 (en) * 2001-12-01 2004-10-21 James Plante Free space optical communications link tolerant of atmospheric interference
US20040208233A1 (en) * 2002-06-06 2004-10-21 Dafesh Philip A. Direct-sequence spread-spectrum optical-frequency-shift-keying code-division-multiple-access communication system
US20060147219A1 (en) * 2003-07-16 2006-07-06 Nippon Telegraph And Telephone Corp. Optical communication system using optical frequency code, optical transmission device and optical reception device thereof, and reflection type optical communication device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP2301170A4 *

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3219034A1 (fr) * 2014-11-10 2017-09-20 British Telecommunications Public Limited Company Réseau de communications
US10320444B2 (en) 2014-11-10 2019-06-11 British Telecommunications Public Limited Company Communications network
US10637601B2 (en) 2014-11-10 2020-04-28 British Telecommunications Public Limited Company Communications network
EP3219034B1 (fr) * 2014-11-10 2023-12-13 British Telecommunications public limited company Réseaux de communication
WO2021009754A1 (fr) 2019-07-14 2021-01-21 B.G. Negev Technologies And Applications Ltd., At Ben-Gurion University Système de communication optique utilisant un peigne de fréquence à verrouillage de mode et un codage de phase tout optique pour émission cryptée spectrale et temporelle et pour applications de gain de traitement optique
EP3997813A4 (fr) * 2019-07-14 2023-07-26 B.G. Negev Technologies and Applications Ltd., at Ben-Gurion University Système de communication optique utilisant un peigne de fréquence à verrouillage de mode et un codage de phase tout optique pour émission cryptée spectrale et temporelle et pour applications de gain de traitement optique

Also Published As

Publication number Publication date
EP2301170A1 (fr) 2011-03-30
CA2725804C (fr) 2015-02-17
CA2725804A1 (fr) 2010-03-25
EP2301170A4 (fr) 2013-04-17

Similar Documents

Publication Publication Date Title
US8488967B2 (en) System and method for OCDMA-based photonic layer security robustness to archival attack
US8831426B2 (en) OCDM-based all optical multi-level security
Fok et al. Optical layer security in fiber-optic networks
US8903091B2 (en) Optical system with imparted secure codes
Etemad et al. Spectrally efficient optical CDMA using coherent phase-frequency coding
US8737618B2 (en) Secure key distribution for optical code division multiplexed based optical encryption
US20100074444A1 (en) Method and System for OCDM-Based Photonic Layer Security Robustness to Spoof Data Integrity
US11641241B2 (en) Optical communication system using mode-locked frequency comb and all-optical phase encoding for spectral and temporal encrypted and stealthy transmission, and for optical processing-gain applications
WO2007081355A2 (fr) Systeme a acces multiple par repartition de code en optique a codage mixte en phase et en longueur d'onde
CA2651497C (fr) Codeur/decodeur de phase spectrale variable base sur une decomposition des codes hadamard
CA2725804C (fr) Systeme et procede destines a ameliorer la resistance de securite de couches photoniques a multiplexage optique a repartition par codes a des attaques d'archivage
Gao et al. 40Gb/s secure optical communication based on symbol-by-symbol optical phase encryption
Wang et al. 40Gbits− 1 Data transmission in an installed optical link encrypted using physical layer security seeded by quantum key distribution
Etemad et al. OCDM-based photonic layer'security'scalable to 100 Gbits/s for existing WDM networks
Wu et al. Steganographic fiber-optic transmission using coherent spectral-phase-encoded optical CDMA
EP1889381B1 (fr) Reseaux optiques a routage par code
Prucnal et al. Physical layer security in fiber-optic networks using optical signal processing
Etemad et al. An overlay photonic layer security approach scalable to 100 Gb/s
Wang et al. 40 Gb/s secure optical communication system based on optical code technology
Goldberg et al. Towards a cryptanalysis of spectral-phase encoded optical CDMA with phase-scrambling
Agarwal et al. Code scrambling in spectral phase encoded OCDMA using reconfigurable integrated ring resonator based coders
Huang et al. Signal Processing Techniques for Data Confidentiality in OCDMA Access Networks
Gao et al. Demonstration of 40 Gb/s secure optical communication system based on 40 Gchip/s SPE and symbol overlapping
Toliver et al. Optical code division multiplexing for confidentiality at the photonic layer in metro networks and beyond
Prucnal et al. Using optical signal processing to provide information security in data networks

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09814931

Country of ref document: EP

Kind code of ref document: A1

DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2725804

Country of ref document: CA

WWE Wipo information: entry into national phase

Ref document number: 2009814931

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE