We demonstrate a novel low-cost photonic-layer secured communication system that incorporates intensity modulation direct detection (IM/DD) scheme with a 4-level pulse amplitude modulation (PAM-4). In the proposed system, the signal is buried under an amplifier’s spontaneous emission (ASE) noise and coded with a spectral phase mask. As a result, the signal is stealthy and encrypted in both frequency and time domains. We analyze the reception performance of the secured signal under direct detection, and analytically compare its SNR with a conventional PAM-4 system, demonstrating that only an eligible receiver achieves a decryption of the stealthy and encrypted signal. Furthermore, we experimentally validate these findings showing a significant processing gain, which allows an error-free reception, despite a negative optical-SNR.
© 2018 Optical Society of America under the terms of the OSA Open Access Publishing Agreement
The demand for high throughput at extremely low cost and low power data transmission raises new challenges for the optical communication technology, and particularly for the physical layer (PHY) . Recently, IEEE 802.3bs/cd and OIF CEI-56G-PAM-4 200G/400G PHY task forces have identified intensity modulation direct detection (IM/DD) 4-level pulse amplitude modulation (PAM-4) as the modulation scheme for achieving 400G transmission. The 400G datacenters inter and intra-connections (DCI) formats assume either eight optical channels carrying 50Gbps each (8x50G) or 4x100G architectures. These recent developments pose PAM-4 as a key modulation format, enabling the immense DCI traffic growth.
At the same time, data privacy and security remain a major concern, as the security protocols implemented at the high-layers of the open systems interconnection (OSI) model are not sufficient in the era of big data . In addition, the security approaches in these layers are limited by both the processing speed of electronics and the capacity of optical networks. Therefore, it is of utmost importance to seek secured PHY methods, on top of available high-layer encryption protocols, to cope with the increasing cyber threats: tapping, jamming and false-data injection. A comprehensive optical PHY security solution should provide encryption alongside with steganography.
Various approaches for PHY security have been suggested . In quantum key distribution (QKD) protocols, the key is secured; however, no steganography is achieved. Chaotic cryptography has also been proposed, yet, it has a small key space and stringent requirements on the hardware. In addition, optical-code division multiple access (OCDMA) encryption methods can be used; however, they require hiding below a public channel .
In [5,6] a new photonic-layer technique for encrypted and stealthy optical communications has been proposed, based on a conventional coherent detection scheme. The referred research relies on encoding using random spectral phase masks (SPMs) and concealment of the encrypted signal using spectral replications and noise loading. The decryption process can be exclusively carried out by the authorized user, which has explicit knowledge of the SPM that was applied at the transmitter. On the other hand, an eavesdropper (Eve) that tries to record the signal without the correct SPM destroys the information permanently. Recently, the method was experimentally verified [7,8]. The twofold effect of encryption and steganography provides a comprehensive security solution for optical PHY.
Although the above method can be implemented in coherent systems, which is the common technology for long-haul (LH) and metro applications, it does not addresses the DCI market which is governed by IM/DD transceivers. It is therefore desired to implement a similar encryption and stealthiness technique over IM/DD scheme, with modulation such as PAM-4.
Here, we propose and demonstrate an encryption method targeting IM/DD PAM-4 systems. The proposed scheme is based on spectral phase encryption of multiple spectral replications, similar to the encryption method proposed in [5–8] over complex signal in coherent systems. In order to enable IM transmission, symmetrical SPM is used to generate real-valued signals. In addition, our study has discovered that although noise mechanism in DD is signal-dependent, the decryption process achieves the same performance as in the coherent detection case. Thus, the authorized user can extract the signal from extremely low optical signal-to-noise ratio (OSNR) channel. A preliminary proof of concept of this approach in IM/DD setup has been recently reported . Here, an extended theoretical analysis is provided along with improved experimental results focused on short-reach DCI links. By means of real phase mask, that encrypts the signal and by processing gain, we achieve encryption and steganography while exploiting a low-cost and low-complexity IM/DD scheme.
The rest of the paper is organized as follows. In Section 2, we present the encryption system, whereas in Section 3 the experimental setup is described. Results and conclusion are provided in Sections 4 and Sections 5 respectively.
2. Optical encryption system
The demonstrated method is based on a twofold security scheme: stealthiness and encryption. The stealthiness is achieved as a result of spectrally-redundant transmission, i.e. the information signal is replicated. In turn, the spectral redundancy can be used to enhance the received SNR in the decryption process, which is referred in this article as a processing gain. This processing gain allows the authorized user to extract the secured signal at a very low SNR, while it remains unobserved for any measurement equipment, neither operating at time nor frequency domains.
The encryption is achieved by applying a random SPM, which serves as the encryption key. The phase mask scrambles the symbols in the time domain, thus every temporal sample is comprised of a linear combination of multiple symbols. Only after decryption with the correct phase mask, the stealthy and encrypted signal is reconstructed by a coherent summation process. The unauthorized user (known as Eve) uses incorrect phase mask which causes an incoherent summation process and destroys the signal. The generation of the stealthy and encrypted signal is described in the following paragraphs.
First, the transmitted PAM-4 symbols are digitally replicated in frequency domain so that each group of symbols is replicated times to create a total transmitted block of samples, where is given in [samples/symbol]. Consequently, the information bandwidth is [Hz], where is the system’s analog bandwidth in [Hz].
Second, the replicated signal is encoded using a SPM. The result of both replication and encryption processes is presented in the frequency domain, by the signal, as follows:
2.1 Phase mask for intensity modulation
The SPM manipulates the spectrum by assigning an arbitrary phase term to each of the signal’s spectral bins. Thus, in the time domain, each of the samples in the transmitted block gets an arbitrary delay, that results with a noise-like waveform of , which is the inverse Fourier transform of Eq. (1). The SPM is comprised of randomly chosen phase values over the unit circle, according to uniform distribution such that . This encoding operation is injective, thus the decoding can be performed exclusively using the inverse mask. In addition, since it manipulates only the phase, the decoding process does not incur noise enhancement. The SPM plays two roles: first, it prevents the coherent summation of the spectral replicas by Eve. Second, the SPM smears the signal in the time domain by shaping its waveform as an arbitrary noise-like signal and hide its symbols pattern.
In order to be transmitted by an intensity modulator, the SPM is imposed to be Hermitian-symmetrical in the spectral domain, to obtain a pure real impulse response. i.e.7,8], where a complex, in-phase and quadrature, transmitter is used. The restriction of symmetrical spectrum shortens the key space by a factor of two. Although the key length is shorter in IM/DD system, yet it can be chosen to satisfy the desired encryption strength, as the spectral resolution of the SPM is user configurable.
In order to calculate the key space, it is assumed a DAC with quantization levels, and a transmission block of symbols. In addition, we consider that a new key is generated per each block that is being transmitted, corresponding to a key exchange rate of . Under these assumptions, the key space is , where the factor of half stems from the IM/DD symmetry restriction. The block size can be chosen according to the buffer size and the computational resources available in the hardware. Choosing longer increases the key space, however, it results with a higher latency in the transmission system. The latency can be estimated by , which is about per the parameters used in the described experiment.
The electrical-to-optical (E-O) conversion is obtained by a Mach-Zehnder modulator (MZM), biased at its quadrature setpoint (Quad + ), and driven by a small signal. The Quad + setpoint is defined for the case where the driving signal fluctuates around [see Eq. (3)], corresponding to on the intensity curve. It is further assumed that the driving voltage is small enough relative to , so that the MZM is operating in its linear regime.
2.3 Receiver side
In this subsection, the pre-processing and post-processing SNRs are defined and analyzed. The pre-processing SNR, , describes the SNR before the decryption, whereas the post processing SNR,, is calculated for the proposed method, after decoding the SPM and executing the coherent summation process. The digital recovery process, as well as the logical points in which the SNRs are calculated, are depicted in Fig. 1.
To calculate the SNRs, the detected current after ac-coupling is formulated as follows
In most conventional optical links, the OSNR is high enough so that the variance of the signal-spontaneous noise, , is dominant over other noise mechanisms. However, in the case of the demonstrated method, both and cannot be neglected, since the system operates at extremely low OSNR regime. In the expression developed for the SNRs, we therefore consider the contributions of and.
Assuming that the signal has been recovered optimally, the following expression is given for a pre-processing SNR:appendix. The result of Eq. (5) is used as a benchmark to be compared later with , which is obtained after executing the decryption process.
2.4 Decryption process and processing gain
In this section, the decryption process in the direct detection system is presented, and quantitative analysis of the processing gain is derived. Two stages of decryption process are executed: (1) spectral phase decoding by linear filter, which is the inverse phase mask (see Sec. 2.1), (2) temporal downsampling (spectral folding) for the coherent summation process. Let us write the Fourier transform of the noise term after the SPD and after temporal sampling, matched filter and spectral phase decoding (SPD) results with spectral folding (aliasing), as stated below:
From Eq. (7) the desired processing gain is derived. Detailed analysis can be found in the appendix. It is shown that for both noise terms, and, the spectral components after SPM decoding are uncorrelated. Therefore, the summations terms appearing at the denominator of Eq. (7) are summed-up in an incoherent manner, that increases the variance by a factor of (the number of spectral replicas within the available analog bandwidth). Consequently, the noise summation terms yield variances of and . This stands against the coherent summation of the signal term at the numerator of Eq. (7), which yields a factor of . One may notice that the summation in Eq. (7) includes replicas; however, filters out half of the edge replicas, therefore only replicas are accounted . The coherent summation of the signal term versus the incoherent summation of both noise terms result in a processing gain (PG), given by:
3. Experimental setup
The experimental scheme and the relevant parameters are shown in Fig. 1, and Table 1 respectively. At the transmitter, offline DSP is used to generate encrypted and stealthy PAM-4 symbols. Then, the signal passes through the following chain: high-speed DAC, linear RF driver and fed into Mach-Zehnder intensity modulator (MZM). The optical output is attenuated and amplified by an EDFA to obtain a controlled ASE loading. As explained in Subsection 2.2, the MZM is biased at its quadrature setpoint to achieve a linear impulse response. In addition, the quadrature setpoint generates an optical CW term, which is non-informative and can be discarded by an optical notch filter, to provide an improved stealthiness.
At this stage, the optical signal is both encrypted and stealthy, as it is buried under the ASE noise. At the receiver, the analog signal is detected and digitized using InGaAs photodetector (PD) and analog-to-digital converter (ADC), respectively. Offline DSP is then applied according to Fig. 1. Finally, the decryption steps are performed: spectral phase decoding for the decryption and downsampling for the coherent summation process.
The experiment is in an optical back-to-back (OBTB) configuration, over a few meters of SSMF, following the assumption that the system contains optical dispersion compensation hardware. We wish to examine the performance penalty, in case where residual dispersion effecting the received signal. Therefore, we simulate stealthy and encrypted transmission over a channel with a chromatic dispersion (CD), with the following parameters: CD coefficient of 17 ps/(nm·km) at wavelength of 1550 nm, and a varying number of spectral replications and different fiber lengths. At each iteration, the post-processing SNR degradation was measured compared to the BTB measurement.
4. Results and discussion
We have performed a set of measurements to evaluate the system’s performance in terms of encryption strength and stealthiness level, versus received OSNR. In Figs. 2, 3, 5, and 6, each series of measurements is indexed by, the information analog bandwidth, and by, the total number of spectral replicas. One can notice that the product constantly equals to 32GHz, corresponding to the available analog double-side bandwidth of the experiment hardware.
In Fig. 2, at each series of measurements we transmit the same signal under various OSNR conditions, while evaluating the pre- and post-processing SNRs at the receiver, per number of replicas. The lower group of dashed curves in Fig. 2 represents the measured SNR before the decryption process is executed, whereas the upper set of continuous curves represents the SNR following the decryption process. For instance, in Fig. 2, while gets smaller, more replicas take part in the decryption process and therefore the processing gain is higher. Higher processing gain allows the system to operate at lower OSNR levels, and thus to achieve better stealthiness for the encrypted signal. The vertical gaps between the dashed and continuous curves represent the processing gain. For example, the dashed vs. solid purple lines (GHz,) is associated with processing gain of 64 (18 dB). Indeed, it is experimentally demonstrated that a processing gain of 18 dB is achieved as evidenced by the solid purple line of Fig. 3.
Figure 3 presents the processing gain (PG) versus the received OSNR for the same measurements of Fig. 2. It is demonstrated in Fig. 3 that the processing gain is constant over all OSNR regimes, as previously derived in Eq. (8). Considering these results, we experimentally validated the processing gain model as formulated in Subsection 2.4.
The impact of the SPM decryption is illustrated in Fig. 4 for practical case of 8 dB OSNR. It shows the histogram of the received signal before (red curve) and after (blue curve) the decryption process with the correct SPM. As one can see, before the decryption no PAM-4 levels are observed in the signal’s histogram due to the temporal smearing of the SPM. While after the decoding, the PAM-4 levels are reconstructed correctly.
Figure 5 depicts the received BER, at the system’s received OSNR. Due to the memory size limitation of the real-time DAC and the ADC, the minimum detected error-rate is about 1E-3 for GHz. As growths and signal becomes sparse in the time domain, hence only BER of 1E-2 can be measured at GHz. The BER threshold displayed on Fig. 5 is taken according to KP4 RS(544,514) FEC encoding threshold of 2.2E-4, leading to “error-free” operation . Despite of measurement limitations in low BER, a very good agreement with the theoretical model is obtained, as diamond markers (theory) and circle markers (measured) coincide. For example, the GHz curves intersects with the BER threshold at OSNR of 7 dB where the GHz curve intercepts with the pre-FEC threshold at OSNR of −5.2 dB. This verifies the validity of the noise modeling in our experiment and the resulting signal stealthiness mechanism.
Figure 6 represents simulation results of residual chromatic dispersion affecting the stealthy and encrypted transmission. It can be seen that an SNR penalty of 0.3 dB at 10 km, and 2 dB at 20 km occurred, regardless the number of spectral replicas within a constant bandwidth of 32 GHz. We compared these findings with a 26 GBaud single carrier PAM-4 transmission , which is similar to the bandwidth in our experiment. This work presents an OSNR penalty of 1 dB at residual chromatic dispersion of 150 ps/nm, corresponding to 10 km SSMF. The comparison between a conventional PAM-4 and the proposed stealthy and encrypted transmission shows high resiliency to chromatic dispersion. In addition, it is shown that CD penalty depends on the overall signal bandwidth, and not on the “internal breakdown” of the transmitted spectrum, as long as the power distribution over the frequencies (within the overall analog bandwidth) is similar, which is the case in our experiments.
4.1 Encryption strength
The encryption strength and the steganography level were extensively evaluated by simulations in , under section 5.3 “Encryption strength estimation”. In these simulations, the goal of Eve was to raise the signal above the noise level in either time or frequency domain, by achieving SNR greater than zero. The simulations assume that Eve has a-priory knowledge about the encryption and decryption method while the only parameter that should be guessed is the spectral phase mask. It is further assume that the spectral phase mask is comprised of 800 spectral bins, with a quantization level of 8 bits (256 DAC levels).
While Eve try new guess every , it takes years to reveal the stealthy and encrypted signal. This result assumes a coherent transmitter (in-phase and quadrature modulation). For the IM/DD case, a factor of square root should be taken over the time of attack, as the key space is reduced by half. Therefore years are required to achieve positive SNR. If only 400 spectral bins are available for the spectral phase mask, the time of a successful attack drops to 16 years.
We experimentally demonstrate an encrypted and stealthy end-to-end transmission system over SSMF, using low cost IM/DD system. Even though the signal is fully buried under ASE noise and cannot be neither observed nor detected by an eavesdropper, it is successfully detected by the authorized user with error-free performance.
The detected signal, subtracted of its expectation value, is given as follows:Eq. (3). The three terms of Eq. (9) are the detected signal and the two noise-related currents. For the sake of calculating the pre-processing SNR, the noises’ variance as well as the signal’s variance are given as follows:Eq. (10) is derived under the assumption of small driving signal, which leads to a linear relation between the intensity of the optical wave and the signal itself. Hence, the SNR measured after signal recovery and before the decryption, is given as:
Processing gain for direct detection case
The processing gain of the described method is achieved by incoherent summation of the noise spectral components, as oppose to the information signal, which is reconstructed by a coherent summation of its spectral replicas . Mathematically, we show that the variance of the noise after decryption grows by a factor of whereas the signal’s variance grows by a factor. Let us denote the combined noises from Eq. (9) as:
As discussed in Section 2.3 and depicted in Fig. 1, the decryption process consists of spectral phase decoding using linear filters and, followed by downsampling. Therefore, the post-processing noise terms can be expressed as follows:
We prove here that. The resulting processing gain, which is the ratio between the variance of the information signal after processing and variance of the noise after processing, is exactly in this case. The noise variance after processing is calculated as follows:Eq. (14) in Eq. (15) yield the following expression:Eq. (16) generates four types of terms:
In order to achieve processing gain of , the following conditions will be proven: the term is equal to zero . In addition, the terms and, which represent the mutual effect between the two noises from Eqs. (9) and (12) are equal to zero for every choice of and (including). Finally, the term is also equal to zero . In case that all of the conditions hold, both noises from Eq. (12) are summed incoherently without mutual effect and a full processing gain is achieved.
Referring to it is well known that the squared normal ASE distribution has white uncorrelated spectrum (after reducing its mean value). Therefore, the first condition is satisfied . is given by the following term:
As for and, a direct derivation shows that both are equal to zero as well:
Regarding term that requires most of the attention, a general expression for the cross-correlation between its spectral components can be derived directly:Eq. (20) can be rewritten as a one-dimensional integral:
Finally, since the conditions that were stated above of the terms− are satisfied, Eq. (16) can be rewritten as:Eq. (15) is reduced to a single integral:Eq. (26)] versus the incoherent addition of the noise term [Eq. (25)], yielding an overall processing gain of .
Israel Innovation Authority (53362); Cisco University Research Program (CG#1080109); Ben-Gurion University of the Negev; Bar-Ilan University.
1. D. Sadot, G. Dorman, A. Gorshtein, E. Sonkin, and O. Vidal, “Single channel 112Gbit/sec PAM4 at 56Gbaud with digital signal processing for data centers applications,” Opt. Express 23(2), 991–997 (2015). [CrossRef] [PubMed]
2. L. Xu, C. Jiang, J. Wang, J. Yuan, and Y. Ren, “Information security in big data: privacy and data mining,” IEEE Access 2, 1149–1176 (2014). [CrossRef]
3. B. Wu, B. J. Shastri, P. Mittal, A. N. Tait, and P. R. Prucnal, “Optical signal processing and stealth transmission for privacy,” IEEE J. Sel. Top. Signal Process. 9(7), 1185–1194 (2015). [CrossRef]
4. J. A. Salehi, “Code division multiple-access techniques in optical fiber networks. I. fundamental principles,” IEEE Trans. Commun. 37(8), 824–833 (1989). [CrossRef]
6. T. Yeminy, D. Sadot, and Z. Zalevsky, “Sampling impairments influence over fiber-optic signal decryption,” Opt. Commun. 291(15), 193–201 (2013). [CrossRef]
7. E. Wohlgemuth, T. Yeminy, Z. Zalevsky, and D. Sadot, “Experimental demonstration of encryption and steganography in optical fiber communications,” in 43th European Conference on Optical Communication (ECOC 2017), paper P1.SC3.43. [CrossRef]
8. E. Wohlgemuth, Y. Yoffe, T. Yeminy, Z. Zalevsky, and D. Sadot, “Demonstration of coherent stealthy and encrypted transmission for data center interconnection,” Opt. Express 26(6), 7638–7645 (2018). [CrossRef] [PubMed]
9. E. Wohlgemuth, Y. Yoffe, T. Yeminy, Z. Zalevsky, and D. Sadot, “Low cost PAM-4 IM/DD photonic-layer secured communication for DCI based on phase mask,” in 44th European Conference on Optical Communication (ECOC 2018), paper We1F.6.
10. M. Chagnon, S. Lessard, and D. V. Plant, “336 Gb/s in direct detection below KP4 FEC threshold for intra data center applications,” IEEE Photonics Technol. Lett. 28(20), 2233–2236 (2016). [CrossRef]
11. N. Eiselt, H. Griesser, J. Wei, A. Dochhan, M. Eiselt, J. Elbers, J. J. V. Olmos, and I. T. Monroy, “Real-time evaluation of 26-GBaud PAM-4 intensity modulation and direct detection systems for data-center interconnects,” in Optical Fiber Communication Conference, (Optical Society of America,2016), paper Th1G.3. [CrossRef]