## Abstract

This paper proposes a novel physical-enhanced chaotic secure strategy for optical OFDMA-PON based on two-dimensional (2-D) scrambling. In order to enhance the physical security, a multi-layer chaotic mapping is proposed to generate the scrambling vectors. It can enhance the chaotic characteristic of Logistic mapping and increase the key space. Furthermore, the 2-D scrambling jointly utilizing frequency subcarriers and time-slots can improve the system resistance to eavesdropper. The feasibility of 15.6 Gb/s 2-D encrypted 64QAM-OFDM downstream signal has been successfully demonstrated in the experiment. The robustness of the proposed method shows its prospect in future OFDM access network.

©2012 Optical Society of America

## 1. Introduction

The next-generation passive optical network (PON) has been anticipated to meet the future bandwidth demand and service allocation [1–3]. Recently, orthogonal frequency division multiple access passive optical network (OFDMA-PON) has been envisioned as a prominent candidate for future cost-effective and flexible PONs beyond 40G [2–5]. With the high-order quadrature amplitude modulation (QAM) and flexible subcarriers and time-slots distribution, OFDMA-PON can effectively achieve a huge number of subscribers and scalable network capacity [6, 7]. Considering the large amount of subscribers and freedom flexibility, security becomes one of the major concerns in OFDMA-PON. Due to the broadcast nature of the network, it is particularly susceptible to the outside intruders. Among various proposed security technologies, most of them focus on the cryptographic protocols at high-layer such as media access control (MAC) layer. However, it only encrypts the information data but lefts the control data or headers unprotected, which is a risky practice for the network [8]. It is desirable to ensure that the physical layer can secure the network against threats which might target the lowest layer. On the other hand, due to the convenient digital processing of OFDM signal, it is feasible to realize data encryption at the physical layer in OFDMA-PON. Chaotic communication is a promising way to provide data confidentiality due to its high initial condition sensitivity, and it can efficiently improve the system security [9, 10].

Recently, we have proposed a method to increase the OFDM-PON security at physical layer by employing chaos scrambling, and the Logistic scrambling is realized at the frequency domain of OFDM signal [11]. However, due to the finite precision of digital signal processing, it is difficult to maintain good chaotic kinetics characteristics when the scrambling size is small, which would lead to a finite iteration period for the single domain chaotic encryption and reduce the secure key strength. Beside, the Logistic map would be attacked due to its simple parabola orbit and single Lyapunov exponent.

In this paper, we propose and experimentally demonstrate a novel two-dimensional (2-D) chaos scrambling method to enhance the physical security in OFDMA-PON. A multi-layer chaotic mapping is proposed to generate the scrambling vectors, which can increase the unpredictability of chaotic mapping and strengthen the key space while maintaining a simple structure. Besides, the data on both frequency and time domains are scrambled through chaotic mapped scrambling matrices. The exchange matrix and scramble vectors at frequency and time domain compose the scrambling matrices, which can improve the secure key space and the key strength. A 15.6 Gb/s encrypted 64QAM-OFDM signal is successfully demonstrated in our experiment. The measured results show the effectiveness of the technique over optical OFDMA networks.

## 2. Principle

The proposed physical secure scheme is illustrated in Fig. 1 . We adopt a multi-layer Logistic mapping serving as the chaotic model, which consists of two layers. The upper layer is used to control the bottom layer, while the bottom layer is directly used to generate the scrambling vectors. The 1-D controlled Logistic map serves as the upper layer, which is expressed as

*μ*= 3.94 in this paper. For the bottom layer, it also adopts controlled Logistic map, and the control from upper layer is realized through numerical mapping. The chaos model can be expressed aswhere λ* and ${x}_{n}^{b*}$are two controlled parameters by upper layer, and the numerical mapping of λ* and ${x}_{n}^{b*}$can be expressed as

_{1}and ε

_{2}are two constant values which ensure the chaotic nature of bifurcation parameters, and we choose ε

_{1}= 1/16 and ε

_{2}= 3.35 in our following experiment. The control from upper layer is opened every G × CP period, where CP is the time length of OFDM cyclic prefix and G is a constant number. It endows the chaotic mapping a random change at the bottom layer. To the illegal ONU, the upper layer is an indirect parameter and it can enhance the security.

An unscrambled OFDM signal with *N* number of subcarriers is given by

_{k}is the input QAM mapped symbols on k

^{th}subcarrier and

*T*is time-slot. Before scrambling, the QAM symbols are scrambled by an exchange vector M

_{E}with size of 2 × 2, and the scrambled symbols can be expressed as

_{i,k}denotes the i

^{th}symbol on k

^{th}subcarriers, and the elements of a and b are generated through Logistic iteration in Eq. (1). It can mask the original information and improve the security. Then the scrambled QAM symbols are fed into the OFDM modulation block where frequency and time domain scrambling are executed. The generation of exchange vector has been originally demonstrated in our previous work [11]. The encrypted OFDM signal can be expressed as

_{k}is the scrambled QAM symbols by Eq. (5), M

_{F}and M

_{T}are frequency scramble vector and time domain scramble vector. At the ONU, the received signal goes through a reverse processing to recover the information. The correct information can be obtained only by its own secure key.

## 3. Experiment and results

The schematic diagram of the experiment is shown in Fig. 2 . The offline DSP processing is adopted to generate the encrypted OFDM signal. The fast Fourier transform (FFT) size of the original OFDM signal is 128, which is same as the length of time window. Cyclic prefix and guard interval is 1/16 and 1/8 of OFDM symbol length respectively. Software up-conversion is adopted for OFDM signal, and the central RF frequency is 2.2 GHz. The encrypted signal sequence is loaded into an arbitrary waveform generator (AWG) with a sample rate of 10Gs/s to generate the corresponding electrical signal waveform. The data rate is 15.6 Gb/s for 64QAM mapped OFDM signal, and the spectrum and waveform is shown in Fig. 3 . The electrical output of AWG is used to modulate a CW light at 1552.15nm through an intensity modulator (IM), which works at 1.7V with a half-wave voltage of 3.5V. A commercial EDFA is employed to amplify the optical signal to 4 dBm before sent into 25km fiber link. At the ONU side, the direct detection and offline DSP processing is executed for the signal demodulation. Before O/E conversion, an optical filter is adopted to further suppress the ASE noise. The received signal is sampled with a 20Gs/s real-time sampling scope after direct detection via 10-GHz photodiode (PD). For the illegal ONU, it is difficult to thieve the data from other ONUs without the right key.

Figure 4 illustrates the phase diagrams of the conventional Logistic map and multi-layer controlled Logistic map. The chaotic behavior of multi-layer controlled Logistic map enhances a lot compared with the conventional map. The distribution of phase diagram shows a chaotic orbit rather than parabola curve. It will be difficult to recover the phase diagram by chaos characteristic forecast attack. The drawback of finite precision of digital chaos mapping can be improved with multi-layer controlled Logistic map.

The pseudo random QAM symbol scrambling is executed through the exchange matrix of M_{E}. It can be treated as part of secure key for physical layer encryption. Figure 5
illustrates the statistical histograms of the QAM symbols before and after scrambling. It can be observed that the distribution is averaged after QAM symbol scrambling, which is able to cover the statistical characteristic of original symbols and resist the statistical analysis attack.

In access network, the key space should be as large as possible to make the brute-force attack infeasible. With multi-layer chaotic mapping and 2-D scrambling, the key space can be significantly increased. In our proposed scheme, the secure key is consisting of the initial values of upper layer and bottom layer chaotic maps, the element value of M_{E}, scrambling sizes of M_{F} and M_{T} and the period of numerical mapping. Assuming the scrambling sizes of M_{F} and M_{T} are L, the secure key can be written as (${x}_{0}^{up}$, ζ, *μ*,${x}_{0}^{b}$, ε_{1}, ε_{2}, a, b, L, *G*). Considering there would be (L!)^{2} possible trial number to get the correct M_{F} and M_{T} for 2-D scrambling, the key space would be as large as 4.831 × (L!)^{2} × 10^{170} if double-precision float value is adopted. In the experiment, we have L = 128 and the key space would be 7.16 × 10^{601} compared with 3 × 10^{215} of 1-D scrambling. It is efficient to resist the brute-force attack. In real practice, if assuming the hardware resolution is 12-bit, the key space would be 3.24 × (L!)^{2} × 10^{32}. We have L = 128 in the experiment and the key space is 4.82 × 10^{463}.

We have measured the bit error ratio (BER) performance both for illegal and regular ONUs before and after transmission, and the results are illustrated in Fig. 6
. In our measurement, OFDM symbols composed of non-repeated random binary data with the bits number of 2 × 10^{5}~3 × 10^{6} are adopted to calculate BER by error counting for each case. At the regular ONU, an optical power penalty less than 0.2 dB was observed at the BER of 10^{−3} when compared to back-to-back (b2b) measurement. It is clear that the illegal ONU has got a BER of 0.5, which indicate a good resistance to eavesdropping. If 1-D scrambling (only at frequency domain) is adopted, the measured BER at illegal ONU is about 0.42, which is also shown in Fig. 6. Due to the limitation of the scrambling size and lack of time domain scrambling, the 1-D scrambling method cannot get a BER value of 0.5. For 2-D scrambling, it can get better resistance with same scrambling size. Figure 6 also shows the BER curve of conventional 64QAM-OFDM signal at b2b case. The optical power penalty is about 0.1 dB compared with the 2-D scrambled signal. Although the hardware resolution would result in extra power penalty for the chaos scrambling, the digital quantification has been made during generation of scrambling matrix. It can mitigate the effect from the hardware performing. In order to investigate the power budget of the system, we have also measured the BER curves with a 10G avalanche photodiode (APD). The receive sensitivity at BER of 10^{−3} is about −21.5 dBm, which leads to an optical power budget of 25.5 dB.

## 4. Conclusion

We have proposed and experimentally demonstrated a novel physical-enhanced 2-D scrambling secure OFDMA-PON based on multi-layer controlled Logistic chaos mapping. It can significantly increase the chaotic characteristic of Logistic mapping as well as the key space. The 2-D scrambling can further enhance the resistance to eavesdropper with same scrambling size compared with 1-D scrambling. A trial time of 7.16 × 10^{601} and BER of 0.5 are obtained at the illegal ONU with 2-D scrambling size of 128 × 128. The experiment results show a good resistance against illegal ONU.

## Acknowledgments

The financial supports from National Basic Research Program of China with No. 2010CB328300, National High Technology 863 Program of China with No. 2012AA011301(04), National International Technology Cooperation with No. 2012DFG12110, National NSFC with No. 60932004, 61077050, 61205066, 61275074 are gratefully acknowledged. The project is also supported by the Fundamental Research Funds for the Central Universities with No. 2012RC0311.

## References and links

**1. **N.-C. Tran, E. Tangdiongga, C. Okonkwo, H. Jung, and T. Koonen, “Flexibility level adjustment in reconfigurable WDM-TDM optical access networks,” J. Lightwave Technol. **30**(15), 2542–2550 (2012). [CrossRef]

**2. **N. Cvijetic, “OFDM for next-generation optical access networks,” J. Lightwave Technol. **30**(4), 384–398 (2012). [CrossRef]

**3. **R. Schmogrow, M. Winter, D. Hillerkuss, B. Nebendahl, S. Ben-Ezra, J. Meyer, M. Dreschmann, M. Huebner, J. Becker, C. Koos, W. Freude, and J. Leuthold, “Real-time OFDM transmitter beyond 100 Gbit/s,” Opt. Express **19**(13), 12740–12749 (2011). [CrossRef] [PubMed]

**4. **H.-Y. Chen, C. C. Wei, D.-Z. Hsu, M. C. Yuang, J. Chen, Y.-M. Lin, P.-L. Tien, S. S. W. Lee, S.-H. Lin, W.-Y. Li, C.-H. Hsu, and J.-L. Shih, “A 40-Gb/s OFDM PON system based on 10-GHz EAM and 10-GHz direct-detection PIN,” IEEE Photon. Technol. Lett. **24**(1), 85–87 (2012). [CrossRef]

**5. **J. Zhao and A. Ellis, “Transmission of 4-ASK optical fast OFDM with chromatic dispersion compensation,” IEEE Photon. Technol. Lett. **24**(1), 34–36 (2012). [CrossRef]

**6. **X. Q. Jin, E. Hugues-Salas, R. P. Giddings, J. L. Wei, J. Groenewald, and J. M. Tang, “First real-time experimental demonstrations of 11.25Gb/s optical OFDMA PONs with adaptive dynamic bandwidth allocation,” Opt. Express **19**(21), 20557–20570 (2011). [CrossRef] [PubMed]

**7. **N. Cvijetic, M.-F. Huang, E. Ip, Y. Shao, Y.-K. Huang, M. Cvijetic, and T. Wang, “1.92 Tb/s coherent DWDM-OFDMA-PON with no high-speed ONU-side electronics over 100 km SSMF and 1:64 passive split,” Opt. Express **19**(24), 24540–24545 (2011). [CrossRef] [PubMed]

**8. **M. P. Fok, Z. Wang, Y. Deng, and P. R. Prucnal, “Optical layer security in fiber-optic networks,” IEEE Trans. Inf. Forensics and Security **6**(3), 725–736 (2011). [CrossRef]

**9. **C. E. Shannon, “Communication theory of secrecy systems,” Bell Syst. Tech. J. **28**, 656–715 (1949).

**10. **S.-L. Chen, T. T. Hwang, and W.-W. Lin, “Randomness enhancement using digitalized modified logistic map,” IEEE Trans. Circuits Syst., II Express Briefs **57**(12), 996–1000 (2010). [CrossRef]

**11. **L. Zhang, X. Xin, B. Liu, and J. Yu, “Physical-enhanced secure strategy in an OFDM-PON,” Opt. Express **20**(3), 2255–2265 (2012). [CrossRef] [PubMed]