We propose a method for covert fiber-optic communication in both frequency and time domains. The power spectral density of the pulse sequence bearing the information is spread in the frequency domain below the noise level by means of sampling. In addition, temporal phase encryption prevents the coherent addition of the various pulses in the frequency domain, further reducing the signal power spectral density. Thus, there is no need to transmit the signal within the bandwidth of a public user in order to spectrally conceal the signal. Temporal spreading of the pulse sequence is achieved by spectral phase encoding, resulting in a stealthy temporal and spectral transmission.
© 2011 OSA
The rapid spread of optical communication systems has increased the need for proper security solutions in order to prevent eavesdropping and jamming. Spread spectrum encryption techniques seem to be appropriate for optical communication systems due to their large bandwidth which enables to achieve high processing gain .
Methods for covert transmission using coherent optical code-division multiple-access (OCDMA) are proposed in [2–4]. In these methods, the signal is encrypted in the time domain using a dispersive element which encodes the spectral phase of the signal. Implementing the approaches presented in [5,6], the temporal phase of the dispersed signal is encoded, hence assigning different phase to each spectral component. However, using these encryption methods when transmitting outside the bandwidth of a public channel, the spectral concealment of the signal is not promised since the signal is not necessarily spectrally hidden under the noise level. If the signal is not concealed in the frequency domain, an adversary that coherently detects and samples the signal can perform Discrete Fourier Transform, therefore disclosing the spectral amplitude of the signal. Hence, the transmitted signal is not spectrally stealthy.
In the encryption method which is proposed in this work, the spectral amplitude of the signal is deliberately spread wide, essentially enabling to transmit a signal with low power spectral density (PSD), keeping the signal below the noise level in the frequency domain. The spectral spreading is achieved by sampling the signal. At the receiver, all the spectral replicas of the signal are folded to the baseband, therefore the PSD of the signal is reconstructed and in turn, the signal to noise ratio (SNR) is improved. This is achieved by coherently adding all the signal's spectral replicas at the baseband (hence the signal is reinforced) whereas the spectral replicas of the noise are added incoherently (consequently they are averaged to a low value).
The proposed covert communication system performances are analytically derived and shown to be supported by those accomplished by simulating the communication system. Finally, the encryption strength is estimated.
2. System description
Suppose an information source generating a bit sequence which modulates an optical carrier with frequency . The modulation results in the pulse sequence which we would like to encrypt in both time and frequency domains. Each pulse in the sequence has pulse width and double sided bandwidth . The gap between two sequential pulses in the time domain is , satisfying . A digital implementation of the proposed communication system is illustrated in Fig. 1 . For the simplicity of the mathematical analysis we discuss an equivalent analog system presented in Fig. 2 .
First, each pulse is multiplied by a different temporal phase term. Accordingly, the addition of the Fourier Transform (FT) of the various pulses in the signal bandwidth is incoherent, thus reducing the PSD of . Then, a sampler with sampling frequency is applied to have spectral replicas of the signal in the frequency domain, being the communication system bandwidth. An analog sampler can be implemented by a modulator transmitting a burst of the optical signal each seconds. In addition, the spectral phase of the signal is optically encoded, spreading the signal in the time domain. Finally, the signal's amplitude is amplified by in order to compensate for the attenuation of the spectral amplitude of the signal stemming from the spectral spreading of the signal due to the sampling. White Gaussian noise is added due to amplification and channel noises. The signal spreading in the time and frequency domains keeps it below the noise level in both domains.
The decryption process begins with optical spectral phase decoding followed by coherent detection. The signal is subsequently sampled at sampling frequency in order to fold all its spectral replicas to the baseband where they are coherently added. Then, a filter matched to is applied. Finally, the temporal phase of the signal is decoded and the signal is sampled with sampling interval . The original bit sequence is recovered by a decision circuit.
2.1 Encoder configuration
Suppose a bit sequence modulating an optical carrier, generating a pulse sequence represented by the analytical signal:
The temporal phase of the signal is encoded with the following phase:Fig. 2 resulting from the temporal phase encoding is:
The signal is subsequently sampled, yielding the analytical signal at point 2. Supposing the bandwidth of the communication system is BW, the sampled signal has the following FT:
Then, the spectral phase of the signal is encoded. The phase encoding has two goals. The first is signal spreading in the time domain in order to conceal it under the noise level. The second goal is to prevent reconstruction of the signal spectral amplitude by an eavesdropper that samples the signal in order to coherently add its spectral replicas at the baseband while the spectral replicas of the noise are added incoherently. The spectral phase encryption turns the addition of the spectral replicas to incoherent addition, thus the signal is kept bellow the noise level in the frequency domain.
The phase encrypting the spectral frequency of the signal has the following form in the positive frequency domain:7–11]. Sub-GHz spectral resolution is expected to be available as commercial tunable wavelength-division multiplexing (WDM) lasers already reach 1GHz resolution using Bragg gratings for optical filtering. Using sub-GHz optical filters enables spectral phase encoding at this resolution. The phase encoding can be either spatial, using a spatial light modulator (SLM) as performed in [7,8], or in-fiber by using in-fiber phase modulators.
Consequently, the spectral phase encoded analytical signal at point 3, has FT:
After transmission, white Gaussian noise with autocorrelation and FT is added to the signal due to amplifier and channel noises. It should be noted that is a white Gaussian noise with autocorrelation . The noise is represented by the analytical signal having FT where is the step function:
2.2 Decoder configuration
The decryption process begins with dispersion compensation followed by spectral phase decoding. Chromatic dispersion can be either compensated by dispersion compensating fibers or avoided by using dispersion shifted fibers for transmission. Polarization mode dispersion (PMD) can be compensated using the coherent method offered in . It should be mentioned that the PMD compensation dynamics is in the sub-MHz rate, thus much slower than the on-line decryption process. Spectral phase decoding can be optically implemented by a spectral phase decoder (SPD) multiplying the FT of the analytical signal with . The bandwidth of the SPD is BW, giving rise to the analytical signal at point 5, with FT:
The signal is then coherently detected and passed through a low pass filter with bandwidth BW, yielding the electrical analytical signal at point 6 which has FT:Equation (14) can be written as:
Then, a filter matched to filters . Consequently, the signal is achieved at point 8 having FT:Eq. (19) zero, therefore, only the terms with are left. Thus, Eq. (19) turns to:Eq. (21) denotes the signal whereas the right term denotes the noise. Multiplying these terms by , the first term linearly increases with M since it comprises M spectral replicas of the signal which are coherently added at the baseband and filtered by the matched filter. The noise term does not linearly increase with M since the spectral noise shifts are added incoherently. This distinction between the decoded signal and the noise will be further expressed later when the SNR of the decoded signal is derived.
The temporal phase of the signal is then decoded. Hence, the analytical signal at point 9 is:
Equation (23) can be further developed to yield:
3. System expected performances
3.1 SNR after decryption
The SNR of the decrypted signal is given by:Eq. (26) it can be seen that:Eq. (32) gives:Eq. (24), it can be shown that . Hence:
There are two effects enabling to conceal the signal below the noise level in the time domain. The first is the processing gain which is shown in Eq. (37) to increase the SNR by factor where BW is the bandwidth of the encrypted signal and is the bandwidth of the unencrypted signal. This gain stems from the coherent addition of the signal's M spectral replicas at the decryption process. Hence, a low power signal can be transmitted, relying on the processing gain.
The second effect is the signal spreading in the time domain resulting from the spectral phase encryption. The unencrypted signal has bandwidth , which is widened to bandwidth BW at point 2 in Fig. 2 due to the sampling. The spectral phase encoder (SPE) generates chips in the frequency domain at point 3, being the spectral resolution of the spectral phase code. Hence, each of the signal's samples is spread by factor . Since the unencrypted signal is wider than its samples in the time domain by , the encrypted signal is temporally spread by factor relatively to the unencrypted signal. Assuming BW = 80GHz, and , the encrypted signal contains spectral replicas and it is spread by factor in the time domain.
3.2 BER after decryption
Since the decoder is a linear system the noise after the decryption process remains Gaussian. The average of the sampled noise at point 10 in Fig. 2 is:Eq. (36).
The BER for the case of a Gaussian noise is given by:Eq. (37), the BER is:
4. Signal hiding in the frequency domain
Suppose an optical signal processed by a spectrum analyzer. Coherent detection yields the electrical signal , measured in Volts. The FT of is . The PSD of is:
We would like to estimate the PSD of the signal and the noise measured by an adversary trying to reveal the cloaked signal in the frequency domain by means of coherently detecting and sampling the signal in order to fold its spectral replicas to the baseband. Ensuring a stealthy transmission in the frequency domain is an advantage of the proposed method over the methods described in [2–6]. According to Eq. (1), the duration of the pulse sequence is .
The encrypted signal was shown in Eq. (12) to be:Eq. (42) becomes:Eq. (49) becomes:
The spectral SNR experienced by the adversary increases with . Having spectral replicas of the signal, this term can be attenuated by factor due to the processing gain resulting from the coherent addition of the spectral replicas. Hence, taking a large number of spectral replicas enables to reduce the power of the pulses in the transmitted pulse sequence. In addition, the spectral SNR decreases with which is the white Gaussian noise double sided PSD and with , which is the temporal interval between two sequential pulses. Enlarging this interval immerses the signal more deeply in the spectral noise.
Equation (52) implies that the spectral SNR measured by the adversary depends neither on the number of pulses in the pulse sequence, nor in the number of the signal spectral replicas. The independence in the number of pulses is achieved due to the temporal phase encryption, which prevents the coherent addition of the various pulses in the pulse sequence at the baseband. In addition, the independence in the number of spectral replicas results from the spectral phase encryption which prevents the coherent addition of the signal's spectral replicas at the baseband.
5. Simulation and results
5.1 Simulated system configuration
The generated simulation realizes the system described in Fig. 2 with the following parameters:
- • Number of pulses in a single analyzed pulse sequence - .
- • Pulse sequence duration - .
- • Temporal gap between two sequential pulses - .
- • Temporal pulse width - . Taking results in degradation of the SNR and BER after decoding due to inter-symbol interference.
- • Pulse bandwidth - .
- • Transmission bandwidth - (unless noted otherwise). Current analog to digital converters used for coherent detection are limited to bandwidth of about 50GHz.
- • Additive white Gaussian noise double sided PSD - .
- • Quantization level of the temporal phase encoding - Qt = 64.
- • Quantization level of the spectral phase encoding - Qf = 64.
- • Spectral resolution of spectral phase encoding - .
The modulating format of the pulse sequence was on-off-keying. Each pulse in the sequence has a raised cosine shape in the time domain with rolloff factor . The temporal and spectral phases encoding the pulse sequence are uniformly distributed between 0 and .
A sequence of one million pulses (which is composed of 2000 pulse sequences, each having pulses) was run in order to evaluate the BER after decryption.
The SNR used for the original baseband pulse passing through a matched filter was . The SNR and BER of the decoded pulse sequence were examined for various values of the transmission bandwidth BW. Their expected values are given in Eq. (37) and Eq. (40) respectively.
Figure 3 presents the SNR after decoding. The theoretical SNR matches the one measured by the simulation. In addition, an opponent trying to recover the signal with randomly chosen temporal and spectral encoding phases, having the same quantization, temporal and spectral resolution as the authorized user was simulated. It is shown that the eavesdropper experiences very low SNR since signal is spread below the noise level. The SNR measured by the adversary varies with the transmission bandwidth since various spectral slices of the spectral phase encoder (SPE) are used, therefore influencing the matching between the SPD of the authorized user and the eavesdropper.
The BER after decoding is illustrated in Fig. 4 . Three graphs are used for the authorized user. The first denotes the theoretical BER. The second graph exhibits the BER calculated by substituting the measured SNR from Fig. 3 in Eq. (40). The third one is the BER measured by the simulation. It should be noted that the deviation of the measured BER from the two other BER graphs (the theoretical graph and the one calculated from the SNR) for the case of an authorized user with transmission bandwidth of 80GHz stems from the limited statistics of the simulation. While the expected BER is about 10-5.5, only 106 pulses are run by the simulation, hence the number of measured erroneous bits is lower than that expected by the two other graphs. The BER measured by the adversary is very high (about 0.5). The threshold chosen for the eavesdropper is half the maximal power of its received noiseless signal.
Figure 5 shows the decoded pulse sequence in time and frequency domains for the authorized user and the adversary. The transmission bandwidth is BW = 80GHz. Figure 5(a) and Fig. 5(b) present a 5nsec interval of the noiseless original pulse sequence and the noisy decoded pulse sequence passed through a matched filter for the authorized user and the eavesdropper respectively. The eavesdropper cannot observe the signal while the authorized user can easily detect it. Figure 5(c) and Fig. 5(d) exhibit the PSD normalized by , measured by the authorized user and the adversary respectively for a single pulse sequence consisting of 500 pulses. In the first case, the signal is well raised above the noise level while being significantly lower than the noise PSD for the latter due to the incoherent addition of the spectral replicas and incorrect temporal phase decoding, which prevents the coherent addition of the various temporal pulses in the frequency domain.
5.3 Encryption strength estimation
In order to evaluate the encryption strength the following assumptions are made:
- • The SNR used for the original baseband pulse passing through a matched filter was (corresponding to SNR = 18dB and BER = 10-4.5 after authorized decryption).
- • The goal of the eavesdropper is to raise the signal above the noise level in either time or frequency domain.
- • The eavesdropper has a-priory knowledge about the encryption and decryption method. The only parameters that should be guessed are the temporal and spectral phase codes.
- • The eavesdropper tries to deduce the spectral and temporal phase codes by working with roughly quantized temporal and spectral phase codes.
- • The eavesdropper needs to properly guess at least and temporal and spectral phases in order to reveal the signal in either time or frequency domain.
- • When observing the signal, the adversary tries to refine the phase quantization of the guessed phases in order to improve the measured SNR and BER.
- • The encryption strength is defined as the time interval needed to accomplish the goal of the eavesdropping process.
- • The eavesdropper has the same spectral and temporal phase decoders as the authorized user. The maximal SPD's SLM update frequency of the eavesdropper is:.
Using the simulation it was observed that the spectral resolution of the spectral phase code has major influence over the number of spectral phases needed for the eavesdropper to properly guess in order to reveal the signal in the time domain. Larger spectral resolution results in a higher . For example, using 100 different randomly chosen spectral phase codes for the authorized user and the eavesdropper with Qf = 256 (which are already commercial) and , the mean value observed for was 158 with standard deviation of 33.33. Reducing the spectral phase code resolution to , the average became 76 with standard deviation of 23.14.
is also affected by the number of spectral phase code quantization levels Qf. A larger Qf results in a larger . For instance, when working with , Qf = 2, the average required reduced to 51.1 with standard deviation of 21.07.
The time interval required for the adversary to get in the time domain is give by:
For the case of and Qf = 256, substituting , Eq. (53) gives:
can be found by estimating the number of temporal phases needed to be properly guessed by an adversary using a binary quantized temporal phase decoder in order to raise the signal above the noise level in the frequency domain after properly guessing spectral phases with the binary quantized SPD. For example, a spectral phase code and an adversary SPD yielding were chosen (). The peak of the spectral SNR became positive at .
Hence, using high resolution and highly quantized phase decoding, the encryption system can cause the eavesdropping process involving a “brute force” attack in which the temporal and spectral phase codes are randomly guessed to last a very long time interval in order to raise the signal above the noise level in time and frequency domains. This time interval is irrelevant for the eavesdropper.
A second kind of possible attack is such that the eavesdropper is assumed to determine the original unencrypted signal known as “Chosen-plaintext attack” . The encryption methods proposed in [2–4] enable the spectral phase code disclosure when the eavesdropper sends a known pulse sequence from the encoder of the authorized user when the signal is not concealed under the transmission of a public WDM user. The spectral phase of the sent pulse sequence is known to the eavesdropper, hence, the spectral phase code is revealed. The temporal phase encrypting the signal in the methods described in [5,6] can be disclosed by sending a narrowband pulse for which the effect of the dispersion is insignificant. The resulting encoded signal is the original signal having its temporal phase encoded. This way, the temporal phase code can be measured by the adversary. The spectral phase code can then be disclosed similarly to methods [2–4]. However, using the encryption method proposed in this work, the pulse sequence is well spread below the noise level in the frequency domain as well as in the time domain, therefore making the recovery of the spectral phase code much more difficult.
A method for spectral and temporal covert communication is presented. The encryption is based on encrypting the temporal phase of the pulse sequence, therefore reducing its power spectral density. The pulse sequence is subsequently spread in the frequency domain by means of sampling, therefore enabling to transmit a signal with low power spectral density. Spectral phase encryption is subsequently applied to spread the signal in the time domain and prevent the eavesdropper from observing the signal in the frequency domain by coherently adding its spectral replicas at the baseband. Hence, at the end of the encryption process the pulse sequence is spread below the noise level in the time and frequency domains. Mathematical modeling as well as numerical investigations demonstrate the applicability of the proposed approach.
References and links
1. A. J. Viterbi, “Spread spectrum communications – myths and realities,” IEEE Commun. Mag. 17(3), 11–18 (1979). [CrossRef]
3. K. Kravtsov, B. Wu, I. Glysk, P. R. Prucnal, and E. Narimanov, “Stealth transmission over a WDM network with detection based on an all-optical thresholder,” in Proceedings of IEEE Conference on Lasers and Electro-Optics (IEEE, 2007), pp. 480–481.
4. B. Wu, A. Agarwal, I. Glesk, E. Narimanov, S. Etemad, and P. R. Prucnal, “Steganographic fiber-optic transmission using coherent spectral-phase-encoded optical CDMA,” in Conference on Lasers and Electro-Optics/Quantum Electronics and Laser Science Conference and Photonic Applications Systems Technologies, OSA Technical Digest (CD) (Optical Society of America, 2008), paper CFF5, http://www.opticsinfobase.org/abstract.cfm?URI=CLEO-2008-CFF5.
6. Z. Gao, X. Wang, N. Kataoka, and N. Wada, “Stealth transmission of time-domain spectral phase encoded OCDMA signal over WDM network,” IEEE Photon. Technol. Lett. 22(13), 993–995 (2010). [CrossRef]
7. D. Sinefeld, C. R. Doerr, and D. M. Marom, “Photonic spectral processor employing two-dimensional WDM channel separation and a phase LCoS modulator,” in Optical Fiber Communication Conference, OSA Technical Digest (CD) (Optical Society of America, 2010), paper OMP5, http://www.opticsinfobase.org/abstract.cfm?URI=OFC-2010-OMP5.
8. D. Sinefeld and D. M. Marom, “Hybrid guided-wave/free-space optics photonic spectral processor based on LCoS phase only modulator,” IEEE Photon. Technol. Lett. 22(7), 510–512 (2010). [CrossRef]
9. X. Wang, “Novel time domain spectral phase encoding/decoding technique for OCDMA application,” in International Conference on Transparent Optical Networks (IEEE, S. Miguel (Portugal), 2009), paper Th.A3.4.
11. D. Miyamoto and H. Tsuda, “Spectral phase encoder employing an arrayed-waveguide grating and phase-shifting structure,” IEEE Photon. Technol. Lett. 19(17), 1289–1291 (2007). [CrossRef]
12. E. Ip and J. M. Kahn, “Digital equalization of chromatic dispersion and polarization mode dispersion,” J. Lightwave Technol. 25(8), 2033–2043 (2007). [CrossRef]
13. J. G. Proakis and M. Salehi, Communication Systems Engineering (Prentice Hall, 1994), Chap. 8.