Open Access
Add to BibSonomy
Abstract
Software-defined optical networking (SDON) will become the next generation optical network architecture. However, the optical layer and control layer of SDON are vulnerable to cyberattacks. While, data encryption is an effective method to minimize the negative effects of cyberattacks, secure key interchange is its major challenge which can be addressed by the quantum key distribution (QKD) technique. Hence, in this paper we discuss the integration of QKD with WDM optical networks to secure the SDON architecture by introducing a novel key on demand (KoD) scheme which is enabled by a novel routing, wavelength and key assignment (RWKA) algorithm. The QKD over SDON with KoD model follows two steps to provide security: i) quantum key pools (QKPs) construction for securing the control channels (CChs) and data channels (DChs); ii) the KoD scheme uses RWKA algorithm to allocate and update secret keys for different security requirements. To test our model, we define a security probability index which measures the security gain in CChs and DChs. Simulation results indicate that the security performance of CChs and DChs can be enhanced by provisioning sufficient secret keys in QKPs and performing key-updating considering potential cyberattacks. Also, KoD is beneficial to achieve a positive balance between security requirements and key resource usage.
© 2017 Optical Society of America
1. Introduction
Two billion kilometers of optical fibers deployed worldwide [1] promote optical networks to become the essential underlying infrastructure of the Internet. Large confidential data transferred daily by the Internet will depend on the secrecy of data channels (DChs) in optical networks against several cyberattacks such as eavesdropping, jamming and data interception [2, 3]. Recently, optical networks are evolving toward software-defined optical networking (SDON) architecture based on the new software-defined networking (SDN) paradigm to add programmability and flexibility in the optical layer [4]. SDN has a global view in dynamic and diverse network scenarios, which is capable of managing the entire optical network efficiently and allocating the optical network resources flexibly [5]. However, there are several new security attacks that arise along with SDN implementation, such as anomaly attacks and intrusion attacks against the control channels (CChs) [6]. Therefore, two important components are vulnerable to cyberattacks in software-defined optical networks, i.e., DChs transferring confidential services and CChs interchanging control messages.
One effective method to provide secrecy against cyberattacks is data encryption. However, classical key distribution methods based on the mathematical complexity will suffer from increasing computational power and quantum computing in the near future [7]. An alternative technique to secure key exchange in software-defined optical networks is the quantum key distribution (QKD) [8] technique which can achieve theoretical unconditional security by following the fundamentals of quantum mechanics, i.e., non-cloning theorem and Heisenberg’s uncertainty principle [9–11]. These principles ensure that any third party attempting to eavesdrop the keys will be quickly detected by senders or receivers.
QKD systems usually adopt optical fibers to achieve good transmission performance and resiliency. However, dedicated fibers used for QKD are costly and inconvenient, and a promising solution is to integrate QKD into existing optical networks with wavelength division multiplexing (WDM) technology [12]. The feasibility of this integration of QKD with optical networks has been demonstrated in Refs [13–16]. However, the secret-key rate (i.e., the generation of secret keys in bits per second) in current advanced QKD systems is only 1~2 Mbit/s over a single wavelength in a 50 km fiber [17–19], which is extremely low compared with the gigabit data transmission over each wavelength in WDM optical networks. Increasing the number of QKD components and links to construct more QKD systems can further increase the secret-key rate, but it will also drastically increase the system complexity and power consumption. Thus, the use of an efficient resource management while satisfying security requirements of control channels and data channels is essential for software-defined optical networks secured by QKD.
To the best of our knowledge, in this work we study for the first time: (1) a novel concept of key on demand (KoD) to achieve efficient key resource usage in combination with a quantum key pool (QKP) technique, where KoD is defined as a function that relies on the QKP to allocate secret keys for security requirements in a timely manner on demand; (2) a novel QKD over SDON architecture where QKPs are constructed to secure control channels and data channels; (3) a novel dynamic routing, wavelength and key assignment (RWKA) algorithm designed to implement KoD jointly for CChs and DChs, where the adaptive key assignment strategy considers two cases, i.e., key-updating based on time complexity of attacks and key-updating based on data complexity of attacks; (4) security probability index defined and utilized to evaluate the security performance of control channels and data channels in software-defined optical networks secured by QKD.
The rest of this paper is organized as follows. Section 2 describes the basic concept of QKD. Section 3 introduces the enhancements with QKPs to enable KoD scheme for software-defined optical networks secured by QKD. Section 4 describes the QKD over SDON architecture. Section 5 introduces the KoD implementation problem for software-defined optical networks secured by QKD. Section 6 discusses the proposed RWKA model and algorithm. Section 7 presents and analyzes the results of security probability for CChs and DChs. Finally, section 8 concludes this paper.
2. Quantum key distribution (QKD)
In this section, we introduce the QKD technique in our study. QKD is utilized to generate a shared secret key between two parties known only to them, not to transmit any message data [9]. The secret key can then be utilized with any chosen encryption algorithm to encrypt and decrypt messages. Secret-key information is encoded in quantum states, and QKD exploits certain properties of these quantum states to ensure its security [10].
To describe the basic principle of QKD, Fig. 1 introduces the QKD mechanism built on a widely used quantum protocol (i.e., BB84 protocol [20]), and the QKD process is summarized in the following three steps: (1) Alice (Quantum sender) generates and sends randomly single-polarization photons to Bob (Quantum receiver) via the quantum channel (QCh). The single-polarization photons encoded with randomly binary bits can be polarized in four states, i.e., horizontal (H, encoded 0+), vertical (V, encoded 1+) and diagonal ( + 45° encoded 1 × and −45° encoded 0 × ). Bob randomly measures each photon with either the rectilinear ( + ) basis or diagonal ( × ) basis. (2) Alice and Bob exchange messages via the public channel (PCh) and compare the basis. Only the correct basis will be remained and decoded to binary bits after this process. The remaining binary bits are called sifted keys. (3) Alice and Bob randomly reveal a sample of sifted keys via the PCh for detecting whether there is an eavesdropper. Finally, reconciliation and privacy amplification are done for key distillation [21], and the remaining secure bits are called secret keys.
As shown in Fig. 1, two channels are required for key sifting, distillation and synchronization between Alice and Bob, i.e., QCh for transmitting quantum signals and PCh for classical information interaction. Additionally, PCh can also serve as the clock channel synchronized with the QCh, which contributes to achieve accurate synchronization of the quantum states between Alice and Bob. Thus, costly and dedicated optical fibers were usually adopted as quantum channel and public channel in QKD systems to achieve better transmission performance. To reduce the cost and save fiber resources, we integrate QKD into exiting optical networks based on WDM technology [12] to secure control channels and data channels in software-defined optical networks.
3. Quantum key pool (QKP) for key on demand (KoD)
In this section, we present definitions and enhancements for QKD technique by constructing QKPs to enable KoD scheme as well as allocating wavelengths for QKPs and software-defined optical networks. The extension of QKD from point-to-point to network-wide systems requires enhancements in the secret-key synchronization, storage and provision to improve the security performance and resource management. Accordingly, QKPs are constructed over the software-defined optical networks to satisfy these requirements. The synchronized secret keys can be stored in the corresponding secret-key memory (SKM) which is embedded in each node. To enhance the secret-key management, the secret keys between each pair of SKMs can be virtualized into a QKP. QKP can dynamically provide different number of secret keys for data encryption according to different security requirements between the two nodes. This function that relies on the QKP to allocate secret keys for security requirements in a timely manner on demand is defined as KoD. An example of QKD enhancements in secret-key synchronization, storage and provision is shown in Fig. 2(a).
The QKP construction process is summarized in three main steps: (1) Quantum communication node (QCN)-A encodes raw keys in quantum signals and transmits them to QCN-B via the QCh. QCN is an aggregating device that contains quantum transceiver and quantum switch. The quantum-signal transmission distance can be extended by deploying trusted repeater nodes [22]. (2) QCN-A and QCN-B interchange public information to accomplish secret-key synchronization via the PCh. (3) The synchronized secret keys between QCN-A and QCN-B are stored in SKM-A and SKM-B which is embedded in Node-A and Node-B, respectively. The secret keys between SKM-A and SKM-B are virtualized to construct QKPAB, which enables KoD according to different security requirements between Node-A and Node-B through the control channel or data channel.
Besides QKD enhancements, wavelength allocation for QKPs and software-defined optical networks are important for QKP construction. Two wavelength channels should be reserved as QCh and PCh for secret-key synchronization in WDM optical networks. Note that the control messages are transmitted by IP-based routing through the control channels in software-defined optical networks, and hence, control channels will occupy IP channels rather than data channels. QCh, PCh and DCh can be placed at C-band (1530−1565 nm) to achieve lower attenuation performance and high compatibility with the existing WDM optical networks [23], as shown in Fig. 2(b). Additionally, physical layer impairments must be considered while allocating wavelengths for QCh and PCh. Raman scattering can be reduced by placing the QCh at the highest frequency [24]. Moreover, four-wave-mixing (FWM) effect can be minimized by reserving 200 GHz spaced bandwidth between QCh and classical channels (i.e., PCh and DCh) [25].
In addition, previous techniques for QKD networks mainly focus on the deployment of point-to-point links, where a pair of QCNs is required for each connection [10]. Recently, time-scheduled technique has been proposed to reduce the financial expenditure of deploying a QKD network [16, 26]. Thus, based on the specific requirement of QKP construction over a software-defined optical network, we can enable a single QCN to be time-shared between multiple endpoints allowing the establishment of multiple QKD connections using fewer QCNs. This technique reduces the cost of QKP construction over a software-defined optical network because of the significant reduction in hardware and the efficient usage of QCNs.
4. QKD over SDON architecture
In this section, we describe the architecture of QKD over software-defined optical networks for KoD. As illustrated in Fig. 3(a), the QKD over SDON architecture consists of four layers from top to bottom: application (APP) layer, control layer, QKD layer and optical layer. In contrast to previous QKD-enabled optical networks [26], this architecture decouples QKD layer from the optical layer by constructing QKPs in QKD layer. Two types of QKPs, i.e., the ones between the SDN controller and each node (QKP-C, i.e., QKP-CCh), and the ones between two nodes (QKP-D, i.e., QKP-DCh), are constructed to ensure the security of control messages via the control channels and services via the data channels, respectively. The QKD layer and the optical layer are controlled and software-defined with southbound interface protocol (e.g., OpenFlow and NETCONF) by the SDN controller in control layer, where OpenFlow protocol is used as southbound interface protocol in this paper. The SDN controller with a programmable and flexible centralized network control manner can be used as the effective implementation technique for the control layer, which has been verified in recent research on SDN-controlled optical networks with time-shared QKD resources [16].
QKD layer and optical layer share the optical fiber resources from physical WDM optical networks, where two wavelengths should be reserved as quantum channel and public channel for constructing the OpenFlow-enabled QKPs (OF-QKPs) to jointly ensure the security of CChs and DChs, and then the remaining wavelengths can be used to support confidential service transmission. OpenFlow-enabled optical cross connects (OF-OXCs) are deployed in optical layer. SDN controller is responsible for the management of entire network whereas OF-QKPs and OF-OXCs are responsible for operating based on the instructions from SDN controller. Service requests with different security requirements are triggered from APP layer and interacted with control layer via the Restful API, where Restful API is used as northbound interface protocol. Control channels and data channels may require different number of secret keys according to their security requirements. Specifically, this architecture can control and manage the network-wide secret-key resources in QKPs to enable KoD demand base on secret-key allocation, which might provide great advantage in a dynamic and diverse security demand scenario.
The procedure followed by the configuration signaling among the four layers is shown in Fig. 3(b) and summarized in the following five steps: (1) Upon receiving a service request (e.g., Node 1→Node 2) from the APP, SDN controller first selects path and performs OpenFlow handshake with relevant OF-QKPs and OF-OXCs on the path. (2) After this session establishment, SDN controller configures OF-QKP-C1 and OF-QKP-C2 to provide secret keys for control messages via the control channels. (3) The SDN controller configures OF-QKP-D1-2 to provide the required secret keys for the service requested through OF-OXC1 to OF-OXC2 via the data channel. (4) The OF-OXC1 and OF-OXC2 are configured for data encryption and transmission of the service. (5) Finally, SDN controller will reply to the APP.
5. KoD implementation problem for QKD over SDON
In order to implement KoD, algorithms for data encryption and secret-key assignment should be considered for CChs and DChs. Vernam proposed the one-time pad encryption method to achieve high theoretical information security [27], which was verified by Shannon that the length of secret keys must be at least as long as data size [28]. Thus, one-time pad method will waste execution time and storage to handle the data encryption and secret keys, which is not feasible for high-bit-rate data encryption in SDON and may seriously impact the SDON efficiency. A more practical and feasible solution is to utilize symmetric encryption algorithms [29] to perform massive data encryption with fast execution time and small key size, where one of the most commonly-used symmetric encryption algorithms in QKD systems is the advanced encryption standard (AES) algorithm. Some researchers have verified the feasibility of integrating AES with QKD for high-bit-rate data encryption [30, 31]. The input and output for the AES algorithm each consist of sequences of 128 bit (digits with values of 0 or 1), and these sequences will sometimes be referred to as blocks and the number of bits they contain will be referred to as their length [32]. The AES algorithm is capable of using secret keys of 128, 192, and 256 bit to encrypt and decrypt data in blocks of 128 bit [32]. Accordingly, the data encryption module and secret-key receiver should be embedded in optical nodes to accomplish secret-key processing and communication.
For symmetric encryption algorithms, the attackers can eavesdrop a certain number of encrypted data to recover the secret keys, and hence, the data transmission time and data size are two important factors during an attack [33, 34]. The key-updating period is the period after which the secret key has to be changed between two parties, which can reduce the probability of encrypted data being attacked. Therefore, while utilizing AES algorithm to ensure secure CChs and DChs, key-updating is strongly necessary for enhancing the security. Moreover, the time complexity of attacks (i.e., the maximum available time for a secret key) and data complexity of attacks (i.e., the maximum data size that can be encrypted by a secret key) also should be considered. Specifically, the security level will increase with key-length increasing or key-updating period decreasing. However, the balance of key-length and key-updating period for obtaining the certain security level is difficult to be achieved. The reason is that the security level is generally evaluated by the difficulty of recovering the encryption keys, and the attackers with different computational power and attack algorithms will face different difficulties to recover the encryption keys [34]. Thus, the security level is qualitatively evaluated in terms of key-length and key-updating period [35].
Due to the secret-key resources in QKPs are finite and precious, the secret-key assignment problem for the CChs and DChs should be addressed while implementing KoD. In SDON, the control messages via the control channels are usually transferred at megabit-per-second data rate, which are lower than the data complexity of attacks [33]. Hence, to enhance the security performance of CChs, key-assignment and key-updating are performed for control messages between the SDN controller and each node through the lightpath of a service. Each node along the lightpath should be configured by the SDN controller, and then, the control messages will be sent to each node via the control channels. Based on the specific security requirement of control channels, QKPs for CChs (i.e., QKP-C) can allocate the required number of secret keys for SDN controller and nodes to secure the control messages via the control channels. Thus, different number of secret keys (denoted as Keyx-y, where x is the node number and y is the service number) can be assigned for control channels between the SDN controller and different nodes along different lightpaths. For example, as shown in Fig. 4, Key1-1 (and Key2-1) are assigned for control channels between the SDN controller and Node 1 (and Node 2) through the lightpath Node 1→2 of Service 1; Key1-2 (and Key2-2, Key3-2) are assigned for control channels between the SDN controller and Node 1 (and Node 2, Node 3) through the lightpath Node 1→3 of Service 2.
For the services via the data channels, the required number of secret keys is related to the key-length and key-updating period. Based on the specific security requirement of data channels, QKPs for DChs (i.e., QKP-D) can allocate the required number of secret keys for the source and destination nodes to secure the services via the data channels. For example, three services (denoted as r1, r2 and r3) with different security requirements (including key-length and key-updating period) are shown in Fig. 5. The time complexity of attacks for key updating (i.e., the maximum available time for a secret key, denoted as Ty) and data complexity of attacks for key updating (i.e., the maximum data size that can be encrypted by a secret key, denoted as Dy) are considered in Fig. 5(a) and 5(b), respectively, where y is the service number. The required key lengths of r1, r2 and r3 are 128 bit, 192 bit and 256 bit, respectively. The required key-updating periods of r1, r2 and r3 are T1, T2 and T3 (T1 < T2 < T3) respectively in Fig. 5(a), or D1, D2 and D3 (D1 < D2 < D3) respectively in Fig. 5(b). From Fig. 5 we can see that the service with longer key-length and shorter key-updating period shows higher security level and requires more secret keys to be assigned for data encryption. Thus, the key assignment strategy for control channels and data channels in a timely manner on demand must be designed. And another contribution of this paper is the study of a strategy on KoD implementation problem for QKD over SDON to be discussed in next section.
Fig. 5 Key-assignment and key-updating for services with different security requirements based on (a) case 1: time complexity of attacks and (b) case 2: data complexity of attacks.
6. Routing, wavelength and key assignment (RWKA) strategy
To implement KoD in QKD over software-defined optical networks, we propose a novel routing, wavelength and key assignment (RWKA) strategy. In this section, we describe the proposed RWKA model and heuristic algorithm for QKD over software-defined optical networks. Some notations and their definitions used in this paper are listed in Table 1. Based on the aforementioned definition of QKPs, QKP-D for DChs are constructed between any pair of nodes, whereas QKP-C for CChs are constructed between any node and the SDN controller, thus the number of QKPs-D and QKPs-C are n(n−1)/2 and n, respectively.
Table 1. Notations and Definitions.
Different services via the data channels may require different key lengths and key-updating periods, and hence, the security requirement matrix Eq. (1) and Eq. (2) considering key-updating based on the time complexity of attacks and data complexity of attacks respectively can be described as follows:
Considering key-assignment and key-updating are performed for control messages between the SDN controller and each node through the lightpath of a service, the total required number of secret keys to ensure the security of control messages via the control channels for service request r can be expressed as:
Based on AES encryption algorithm, the number of required secret keys considering time complexity of attacks and data complexity of attacks for key-updating can be expressed as Eq. (4) and Eq. (5) respectively as follows:
Based on the aforementioned QKD over SDON architecture, a novel routing, wavelength and key assignment (RWKA) algorithm is designed to implement KoD jointly for control channels and data channels. Table 2 illustrates the RWKA heuristic algorithm, which is divided into three steps, i.e., routing and wavelength assignment (RWA) for services via the data channels, key assignment (KA) for control messages via the control channels and key assignment for services via the data channels. Note that the control channels will occupy IP channels, and hence, RWA step is unnecessary for control channels. Two cases, i.e., time complexity of attacks and data complexity of attacks are considered for key-updating in key assignment for data channels. In step 1, routing computation is operated with K-shortest-path (KSP) algorithm, and the wavelengths reserved as data channels are allocated to the service with First Fit (FF) algorithm. The service can establish lightpath with the assigned wavelength channel. The security requirement of a service is represented by the required key-length and key-updating period as defined in Eqs. (1)–(2), and the total required number of secret keys for the control channels and data channel of each service is calculated by Eqs. (3)–(5). In order to satisfy the security requirement, key assignment for control channels and data channel of each service is performed in step 2 and step 3, respectively. In step 2 and step 3, secret keys stored in QKPs are allocated for the corresponding control channels and data channels by utilizing FF algorithm, respectively. Notice that the secret keys in the QKPs are stored in the unit of bit and cannot be reutilized, and hence, the FF algorithm with simple implementation advantage can provide relatively good performance in key assignment.
Table 2. RWKA Algorithm.
Lines 2 to 38 accomplish the RWKA for control channels and data channel of service request r. Considering the worst condition, the time complexity of step 1 (lines 2 to 14), step 2 (lines 15 to 22) and step 3 (lines 23 to 38) are K|V|2 + K|W|, |Qc| and 1, respectively. Thus, the total time complexity of RWKA algorithm for service request r is approximately O(K|V|2).
7. Results and analysis
We evaluate the feasibility and efficiency of RWKA algorithm in software-defined optical networks secured by QKD with a NSFNET topology (14 nodes, 21 links of 40 wavelengths each) shown in Fig. 6. The operational efficiency of WDM networks will decrease when the number of wavelengths spared for key distribution is increased. This is because wavelength resources in a single fiber are finite and a large number of services with different security requirements need to be carried by the wavelength channels in WDM networks. Thus, only limited wavelength resources can be reserved for key distribution in WDM networks and in this paper, two wavelengths are reserved as quantum channel and public channel to construct QKPs for control channels and data channels with time-shared technique. Based on the calculation formula in section 6, the number of QKPs for control channels (QKP-C) and data channels (QKP-D) are 14 and (14−1) × 14/2 = 91, respectively. Assuming each QKP-C (or QKP-D) for the control channels (or data channels) storing the same number of secret keys. We consider 50,000 service requests with different security requirements are randomly generated following Poisson arrivals. The bandwidth demand of each service is uniformly distributed from 1 Gbps to 100 Gbps. Based on the key-assignment and key-updating for control messages described in section 5, 256 bit key-assignment and key-updating are performed for control messages between the SDN controller and each node through the lightpath of a service. KSP algorithm with K = 3 is utilized to provide more alternative lightpaths for services. The unit of secret keys is set as 128 bit (e.g., when the number of secret keys is 1000, the binary bits stored in the QKP is 128,000 bit).
Apart from blocking probability (BP), two metrics, i.e., CCh security probability (SPc) and DCh security probability (SPd), are utilized to evaluate the security gain in control channels and data channels. SPc is defined as the ratio of services successfully being allocated with the secure control channels (Sc) to the total unblocked services (Bu), i.e., . In addition, SPd is defined as the ratio of services successfully being allocated with the required secret keys (Sd) to services successfully being allocated with the secure control channels (Sc), i.e., . Accordingly, SPc and SPd may be influenced by BP.
7.1 Security probability for control channels (SPc)
Figure 7(a) shows the results of SPc versus traffic load with different number of secret keys provided for control channels (Nc) under the unblocked scenario. As traffic load increases, SPc maintains as a constant, because the Sc and Bu are not changed. However, SPc will increase with the increase of Nc. The reason is that more number of secret keys provided for control channels will increase the number of services successfully being allocated with the secure control channels (Sc), while the cost of larger Nc is the longer latency for QKP-C construction. Specifically, all the services can be successfully allocated with the secure control channels when the value of Nc is 2500. Figure 7(b) compares the real SPc (SPc-r) and imaginary SPc (SPc-i) with Nc = 1750 under the blocked scenario. Here, SPc-i represents the value of SPc under BP = 0 for comparasion. From Fig. 7(b) we can observe that SPc-r increases with BP increasing, which results from the decrease of Bu. Therefore, in order to increase SPc and satisfy the security requirements of control channels for all the services, the larger Nc and lower BP should be considered, and KoD is an efficient way for key assignment.
7.2 Security probability for data channels (SPd)
7.2.1 SPd versus initial number of secret keys in each QKP-D
Figure 8(a) and 8(b) show the results of SPd versus traffic load with different number of secret keys provided for data channels (Nd) under the SPc = 1 and unblocked scenario in case 1 and case 2, respectively, where ΔT is fixed to 50 s and k is fixed to 10 in case 1, ΔD is fixed to 1.5 Tbit and k is fixed to 10 in case 2. SPd decreases with the traffic load increasing or Nd decreasing. The increase of traffic load will increase the arriving rate or decrease the departure rate of service requests, which will result in increased demands for secret keys. Besides, fewer number of secret keys provided for data channels will decrease the number of services successfully being allocated with the required secret keys (Sd). However, the cost of larger Nd is the longer latency for QKP-D construction. Also, more QKD components can be deployed without sacrificing the latency, but the cost of QKP-D construction will become higher. When the traffic load is 100~140 Erlang, all the services are secure in case 1 with Nd = 1200 and case 2 with Nd = 1600. Therefore, SPd can be increased to meet security demands of all the services via the data channels by provisioning more secret keys or decreasing the traffic load.
Fig. 8 SPd versus traffic load with different Nd under the SPc = 1 and unblocked scenario. (a) case 1 (ΔT = 50 s, k = 10); (b) case 2 (ΔD = 1.5 Tbit, k = 10)
7.2.2 SPd versus key-updating period intervals
The results of SPd versus traffic load with different key-updating period intervals (ΔT in case 1 and ΔD in case 2) considered under the SPc = 1 and unblocked scenario are shown in Fig. 9(a) and 9(b), respectively. In case 1, Nd is fixed to 900 and k is fixed to 10, whereas in case 2, Nd is fixed to 1200 and k is fixed to 10. When the traffic load is 100~140 Erlang, all the services are secure in case 1 with ΔT = 100 s and case 2 with ΔD = 2.5 Tbit. From Fig. 9 we can see that SPd decreases when the ΔT or ΔD becomes fewer, because the services will require more secret keys for key updating. Thus, the cost of shorten key-updating period is the lower security probability for data channels (SPd) when the value of Nd is unchanged, and more number of secret keys (Nd) can be provided for data channels to compensate the decrease of SPd. Correspondingly, the security level of services will increase with ΔT or ΔD decreasing because of the more frequently rekeying. Hence, there is a trade-off between the SPd and security level. SPd can be increased at the cost of decreasing security level, but must satisfy the security requirements of services via the data channels.
Fig. 9 SPd versus traffic load with different key-updating period intervals considered under the SPc = 1 and unblocked scenario. (a) considering different ΔT in case 1 (Nd = 900, k = 10); (b) considering different ΔD in case 2 (Nd = 1200, k = 10)
7.2.3 SPd versus key-updating period types
Figure 10(a) and 10(b) demonstrate the results of SPd versus traffic load with different k considered under the SPc = 1 and unblocked scenario in case 1 and case 2, respectively. In Fig. 10(a), Nd is fixed to 900 and ΔT is fixed to 50 s, whereas in Fig. 10(b), Nd is fixed to 1200 and ΔD is fixed to 1.5 Tbit. For example, k = 4 means the updating periods are among {200 s, 250 s, 300 s, 350 s} and {6.0 Tbit, 7.5 Tbit, 9.0 Tbit, 10.5 Tbit} in case 1 and case 2 respectively, whereas k = 10 means the updating periods are among {50 s, 100 s, 150 s, 200 s, 250 s, 300 s, 350 s, 400 s, 450 s, 500 s} and {1.5 Tbit, 3.0 Tbit, 4.5 Tbit, 6.0 Tbit, 7.5 Tbit, 9.0 Tbit, 10.5 Tbit, 12.0 Tbit, 13.5 Tbit, 15.0 Tbit} in case 1 and case 2 respectively, which is because the average key updating period is fixed to 275 s and 8.25 Tbit in case 1 and case 2 respectively. All the services are secure when k is 4~6 at 100~140 Erlang. The increase of k may result in the decrease of SPd, which reflects that more secret keys should be supplemented when the updating period types are increased. Thus, there is a trade-off between SPd and updating period types.
Fig. 10 SPd versus traffic load with different k considered under the SPc = 1 and unblocked scenario. (a) case 1 (Nd = 900, ΔT = 50 s); (b) case 2 (Nd = 1200, ΔD = 1.5 Tbit)
7.2.4 SPd versus BP and SPc
According to the aforementioned definition of SPd, it will be influenced by the BP and SPc. In order to evaluate the extent to which SPd is influenced, Fig. 11 (case 1) and Fig. 12 (case 2) demonstrate the results of SPd under different BP and SPc scenarios, where Nc = 1750, Nd = 900, ΔT = 50 s and k = 10 in case 1; Nc = 1750, Nd = 1200, ΔD = 1.5 Tbit and k = 10 in case 2. Figure 11(a) and Fig. 12(a) show the real SPd (SPd-r) and imaginary SPd (SPd-i) under the SPc = 1 and blocked scenario. Here, SPd-i represents the SPd with BP = 0 for comparasion. SPd-r increases as BP increases, which results from the decrease of Bu. Figure 11(b) and Fig. 12(b) show the SPd-r and SPd-i under the SPc < 1 and unblocked scenario. Here, SPd-i represents the SPd with SPc = 1 for comparasion. SPd-r increases as SPc decreases. This is because the Sc is decreased. Figure 11(c) and Fig. 12(c) show the results of SPd-r under the SPc < 1 and blocked scenario. We can see that SPd-r is influenced by BP and SPc. The reason is that BP may influence the unblocked number of services (Bu) and SPc-r may influence the number of services successfully being allocated with the secure control channels (Sc). Thus, in order to guarantee the security of all the services via the data channels in software-defined optical networks secured by QKD, KoD is an efficient way for key assignment. In addition, we observe that the results of SPd in case 1 and case 2 are approximately the same under several scenarios, e.g., Fig. 11(c) and Fig. 12(c), and hence, different cases for key updating can be utilized to demonstrate similar security performance.
Fig. 11 Case 1. (a) SPd-r and SPd-i under the SPc = 1 and blocked scenario; (b) SPd-r and SPd-i under the SPc < 1 and unblocked scenario; (c) SPd-r under the SPc < 1 and blocked scenario
Fig. 12 Case 2. (a) SPd-r and SPd-i under the SPc = 1 and blocked scenario; (b) SPd-r and SPd-i under the SPc < 1 and unblocked scenario; (c) SPd-r under the SPc < 1 and blocked scenario
8. Conclusion
In this paper, we introduce for the first time the KoD method for software-defined optical networks secured by QKD, the enhancement of QKD over SDON architecture, and a novel RWKA algorithm to enable KoD jointly for control channels and data channels. Two types of QKPs are constructed in the QKD over SDON architecture to ensure the security of control messages via the control channels and services via the data channels. AES algorithm is utilized to encrypt control messages and services. Two cases of key-updating based on time complexity and data complexity of attacks are considered for key assignment. Simulation results show that KoD is beneficial to achieve the balance of security requirements and key resource usage. The SPc and SPd can be increased by provisioning more secret keys. SPd can also be increased at the cost of decreasing the security levels of services, key-updating period types and traffic loads. SPc is influenced by BP, whereas SPd is influenced by BP and SPc. To enhance the security performance of control channels and data channels in software-defined optical networks, we can provision sufficient secret keys in QKPs and perform key-updating considering potential cyberattacks. Moreover, our proposed KoD approach is an efficient way for key assignment in software-defined optical networks secured by QKD.
Funding
National Science and Technology Major Project(Grant No. 2017ZX03001016), and National Natural Science Foundation of China (NSFC) Project (Grant No. 61571058 and 61601052).
References and links
1. P. J. Winzer, “Scaling optical fiber networks: challenges and solutions,” Opt. Photonics News 26(3), 28–35 (2015).
2. M. P. Fok, Z. Wang, Y. Deng, and P. R. Prucnal, “Optical layer security in fiber-optic networks,” IEEE Trans. Inf. Forensics Security 6(3), 725–736 (2011).
3. N. Skorin-Kapov, M. Furdek, S. Zsigmond, and L. Wosinska, “Physical-layer security in evolving optical networks,” IEEE Commun. Mag. 54(8), 110–117 (2016).
4. Y. Zhao, R. He, H. Chen, J. Zhang, Y. Ji, H. Zheng, Y. Lin, and X. Wang, “Experimental performance evaluation of software defined networking (SDN) based data communication networks for large scale flexi-grid optical networks,” Opt. Express 22(8), 9538–9547 (2014). [PubMed]
5. D. B. Rawat and S. R. Reddy, “Software defined networking architecture, security and energy efficiency: a survey,” IEEE Commun. Surveys Tuts. 19(1), 325–346 (2017).
6. S. Scott-Hayward, G. O’Callaghan, and S. Sezer, “SDN security: A survey,” in Proceedings of IEEE SDN Future Netw. Services, Trento, Italy, 1–7 (2013).
7. N. Wolchover, “A tricky path to quantum-safe encryption,” Quanta Magazine, Sept. 2015.
8. Quantum-Safe Security Working Group, “What is quantum key distribution?” Cloud Security Alliance, Dec. 2015.
9. W. Maeda, A. Tanaka, S. Takahashi, A. Tajima, and A. Tomita, “Technologies for quantum key distribution networks integrated with optical communication networks,” IEEE J. Sel. Top. Quantum Electron. 15(6), 1591–1601 (2009).
10. H. K. Lo, M. Curty, and K. Tamaki, “Secure quantum key distribution,” Nat. Photonics 8, 595–604 (2014).
11. H. K. Lo and H. F. Chau, “Unconditional security of quantum key distribution over arbitrarily long distances,” Science 283(5410), 2050–2056 (1999). [PubMed]
12. R. J. Runser, T. E. Chapuran, P. Toliver, M. S. Goodman, J. Jackel, N. Nweke, S. R. McNown, R. J. Hughes, C. G. Peterson, K. McCabe, J. E. Nordholt, K. Tyagi, P. Hiskett, and N. Dallmann, “Demonstration of 1.3 μm quantum key distribution (QKD) compatibility with 1.5 μm metropolitan wavelength division multiplexed (WDM) systems,” in Proceedings of OFC/NFOEC2005, Anaheim, CA, USA, Mar. 2005, paper OWI2.
13. T. F. da Silva, G. B. Xavier, G. P. Temporão, and J. P. von der Weid, “Impact of Raman scattered noise from multiple telecom channels on fiber-optic quantum key distribution systems,” J. Lightwave Technol. 32(13), 2332–2339 (2014).
14. L. J. Wang, L. K. Chen, L. Ju, M. L. Xu, Y. Zhao, K. Chen, Z. B. Chen, T. Y. Chen, and J. W. Pan, “Experimental multiplexing of quantum key distribution with classical optical communication,” Appl. Phys. Lett. 106(8), 081108 (2015).
15. B. Qi, W. Zhu, L. Qian, and H. K. Lo, “Feasibility of quantum key distribution through a dense wavelength division multiplexing network,” New J. Phys. 12(10), 103042 (2010).
16. A. Aguado, E. Hugues-Salas, P. A. Haigh, J. Marhuenda, A. B. Price, P. Sibson, J. E. Kennard, C. Erven, J. G. Rarity, M. G. Thompson, A. Lord, R. Nejabati, and D. Simeonidou, “Secure NFV orchestration over an SDN-controlled optical network with time-shared quantum key distribution resources,” J. Lightwave Technol. 35(8), 1357–1362 (2017).
17. A. V. Gleim, V. I. Egorov, Y. V. Nazarov, S. V. Smirnov, V. V. Chistyakov, O. I. Bannik, A. A. Anisimov, S. M. Kynev, A. E. Ivanova, R. J. Collins, S. A. Kozlov, and G. S. Buller, “Secure polarization-independent subcarrier quantum key distribution in optical fiber channel using BB84 protocol with a strong reference,” Opt. Express 24(3), 2619–2633 (2016). [PubMed]
18. A. R. Dixon, Z. L. Yuan, J. F. Dynes, A. W. Sharpe, and A. J. Shields, “Continuous operation of high bit rate quantum key distribution,” Appl. Phys. Lett. 96(16), 161102 (2010).
19. K. A. Patel, J. F. Dynes, M. Lucamarini, I. Choi, A. W. Sharpe, Z. L. Yuan, R. V. Penty, and A. J. Shields, “Quantum key distribution for 10 Gb/s dense wavelength division multiplexing networks,” Appl. Phys. Lett. 104(5), 051123 (2014).
20. C. H. Bennett and G. Brassard, “Quantum cryptography: public key distribution and coin tossing,” in Proceedings of the IEEE International Conference on Computers, Systems, and Signal Processing, Bangalore, India, 1984, 175–179.
21. M. Delgado, “Soft processing techniques for quantum key distribution applications,” PhD thesis, Politecnico di Torino, 2012.
22. R. V. Meter and J. Touch, “Designing quantum repeater networks,” IEEE Commun. Mag. 51(8), 64–71 (2013).
23. S. Bahrani, M. Razavi, and J. A. Salehi, “Optimal wavelength allocation in hybrid quantum-classical networks,” in Proceedings of EUSIPCO2016, Budapest, Hungary, Aug. 2016.
24. H. Kawahara, A. Medhipour, and K. Inoue, “Effect of spontaneous Raman scattering on quantum channel wavelength-multiplexed with classical channel,” Opt. Commun. 284, 691–696 (2011).
25. N. A. Peters, P. Toliver, T. E. Chapuran, R. J. Runser, S. R. McNown, C. G. Peterson, D. Rosenberg, N. Dallmann, R. J. Hughes, K. P. McCabe, J. E. Nordholt, and K. T. Tyagi, “Dense wavelength multiplexing of 1550 nm QKD with strong classical channels in reconfigurable networking environments,” New J. Phys. 11(5), 045012 (2009).
26. Y. Cao, Y. Zhao, X. Yu, and Y. Wu, “Resource assignment strategy in optical networks integrated with quantum key distribution,” J. Opt. Commun. Netw. (to be published).
27. G. S. Vernam, “Cipher printing telegraph systems for secret wire and radio telegraphic communications,” Trans. Am. Inst. Electr. Eng. 55, 109–115 (1926).
28. C. E. Shannon, “Communication theory of secrecy systems,” Bell Labs Tech. J. 28(4), 656–715 (1949).
29. P. Jouguet, S. Kunz-Jacques, T. Debuisschert, S. Fossier, E. Diamanti, R. Alléaume, R. Tualle-Brouri, P. Grangier, A. Leverrier, P. Pache, and P. Painchault, “Field test of classical symmetric encryption with continuous variables quantum key distribution,” Opt. Express 20(13), 14030–14041 (2012). [PubMed]
30. P. Eraerds, N. Walenta, M. Legr’e, N. Gisin, and H. Zbinden, “Quantum key distribution and 1 Gbit/s data encryption over a single fibre,” New J. Phys. 12(6), 063027 (2010).
31. G. Sharma and S. Kalra, “A novel scheme for data security in cloud computing using quantum cryptography,” in Proceedings of AICTC2016, Bikaner, India, Aug. 2016.
32. National Institute of Standards and Technology (NIST), “Advanced Encryption Standard (AES),” Federal Information Processing Standard (FIPS) 197, Nov. 2001.
33. G. V. Assche, Quantum Cryptography and Secret-Key Distillation (Cambridge University, 2006).
34. P. Derbez, P. A. Fouque, and J. Jean, “Improved key recovery attacks on reduced-round AES in the single-key setting,” in Proceedings of EUROCRYPT2013, Athens, Greece, May 2013.
35. W. Stallings, Cryptography and Network Security: Principles and Practice (Prentice Hall, 2011).
