Open Access
Add to BibSonomyAbstract
Code scrambling combined with self obscuration in a spectral phase encoded OCDM system shows promise for enhanced confidentiality in high data rate networks. We demonstrate code scrambling using reconfigurable ring-resonator-based integrated coders for obscuring a 20 Gb/s OCDM signal comprising four polarization multiplexed coded tributaries.
©2008 Optical Society of America
1. Introduction
Photonic layer security has attracted interest as a potentially lower cost means of providing security for higher data rates in networks. Here we examine the potential for optical code division multiplexing (OCDM) to offer an enhanced degree of confidentiality.
We have previously demonstrated spectrally efficient spectral phase encoded optical code division multiple access (SPE-OCDMA). This uses orthogonal Hadamard codes to suppress multi-user interference (MUI) [1]. Furthermore it is compatible with ordinary WDM since the entire code bandwidth of our demonstrated system lies within a single 100 GHz WDM band. Our coherent spectral phase encoding approach consists of demultiplexing individual spectral components of the mode-locked laser (MLL) signal, shifting the phase of each component according to a code, and recombining the shifted components to produce a coded signal, which can be combined with other, differently encoded signals. This coding process is implemented by the integrated coder technology we have developed [2]. Integrating the coding functions provides the phase stability without which this concept could not be realized and also makes the coders rapidly programmable.
Here we extend the OCDMA concept to OCDM, where we assign different codes to the inverse multiplexed tributaries of a single high speed data stream rather than to different users. This ensures that either all of the codes are simultaneously in use or none of them are. With OCDM, detecting any of the tributaries requires knowledge of the correct code, since all of the tributaries occupy the same spectral space at the same time.
Next we apply the concepts of shared code scrambling to OCDM, which were first described and with first experimental proof-of-concept in [3] and [4] respectively, and discuss its implications to data confidentiality. While the number of Hadamard codes is equal to the number of spectral components N, the code search space can be made exponentially larger by employing shared code scrambling, which preserves the desirable feature of code orthogonality [5]. While eavesdroppers surely know the familiar and widely-used Hadamard codes, the large number of scrambled combinations confronts eavesdroppers with an exponentially larger search space as discussed later in Section 2. More recently, similar techniques have been adopted in which “phase scrambling” is termed “phase masking” [6] although outside of the context of a spectrally efficient, WDM-compatible implementation.
Security issues in optical code division systems have been investigated by other groups but their approaches differ significantly from ours. In particular a theoretical study assuming access to an isolated code [7] showed that there is no security in such systems. We would like to emphasize that with our approach there is never an isolated code present; our approach relies on self-obscuration, which requires the multiplexing of multiple codes. While an isolated code is easy for an eavesdropper to detect whether scrambled or not, groups of scrambled codes operating in parallel obscure one another if the scrambler code is unknown.
An experimental analysis of another approach, a two-code system, identified potential vulnerability related to the differences in spectral dips between different coded users [8]. However, in that approach, phase encoding is applied to spectral slices containing multiple spectral lines, unlike our system, which employs line-by-line phase encoding. With line-by-line phase encoding and the appropriate control of modulation bandwidth, there are identical spectral dips between every adjacent pair of lines due to the data modulation regardless of the code that is employed. Thus, the differential spectral dip attack is not effective. Moreover, with increasing code parallelism coherent crosstalk is dominant and overwhelms an eavesdropper’s attempt to break the security through various methods including spectral dip filtering. Indeed, coherent beat noise effects are clearly seen even in the two-code case in [8].
A third approach to security demonstrated for avionics applications, uses bit-to-bit code swapping in a fast wavelength hopping time spreading OCDMA system [9]. This approach is similar to the one-time-pad security which requires the key to be as long as the data, and is not robust against archival attack.
The focus of this paper is the introduction of code scrambling along with code parallelism within OCDM to enhance physical layer confidentiality in a truly-orthogonal SPE-OCDM system. We show that the OCDM scheme employing this new class of orthogonal codes still works for an authorized recipient. This paper extends preliminary experimental results of previous work [4], in which code scrambling using reconfigurable ring-resonator based integrated phase coders was first demonstrated. Code scrambling with quaternary phases [10] allows increasing the code space even further to 4N (=22N) possible code settings compared to 2N with binary phases and is possible only due to the coder functionality of being programmable with arbitrary phase shifts. Through simulations the optimal number of phase states for enhanced confidentiality can be evaluated and will be discussed in future work.
We present successful en/decoding of a high speed 20 Gb/s OCDM signal consisting of inverse multiplexed spectral phase encoded and scrambled tributaries. Also through simulations and experiments, we illustrate the difficulty of recovering data by an eavesdropper due to the combination of self-obscuration and incorrect descrambling. Since the robustness of this approach to all forms of attack has not been evaluated we do not claim that this scheme provides cryptographic security. However, signal obscuration combined with the exponentially larger number of possible scrambler states as well as the ability to dynamically change the scrambler setting all contribute to providing an enhanced confidentiality against exhaustive and archival attacks. Further, this scheme is compatible with current WDM networks, and most importantly scalable to high aggregate data rates such as 40 Gb/s [11] and above.
2. Code Scrambling
Code scrambling is achieved by applying a common additional random phase to the set of original Hadamard codes (HN). Each element of the phase scrambler can have any arbitrary phase shift (ϕn) between [0, 2π]. The code scrambling matrix is a diagonal matrix DN containing on its diagonal arbitrarily chosen phase shifts eiϕn. In the case of quaternary phase scrambling, the matrix would contains elements of the set [1, i, -i, -1]. Each phase scrambler setting produces a new set of orthogonal codes, the modified Hadamard codes (WN). The total number of possible modified Hadamard code configurations, is given by pN where p is the number of phase states and N is the number of spectral components (There are p N-1 optically distinct configurations since the N scalar multiples of each code result in identical intensity waveforms.). For example, with p=4 and N=16, the exhaustive search space increases dramatically from 16 to 415 (~109). The scrambling code can be viewed as the secret key. With the key hidden from an eavesdropper, the search space for guessing the code becomes exponentially larger than the N conventional Hadamard codes.
Fig. 1. Temporal response to MLL pulse train with (a) Hadamard codes H1 to H4; scrambled codes W1 to W4 (b) simulation, (c) experiment; (d) after decoder matched for code W2.
The integrated spectral phase coder (described in detail in [2]) consists of common input and output buses, with 4th order micro-ring resonators serving as wavelength selective cross connects between the two. Each passband representing a frequency bin selects individual MLL lines. The relative phase shift between two adjacent frequency bins controlled by a thermo-optic phase heater can be continuously varied between 0 and 3π/2. The coder provides programmable and accurate optical phase control with a reconfiguration time of milliseconds. The coder selects eight MLL frequency lines and individually shifts their relative phases according to the code before combining the shifted lines at the output.
Figure 1 shows the effect of quaternary-phase scrambling on individual codes. The temporal response to a MLL pulse train with a repetition frequency of 10 GHz is shown for four of the conventional Hadamard codes in Fig. 1(a). With four phase states and N=8 the number of possible distinct scrambling codes is 47. Here, the scrambling code DN picked randomly is [i,-i,-i,i,-1,-1,-i,-i]. Experimental waveforms corresponding to the scrambled codes WN are shown in Fig. 1(c) and match closely with the simulated results (Fig. 1(b)). Scrambling produces significantly different temporal responses and spreads the energy of the pulse more uniformly over the pulse interval. Finally, Fig. 1(d) shows the experimental response after a decoder with phase codes aligned to decode W2. The original pulse is reconstructed for this code while the other three incorrectly decoded codes are nulled at the sampling time (shown by arrows). Notably, the orthogonality of the codes is maintained despite the code scrambling/descrambling operation. For this example, the scrambled codes WN resulting from the matrix multiplication of the Hadamard codes HN and scrambling code DN are shown below (codes are in the columns of the matrices). The scrambler (descrambler) corresponding to DN can be implemented in a physically separate coder. Alternatively, the scrambler (descrambler) and encoder (decoder) can be combined and implemented in a single device using WN.
While Fig. 1 illustrates single-code behavior; confidentiality requires multiple codes to operate in parallel. Figure 2(a) shows a simulated eye diagram for 4 scrambled OCDM signals with the desired channel correctly descrambled and decoded. We notice a clear open eye with the MUI pushed away from the position of the correctly decoded signal.
Fig. 2. (a). Simulated eye diagram of 4 users showing correctly decoded pulses with the MUI pushed outside of the time gating region. (b) The eye diagram for four scrambled codes shows no sign of an open eye. (The open squares in both figures indicate the location of the eye when one OCDM channel is correctly descrambled and decoded.)
Figure 2(b) shows the effect of incorrect descrambling. Now, the eye diagram of the four encoded and scrambled OCDM signals exhibits no clear eye-opening and a randomly varying, aperiodic time structure with no obvious indication of the proper sampling time, thus frustrating an eavesdropper’s attempts to sample the signal. Resilience to archival attack thus arises from the need for an eavesdropper to sample and record the entire coded signal.
3. Experimental setup and results
We demonstrate the practical implementation of shared code scrambling and self-obscuration in our OCDM testbed, shown in Fig. 3. The output of a 10 GHz MLL is split into two paths and each is independently modulated by 5 Gb/s data streams consisting of 215-1 pseudorandom bit sequences (PRBS). The on-off keyed (OOK) modulated signals are then encoded in the programmable spectral phase encoders using Hadamard codes H2 and H3. The two co-polarized encoded signals are scrambled with quaternary phases using a randomly chosen scrambling code. The two tributaries are equalized in power, synchronized and then passively combined and a second delayed copy is created in an orthogonal polarization. These form the four coded tributaries of a single high data rate 20 Gb/s obscured signal that are overlapped in both time and frequency, as shown by the spectrum and the eye diagram in Fig. 3. At the receiver, after polarization demultiplexing, the 5 Gb/s tributaries are correctly descrambled and decoded by selecting the corresponding conjugate phase code in the decoder. The polarization extinction ratio is 20 dB. A terahertz optical asymmetric demultiplexer (TOAD)-based optical time-gate extracts the desired decoded tributary and BER is measured after a commercial OC-192 receiver. A second MLL synchronized to the first provides the clock signal for the TOAD. No FEC is employed. In the experiment, the encoding (decoding) and scrambling (descrambling) operations are performed in a single coder although for conceptual illustration, Fig. 3 shows them as separate devices.
The uncorrected BER is shown in Fig. 4(a) for the case of four polarization multiplexed tributaries. Results are shown for two of the tributaries coded W2 (▲) and W3 (■) of the composite signal when each is correctly descrambled and decoded. Also shown is the BER performance with the scrambling operation disabled (code H2 (
To illustrate the impact of scrambling on an eavesdropper, consider the case of two co-polarized codes H2 and H3 combined and scrambled with scrambling code S1 [i,-i,-i,i,-1,-1,-i,-i]. Figure 4(b) shows the eyes before time-gating with the corresponding phase conjugate descrambler and correct decoding for code H2; an open eye is clearly seen for code H2, while the energy from code H3 is nulled where the correctly decoded code is maximum (due to the orthogonality of the codes) and can be removed using time gating. In Fig. 4(c), the same codes and scrambler are used, but with an incorrectly guessed descrambling code. Figure 4(c) shows a movie for a number of various random incorrect descrambler phase settings. This scrambler-descrambler mismatch disrupts the orthogonality of the modified Hadamard codes causing signal obscuration even with just two codes, and no clear eye opening is obtained, resulting in a BER reading of 0.5. That even the position of the eye is not available to an eavesdropper a priori helps to deter archival attack and forces an eavesdropper to measure the optical field of the complex signal in real time with detector structures prohibitively more sophisticated than that required by an authorized user. Such code grouping employing an unknown key results in cross-coupling of the codes and destroys code orthogonality when incorrect decoding and detection is performed leading to signal obscuration due to coherent crosstalk.
In contrast, if code scrambling was not employed, an eavesdropper trying one of the conventional Hadamard codes as the decoder, with even an incorrect code (H6 in this example) can still see an open eye despite the presence of two codes. This is shown in Fig. 4(d), where open eyes (indicated by the arrows) are clearly seen for the resulting codes H8 and H5 although in incorrect time slots. Nevertheless, an eavesdropper can time gate these eyes individually to recover the data. Due to the closure property of the Hadamard codes [3], a code that is incorrectly decoded will be converted to another code within the same set. As a result code orthogonality is maintained and hence there may be little or no signal obscuration.
Fig. 4. (a). BER performance. Experimental eye diagrams for scrambled codes W2 and W3 with: (b). Correct descrambling, (c). (movie) Incorrect descrambling with a number of random phase settings. (d). Eye diagrams for conventional Hadamard codes with incorrect decoding. [Media 1]
4. Conclusions
Signal obscuration provided by the presence of multiple simultaneous OCDM codes, combined with code scrambling can provide robustness against archival and exhaustive attacks. We have experimentally demonstrated a new class of orthogonal codes through the use of code scrambling, allowing for enhanced physical layer confidentiality in a WDM-compatible SPE-OCDM system and presented the impact of incorrectly descrambled multiplexed codes. For the proof-of-concept, codes and a scrambling key of length 8 were used. With the current device technology it is possible to build devices with 16 frequency bins, and with improved component packaging 32 bins is possible, expanding the search space using quaternary phases to 415 and 431 (~4×1018) respectively. Since the power of this approach lies in the exponentially larger search space and self-obscuration, longer scrambling keys and increased code parallelism will be more effective in frustrating an eavesdropper. Vulnerabilities to other forms of attack may exist and will be evaluated elsewhere.
Acknowledgments
This work was supported in part by the DARPA O-CDMA project. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of DARPA.
References and links
1. P. Toliver, A. Agarwal, T. Banwell, R. Menendez, J. Jackel, and S. Etemad, “Demonstration of high spectral efficiency coherent OCDM using DQPSK, FEC, and integrated ring resonator-based spectral phase encoder/decoders,” Optical Fiber Communication (postdeadline), (Optical Society of America, Anaheim, USA, 2007), PDP7.
2. A. Agarwal, P. Toliver, R. Menendez, S. Etemad, J. Jackel, J. Young, T. Banwell, B. E. Little, S. T. Chu, Wei Chen, Wenlu Chen, J. Hryniewicz, F. Johnson, D. Gill, O. King, R. Davidson, K. Donovan, and P. Delfyett, “Fully-programmable ring resonator based integrated photonic circuit for phase coherent applications,” J. Lightwave. Technol. 24, 77–87 (2006). [CrossRef]
3. R. Menendez, P. Toliver, S. Galli, A. Agarwal, T. Banwell, J. Jackel, J. Young, and S. Etemad, “Network applications of cascaded passive code translation for WDM-compatible spectrally phase encoded optical CDMA,” J. Lightwave Technol. 23, 3219–3231 (2005). [CrossRef]
4. A. Agarwal, R. Menendez, P. Toliver, S. Etemad, and J. Jackel, “Code scrambling in spectral phase encoded OCDMA using reconfigurable integrated ring resonator based coders,” Optical Amplifiers and Applications/Coherent Optical Technologies and Applications, (Optical Society of America, Whistler, Canada, 2006), CFD4.
5. B. J. Wysocki and T. Wysocki, Int. Journal of Adapt. Control and Signal Processing 16, 589–602, (2002). [CrossRef]
6. C. Yang, W. Cong, R. P. Scott, B. H. Kolner, F. Xue, V. J. Hernandez, J. P. Heritage, Z. Ding, and S. J. B. Yoo, “Experimental investigation on using phase mask in spectral phase encoded OCDMA for security enhancement,” European Conference on Optical Communications, Cannes, France, 2006, Th3.6.4.
7. T. H. Shake, “Confidentiality performance of spectral phase encoded optical CDMA,” J. Lightwave Technol. 23, 1652–1663 (2005). [CrossRef]
8. Z. Jiang, D. E. Leaird, and A. M. Weiner, “Security issues in OCDMA with multiple-user aggregation,” in Conference on Lasers and Electro-optics, (Optical Society of America, Baltimore, USA, 2007), CThBB4.
9. I. Glesk, Y.-K. Huang, C.-S. Bres, and P. R. Prucnal, “OCDMA platform for avionics applications,” Electron. Lett. 42, 1115–1116 (2006). [CrossRef]
10. A. Agarwal, R. Menendez, P. Toliver, S. Etemad, and J. Jackel, “Enhanced confidentiality with multi-level phase scrambling in SPE-OCDMA,” in Conference on Lasers and Electro-optics (invited), (Optical Society of America, Baltimore, USA, 2007), CThBB2. [CrossRef]
11. P. Toliver, A. Agarwal, T. Banwell, R. Menendez, J. Jackel, and S. Etemad, “40 Gb/s OCDM-based Signal Transmission over 400km using Integrated Micro-Ring Resonator-based Spectral Phase Encoding and Quaternary Code Scrambling for Enhanced Data Confidentiality,” European Conference on Optical Communications, (Postdeadline), Berlin, Germany, 2007, PDP3.3.
