- Email: [email protected]
A novel realization of quantum stream cipher with key-modulated local light
Optical Fiber Technology 53 (2019) 102007
Contents lists available at ScienceDirect
Optical Fiber Technology journal homepage: www.elsevier.com/locate/yofte
Regular Articles
A novel realization of quantum stream cipher with key-modulated local light a,⁎
a
b
a
T
b
Haisong Jiao , Tao Pu , Lei Shi , Yukai Chen , Longqiang Yu a b
College of Communications Engineering, Army Engineering University of PLA, Nanjing 210007, China School of Information and Navigation, Air Force Engineering University, Xi’an 710077, China
A R T I C LE I N FO
A B S T R A C T
Keywords: Quantum noise stream cipher Optical secure communication Y-00 protocol Optical comparator
Quantum-noise stream cipher (QSC) is a potentially information-theoretic secure physical-layer encryption method for high-speed and long-distance fiber communications. In this paper, a novel QSC scheme employing Y00 protocol is proposed and experimentally demonstrated under general commercial components. The structure of our scheme can provide a convenience for general researchers to perform QSC experimental studies. Specifically, at receiver, the local light is modulated by M/2-ary extended secret key, which is introduced as optical threshold signal, and the balanced photodetector is applied as optical comparator to decode the M-ary encrypted signal. As a result, the error-free secure communication is realized at 2.5 Gb/s over 100-km optically amplified links, where the intensity levels of QSC signals are attained to 1024. Meanwhile, in strict theory, the minimum number of masked levels by only quantum noise is calculated to be more than two, which indicates the security of this realization. The system performance is investigated from both experimental and theoretical results. We reveal the new fact that the increasing number of signal levels will degrade the QSC BER performance for intensity modulation, which is different from that for phase modulation.
1. Introduction With an increasing amount of confidential and personal data transmitted over optical fiber networks, secure fiber communications have become especially important [1,2]. Different from quantum key distribution based on single or entangled photons [3,4], or weak coherent states (average photon number below 1) [5], quantum-noise stream cipher (QSC) based on mesoscopic coherent states (average photon number above several thousands) is an alternative quantum secure communication method [6], which can be employed in currently existing optical fiber communication systems [7]. Thus, QSC is hopeful to realize both high-speed data transmission over long distance and high security. Y-00 (Yuen 2000) is the basic QSC encryption protocol [8], which protects both secret key and data from being intercepted by masking multi-level signals under intrinsic quantum noise, originating from Heisenberg’s uncertainty principle. Specifically, the sender prepares Mary signals, mapped from the ciphertext of Y-00 protocol, in multiphoton coherent state. With the shared secret key, the legitimate receiver can extract the binary data from the M-ary signal, while the eavesdropper (called Eve) has to discriminate M quantum states and tell the difference of neighboring states that is masked by inevitable quantum noise. Consequently, Eve has no access to accurate ciphertext,
⁎
not to mention the plaintext [9], even if she was granted unlimited ability. So far, various realizations of QSC employing Y-00 protocol have been reported under phase modulation [10], intensity modulation (ISK) [11], or polarization modulation [12], with high speed and long distance (eg., 100 Gb/s, 120 km [11]). However, among them, designing complicated circuits and chips of Y-00 transceivers is usually the key point, which are non-general components. So it may be some difficult for ordinary researchers to perform lab experimental studies about Y-00 QSC. Ref. [13] proposes a structure of multiport encoder/decoder, which is composed of standard components, so as to implement Y-00 protocol without fast digital/analog converters. Notwithstanding, its actual feasibility and security remain detailed proof and experimental realization. In this paper, balanced photodetector (BPD) will be taken as a fast optical comparator to recover the binary signal from the dense M-ary cipher stream. And we adopt a structure of general commercial components to fulfill the basic realization of Y-00 QSC. Eventually, the secure transmission of a 1024-ISK QSC is accomplished that can be errorfree at 2.5 Gb/s over 100-km optically amplified links. The rest of this paper is organized as follows. In Section II, the experimental setup of the proposed scheme based on key-modulated local light is described. The various experimental results about reliability and security are
Corresponding author. E-mail address: [email protected] (H. Jiao).
https://doi.org/10.1016/j.yofte.2019.102007 Received 19 June 2019; Received in revised form 17 August 2019; Accepted 29 August 2019 1068-5200/ © 2019 Elsevier Inc. All rights reserved.
Optical Fiber Technology 53 (2019) 102007
H. Jiao, et al.
Fig. 1. (a) Experimental setup of the proposed ISK-QSC scheme; (b) Overall schematic of Y-00 encryption protocol.
“compared” correspondingly, and the binary signal can be recovered after clock data recovery (CDR). Here BPD behaves as an optical comparator. The oscilloscope (OSCP) is to monitor the adjusting results of OTDL and VOA3. At last, the system performance is measured by a bit-error rate (BER) tester.
demonstrated and analyzed in Section III, as well as the numerical results. At last, we discuss the details of results in this realization, and conclude the main findings. 2. Experimental setup
3. Results and analyses
The experimental setup of the proposed ISK-QSC scheme is presented in Fig. 1(a), and the Fig. 1(b) shows the Y-00 protocol that our scheme is based on. Note that the M-ary ciphertext is mapped from binary data bit and M/2-ary running key symbol according to the Y-00 protocol. We assume that the sender (Alice) and receiver (Bob) have generated the same running key bit stream by extending the secret seed key, shared from quantum key distribution for example. And the plaintext data sequence pattern is set by pseudo-random binary sequence (PRBS) with the length of 27–1 or 211–1. The transmitter is basically the intensity modulation setup of DFB laser with spectrum centered at 1545.2 nm. However, the difference is that the modulating signal of Mach-Zehnder modulator (MZM) is the Mary electrical signal generated from an Arbitrary Waveform Generator (AWG) according to ciphertext symbols. The AWG (Tektronix AWG70002A) is running at 2.5 Gsymbol/s with single-channel sample rate at 12.5 Gsample/s, implying a data rate of 2.5 Gb/s. In order to make the neighboring levels be masked by the quantum noise, the variable optical attenuator (VOA) is to attenuate the modulated signal power to the mesoscopic state level (noted as Pout). Pout is monitored by an optical power meter (OPM) at the weak branch of a 1:9 optical coupler (OC). At last, for the long-distance transmission, the mesoscopic signal is boosted to conventional signal level by a small-signal optical amplifier EDFA1 (erbium doped fiber amplifier) before launching into the fiber channel. The transmission line is a 100-km optically amplified links over 2 × 50.4 km standard single-mode fiber (SSMF) spans and the corresponding dispersion compensation fiber (DCF) with two relaying power amplifiers (EDFA2 and EDFA3) compensating the fiber loss. At receiver, the tunable laser (TLD) is employed as local light source, which is to be modulated by the MZM driven by the running key signal from a second channel of the AWG at the same symbol rate. The keying modulated local light is applied as the deciphering signal. To match the received encrypted optical signal with the modulated local light, optical tunable delay line (OTDL) and VOA3 are adopted to properly adjust the time delay and power levels, respectively. Then both the received optical signal carrying ciphertext and the matched local light modulated by corresponding running key are fed into the two input ports of BPD simultaneously. Because of balanced detection, the M-ary Y-00 signal and the M/2-ary key-modulated local light will be
In order to investigate the proposed scheme, several experimental tests are performed for back-to-back (B2B) transmission and 100-km transmission, and for different signal levels. 3.1. Time delay matching The key point to favorable system performance is the fine matching between the local and transmitted signals. And the time delay matching is the prerequisite of power levels adjustment and test operations. Specifically, the coarse adjustment of large-scale time delay is through setting the signal delay of AWG sequence for local light according to the result in OSCP, whose precision is 80 ps. Then the precise and rapid matching will make use of OTDL with precision of 0.01 ps. First, we give the same gate signal to both MZMs at transmitter and receiver simultaneously, of which the signal width is 4 ns with 10-bit consecutive ‘1’. Still, AWG is at sample rate of 12.5Gsample/s. For example, the time delay measured in Fig. 2(a) is Δτ = 19.66879 ns. Then, the running key sequence is delayed 245 sample points, corresponding to a time delay of 19.6 ns for local signal, as shown in Fig. 2(b). And, the residual time delay of Δτ-19.6 ns = 68.79 ps, within the OTDL range, will be compensated accurately, as shown in Fig. 2(c). Thus, the impact of differences in time delay and power levels on performance can be well eliminated. In addition, with this matching structure, the security of our scheme could be rather better than the pure Y-00 realization. After the matching step in advance, the eavesdropping behavior will
Fig. 2. Results of time delay matching (a) before matching; (b) after coarse adjustment; (c) after precise adjustment. 2
Optical Fiber Technology 53 (2019) 102007
H. Jiao, et al.
Fig. 3. Measured eye diagrams and waveforms of B2B test for 1024-ISK QSC. (a) (b) Y-00 encrypted signals; (c) (d) running key signals; (e) (f) decrypted signals.
secure dense M-ary QSC is achievable under the proposed experimental structure for high-speed long-distance fiber transmission. Further, comparing the results of M = 1024 and M = 4, we see dense M-ary modulation is necessary to protect the security of ciphertext with quantum noise. But it seems that the increasing number of signal levels may partly damage the transmission performance of ISK QSC, which has not been illustrated previously.
cause extra time delay or disorder of power levels. Then the eavesdropper may be detected by monitoring the BER and measured waveforms. 3.2. Measured eye diagrams and waveforms Fig. 3 presents the measured eye diagrams and waveforms of Y-00 encrypted signals, running key signals and decrypted binary signals, respectively, with M = 1024 for B2B transmission. The number of masked states (NMS) by quantum noise is a typical security metric for QSC system [7,9,10]. Generally, NMS greater than 1 is enough to provide the guaranteed data security [9]. The quantum noise for ISK QSC is the uncertainty of photon number, and the theoretical NMS for ISK is defined in [14,15], i.e., M
NMS =
ΔNavg δN
=
3.3. Measured BER and numerical results We investigate the system performance in terms of BER for different test conditions. The influence on the legitimate users of the number of signal levels, M, is demonstrated in Fig. 5. Fig. 5(a) is the measured BER for B2B case at 2.5 Gb/s without EDFA, which implies a slight tendency of BER degradation with M. This result is consistent with measured eye diagrams of Fig. 4(b) and (d). Further, we study the NMS and Q-factor as a function of M numerically, according to Eqs. (1) and (3). And Eq. (3) is for Q-factor, derived as below [15].
ext − 1 ¯ N M ⎤ ⎦ 1
∑i = 1 ⎡1 + (i − 1) ⎣ (ext − 1) N¯1
(1)
where ΔNavg is the average uncertainty of the M-level quantum states, δN is the difference of adjacent states, and N¯1 is the average photon number of the lowest level state. In the B2B case of Fig. 3, the data rate is R = 2.5Gbit/s, the output mesoscopic power is measured to be Pout = -17.57dBm and the measured extinction ratio ext = 12. Then the average photon number of the lowest level is deduced to be
2Pout N¯1 = (1 + ext ) hvR
Q=
1 M /2
= RPout
M /2
∑ m=1
Im + M /2 − Im σm + M /2 + σm
2 ⎛ ext − 1 ⎞ M ⎝ ext + 1 ⎠
M /2
∑ m=1
1 2 σT2 + σshot , M /2 + m +
2 σT2 + σshot ,m
(3)
Here Im is the m-th level electrical signal corresponding to the m-th level optical power Pm. And we take into account the quantum shot noise of 2 2 the m-th level σshot , m = 2qBe RPm and the thermal noise σT = 4kB TBe / RL , where q is electron charge and kB is Boltzmann constant. The other configured parameters follow the experimental setup as far as possible, as shown in Table 1. As shown in Fig. 5(b) and (c), it indicates the legitimate transmission performance of ISK QSC will degrade with the increase of signal levels, which becomes less influential for M large enough, in spite of the better security level with the larger NMS. In contrast, the BER performance of PSK scheme doesn’t have such a degradation tendency. That is because the quantum intensity noise for ISK is related to the signal level, as well as M, while the quantum phase noise for PSK is irrelevant to M. That is another advantage of PSK QSC over ISK scheme, besides the better tolerance over four-wave mixing, self-phase modulation and cross phase modulation [14,17]. We perform the competitive tests to discuss the impact of mesoscopic power for B2B transmission with and without inner amplifier EDFA1 at 2.5 Gb/s. As shown in Fig. 6, here the length of PRBS is set 27–1 and M = 1024. It is found that the mesoscopic power can be decreased by about 14.34 dB BER = 10−9 with inner EDFA1 employed.
(2)
where h is the Planck constant and ν is photon frequency in optical fiber (λ = 1545.2 nm). Thus, from Eqs. (1) and (2), NMS is calculated to be 2.0766, which is the minimum NMS by only quantum noise. We can find that the eye-opening of Y-00 encrypted signals is not observed at all, due to the unavoidable quantum intensity noise fundamentally. In fact, there is other systematic noise like amplified spontaneous emission noise of EDFA. As shown in Fig. 3(a), the eye diagrams of encrypted signals can be regarded as what a powerful eavesdropper obtains, who intercepts the full quantum states (B2B) but measures without right key. Still, Eve cannot acquire the correct Y-00 signals, not to mention the plaintext, implying the security intuitively. However, the eyeopenings of decrypted signals (Fig. 3(e)) by the running key (Fig. 3(c)) can be clearly measured, which shows the transmission feasibility. Fig. 4 depicts the measured eye diagrams of the encrypted and corresponding decrypted binary signals with M = 1024 and M = 4 for 100-km transmission at 2.5Gbit/s. According to Eq. (1) and Eq. (2), the pure NMS is about 2.0837 for M = 1024, Pout = -17.6dBm and ext = 12. Similarly, the eye-opening of encrypted signal is totally closed, and that of the decrypted is well separated. So, the reliable and 3
Optical Fiber Technology 53 (2019) 102007
H. Jiao, et al.
Fig. 4. Measured eye diagrams after 100-km fiber transmission. (a) (c) Y-00 encrypted signals, (b) (d) corresponding decrypted signals, (a) (b) M = 1024, (c) (d) M = 4.
Meanwhile, the lower the mesoscopic power is, the more number of states will be masked, i.e., the larger NMS. Thus the better security can be acquired by adopting an inner amplifier, which also offers additional amplified spontaneous emission uncertainty. Eventually, Fig. 7 presents the measured BER as a function of average received power for B2B and 100-km transmission at 2.5 Gb/s and M = 1024. Note that both quantum-noise NMS greater than 2 can be guaranteed for B2B and 100-km transmission with Pout = -17.58dBm and −17.6dBm, which fundamentally manifests the high security of data communication. Also, it indicates both error-free transmission (BER less than 1 × 10−9) can be well achieved. The power penalty of this proposed system between B2B and 100-km transmission is about
4
8
16
32
Table 1 Simulation parameters.
64
M
128
Parameters
Values
extinction ratio of modulator, ext central wavelength of optical source receiver temperature, T receiver load resistance, RL data rate, R responsibility of Bob, R electrical bandwidth of receiver, Be
12 1545.2 nm 293 K 50 Ω 2.5 Gb/s 0.75 27 GHz
256
512
1024 2048
PRBS7 , Precv= -9.45 dBm PRBS11, Precv= -5.52 dBm
-2
Log(BER)
-4
-6
-8
-10
(a)
-12 2
4
8
16
32
64
M
128
256
4
5
6
512 1024 2048
@ Precv= -9.45dBm
11.7084
27.465
9 4
10 8
11
16
32
64
M
128
256
512
1024 2048 1.0
1.4 1.2
11.7080
1.0
11.7078
0.8
11.7076
@ Precv= -5.52dBm
27.460
0.8 27.455
NMS Q-factor
11.7082
0.6 27.450
0.4
0.6
11.7074
0.4
11.7072
27.445
0.2
27.440
0.0
0.2
11.7070
0.0
11.7068
(b )
8
1.6
11.7086
Q-factor
7
log2(M)
NMS
11.7088
3
2
3
4
5
6
7
log2(M)
8
9
10
11
(c)
2
3
4
5
6
7
log2(M)
8
9
10
11
Fig. 5. (a) Measured BER versus number of signal levels, M, (b) (c) Numerical Q-factor and NMS versus M at different received power. B2B without EDFA. 4
Optical Fiber Technology 53 (2019) 102007
H. Jiao, et al.
extra time delay or power attenuation unavoidably. Because the legitimate BER is quite sensitive to the matching between signal and local light, the disorder in time delay or power levels will introduce severe BER deterioration. As a result, Bob can discover the existence of wiretap attack, with proper protocol design, of course. The previous Y-00 schemes, which don’t rely on signal matching [10–13], have no such properties. In summary, we propose and demonstrate a ISK QSC scheme of Y-00 protocol, employing key-modulated local light as deciphering signal. The feasibility and security are presented by transmission experiments. We hope the proposed structure may provide a convenience to realize QSC experiments with general commercial components. In consequence, the error-free secure communication of QSC with signal levels up to 1024 is realized at 2.5 Gb/s over 100-km optically amplified links. And the guaranteed NMS is theoretically calculated to be more than 2 at least. Different from PSK scheme, we find the transmission performance of ISK QSC will become worse with the growth of signal levels to some extent, from experimental and numerical results. The comprehensive impact of keeping increasing signal levels of ISK QSC on both security and transmission capabilities will be researched in next work. Also, the potential security advantage of this proposed matching structure will be investigated by suitable protocol and experiments in the future.
Fig. 6. BER versus the mesoscopic output power, Pout. B2B with M = 1024.
Acknowledgment This study was supported by the National Natural Science Foundation of China (Grant Nos. 61475193, 61974165, 11404407). Appendix A. Supplementary data Supplementary data to this article can be found online at https:// doi.org/10.1016/j.yofte.2019.102007. References [1] K.I. Kitayama, M. Sasaki, S. Araki, M. Tsubokawa, A. Tomita, K. Inoue, K. Harasawa, Y. Nagasako, A. Takada, Security in photonic networks: threats and security enhancement, J. Lightwave Technol. 29 (21) (2011) 3210–3222. [2] B.B. Gupta, D.P. Agrawal, H.X. Wang, Computer and Cyber Security: Principles, Algorithm, Applications, and Perspectives, CRC Press, Taylor & Francis, 2018. [3] A.P. Pljonkin, B.B. Gupta, K.E. Rumyantsev, I. Korovin, G. Schaefer, Features of Detection of a Single-Photon Pulse at Synchronisation in Quantum Key Distribution Systems, in: 6th International Conference on Informatics, Electronics and Vision & 7th International Symposium in Computational Medical and Health Technology (ICIEV-ISCMHT) IEEE, Himeji, Japan, 2017, p. 1–3. [4] A.K. Ekert, Quantum cryptography based on bell’s theorem, Phys. Rev. Lett. 67 (6) (1991) 661–663. [5] S.K. Liao, H.L. Yong, C. Liu, G.L. Shentu, D.D. Li, J. Lin, H. Dai, S.Q. Zhao, B. Li, J.Y. Guan, W. Chen, Y.H. Gong, Y. Li, Z.H. Lin, G.S. Pan, J.S. Pelc, M.M. Fejer, W.Z. Zhang, W.Y. Liu, J. Yin, J.G. Ren, X.B. Wang, Q. Zhang, C.Z. Peng, J.W. Pan, Long-distance free-space quantum key distribution in daylight towards inter-satellite communication, Nat. Photonics 11 (2017) 509–513. [6] G.A. Barbosa, E. Corndorf, P. Kumar, H.P. Yuen, Secure communication using mesoscopic coherent states, Phys. Rev. Lett. 90 (22) (2003) 227901. [7] G.S. Kanter, D. Reilly, N. Smith, Practical physical-layer encryption: the marriage of optical noise with traditional cryptography, IEEE Commun. Mag. 47 (11) (2009) 74–81. [8] R. Nair, H.P. Yuen, E. Corndorf, T. Eguchi, P. Kumar, Quantum-noise randomized ciphers, Phys. Rev. A 74 (5) (2006) 052309. [9] H.S. Jiao, T. Pu, J.L. Zheng, P. Xiang, T. Fang, Physical-layer security analysis of a quantum-noise randomized cipher based on the wire-tap channel model, Opt. Express 25 (10) (2017) 10947–10960. [10] K. Tanizawa, F. Futami, Digital coherent PSK Y-00 quantum stream cipher with 217 randomized phase levels, Opt. Express 27 (2) (2019) 1071–1079. [11] F. Futami, Experimental demonstrations of Y-00 cipher for high capacity and secure optical fiber communications, Quantum Inform. Process. 13 (10) (2014) 2277–2291. [12] E. Corndorf, G. Barbosa, C. Liang, H.P. Yuen, P. Kumar, High-speed data encryption over 25 km of fiber by two-mode coherent-state quantum cryptography, Opt. Lett. 28 (21) (2003) 2040–2042. [13] G. Cincotti, L. Spiekman, N. Wada, K. Kitayama, Spectral coherent-state quantum cryptography, Opt. Lett. 33 (21) (2008) 2461–2463. [14] V.S. Grigoryan, G. S. Kanter, P. Kumar, Quantum-noise-randomized data encryption: Comparative analysis of M-ary PSK and M-ary ASK protocols for long-haul
Fig. 7. Power penalty and BER curves of the received power, Precv.
2.49 dB for 2.5 Gb/s and BER = 10−9.
4. Discussion and conclusion The feasibility of the proposed scheme is experimentally demonstrated, while the system performance seems not as good as that of other realizations [11]. The possible causes to be improved next is described as follows. For one thing, the DCF isn’t subtly matched with SSMF, and there is still some chromatic dispersion, which may broaden the received waveform and result in intersymbol interference. For another, the modulating signals of M-ary ciphertext and M/2-ary running key for MZM are planned to be uniformly-spaced. But due to the nonlinearity of MZM driver, the real modulating electrical signals become not uniformly-spaced, so will the modulated optical signals, which can damage the decipher performance. The both issues can be resolved properly. Besides, we note that NMS in this paper is obtained in theory, considering only the unavoidable quantum noise and imagining Eve of the strongest ability, i.e., she has access to the original output signals with ideal receiver. However, NMS realized in Ref. [16] can be quite large, which is obtained from the direct measurement of B2B test. The NMS of our scheme under practical measurement is believed to be fairly large, too. Moreover, our scheme can provide additional security due to the matching structure. The eavesdropping behavior of Eve will cause 5
Optical Fiber Technology 53 (2019) 102007
H. Jiao, et al.
[16] M. Yoshida, T. Hirooka, K. Kasai, M. Nakazawa, Single-channel 40 Gbit/s digital coherent QAM quantum noise stream cipher transmission over 480 km, Opt. Express 24 (1) (2016) 652–661. [17] X. Wei, X. Liu, Analysis of intrachannel four-wave mixing in differential phase-shift keying transmission with large dispersion, Opt. Lett. 28 (23) (2003) 2300–2302.
optical communications, in: Optical Fiber Communication and the National Fiber Optic Engineers Conference (OFC/NFOEC), Anaheim, USA, 2007, p. OWT3. [15] H.S. Jiao, T. Pu, J.L. Zheng, H. Zhou, L. Lu, P. Xiang, J.Y. Zhao, W.W. Wang, Semiquantum noise randomized data encryption based on an amplified spontaneous emission light source, Opt. Express 26 (9) (2018) 11587–11598.
6
Contents lists available at ScienceDirect
Optical Fiber Technology journal homepage: www.elsevier.com/locate/yofte
Regular Articles
A novel realization of quantum stream cipher with key-modulated local light a,⁎
a
b
a
T
b
Haisong Jiao , Tao Pu , Lei Shi , Yukai Chen , Longqiang Yu a b
College of Communications Engineering, Army Engineering University of PLA, Nanjing 210007, China School of Information and Navigation, Air Force Engineering University, Xi’an 710077, China
A R T I C LE I N FO
A B S T R A C T
Keywords: Quantum noise stream cipher Optical secure communication Y-00 protocol Optical comparator
Quantum-noise stream cipher (QSC) is a potentially information-theoretic secure physical-layer encryption method for high-speed and long-distance fiber communications. In this paper, a novel QSC scheme employing Y00 protocol is proposed and experimentally demonstrated under general commercial components. The structure of our scheme can provide a convenience for general researchers to perform QSC experimental studies. Specifically, at receiver, the local light is modulated by M/2-ary extended secret key, which is introduced as optical threshold signal, and the balanced photodetector is applied as optical comparator to decode the M-ary encrypted signal. As a result, the error-free secure communication is realized at 2.5 Gb/s over 100-km optically amplified links, where the intensity levels of QSC signals are attained to 1024. Meanwhile, in strict theory, the minimum number of masked levels by only quantum noise is calculated to be more than two, which indicates the security of this realization. The system performance is investigated from both experimental and theoretical results. We reveal the new fact that the increasing number of signal levels will degrade the QSC BER performance for intensity modulation, which is different from that for phase modulation.
1. Introduction With an increasing amount of confidential and personal data transmitted over optical fiber networks, secure fiber communications have become especially important [1,2]. Different from quantum key distribution based on single or entangled photons [3,4], or weak coherent states (average photon number below 1) [5], quantum-noise stream cipher (QSC) based on mesoscopic coherent states (average photon number above several thousands) is an alternative quantum secure communication method [6], which can be employed in currently existing optical fiber communication systems [7]. Thus, QSC is hopeful to realize both high-speed data transmission over long distance and high security. Y-00 (Yuen 2000) is the basic QSC encryption protocol [8], which protects both secret key and data from being intercepted by masking multi-level signals under intrinsic quantum noise, originating from Heisenberg’s uncertainty principle. Specifically, the sender prepares Mary signals, mapped from the ciphertext of Y-00 protocol, in multiphoton coherent state. With the shared secret key, the legitimate receiver can extract the binary data from the M-ary signal, while the eavesdropper (called Eve) has to discriminate M quantum states and tell the difference of neighboring states that is masked by inevitable quantum noise. Consequently, Eve has no access to accurate ciphertext,
⁎
not to mention the plaintext [9], even if she was granted unlimited ability. So far, various realizations of QSC employing Y-00 protocol have been reported under phase modulation [10], intensity modulation (ISK) [11], or polarization modulation [12], with high speed and long distance (eg., 100 Gb/s, 120 km [11]). However, among them, designing complicated circuits and chips of Y-00 transceivers is usually the key point, which are non-general components. So it may be some difficult for ordinary researchers to perform lab experimental studies about Y-00 QSC. Ref. [13] proposes a structure of multiport encoder/decoder, which is composed of standard components, so as to implement Y-00 protocol without fast digital/analog converters. Notwithstanding, its actual feasibility and security remain detailed proof and experimental realization. In this paper, balanced photodetector (BPD) will be taken as a fast optical comparator to recover the binary signal from the dense M-ary cipher stream. And we adopt a structure of general commercial components to fulfill the basic realization of Y-00 QSC. Eventually, the secure transmission of a 1024-ISK QSC is accomplished that can be errorfree at 2.5 Gb/s over 100-km optically amplified links. The rest of this paper is organized as follows. In Section II, the experimental setup of the proposed scheme based on key-modulated local light is described. The various experimental results about reliability and security are
Corresponding author. E-mail address: [email protected] (H. Jiao).
https://doi.org/10.1016/j.yofte.2019.102007 Received 19 June 2019; Received in revised form 17 August 2019; Accepted 29 August 2019 1068-5200/ © 2019 Elsevier Inc. All rights reserved.
Optical Fiber Technology 53 (2019) 102007
H. Jiao, et al.
Fig. 1. (a) Experimental setup of the proposed ISK-QSC scheme; (b) Overall schematic of Y-00 encryption protocol.
“compared” correspondingly, and the binary signal can be recovered after clock data recovery (CDR). Here BPD behaves as an optical comparator. The oscilloscope (OSCP) is to monitor the adjusting results of OTDL and VOA3. At last, the system performance is measured by a bit-error rate (BER) tester.
demonstrated and analyzed in Section III, as well as the numerical results. At last, we discuss the details of results in this realization, and conclude the main findings. 2. Experimental setup
3. Results and analyses
The experimental setup of the proposed ISK-QSC scheme is presented in Fig. 1(a), and the Fig. 1(b) shows the Y-00 protocol that our scheme is based on. Note that the M-ary ciphertext is mapped from binary data bit and M/2-ary running key symbol according to the Y-00 protocol. We assume that the sender (Alice) and receiver (Bob) have generated the same running key bit stream by extending the secret seed key, shared from quantum key distribution for example. And the plaintext data sequence pattern is set by pseudo-random binary sequence (PRBS) with the length of 27–1 or 211–1. The transmitter is basically the intensity modulation setup of DFB laser with spectrum centered at 1545.2 nm. However, the difference is that the modulating signal of Mach-Zehnder modulator (MZM) is the Mary electrical signal generated from an Arbitrary Waveform Generator (AWG) according to ciphertext symbols. The AWG (Tektronix AWG70002A) is running at 2.5 Gsymbol/s with single-channel sample rate at 12.5 Gsample/s, implying a data rate of 2.5 Gb/s. In order to make the neighboring levels be masked by the quantum noise, the variable optical attenuator (VOA) is to attenuate the modulated signal power to the mesoscopic state level (noted as Pout). Pout is monitored by an optical power meter (OPM) at the weak branch of a 1:9 optical coupler (OC). At last, for the long-distance transmission, the mesoscopic signal is boosted to conventional signal level by a small-signal optical amplifier EDFA1 (erbium doped fiber amplifier) before launching into the fiber channel. The transmission line is a 100-km optically amplified links over 2 × 50.4 km standard single-mode fiber (SSMF) spans and the corresponding dispersion compensation fiber (DCF) with two relaying power amplifiers (EDFA2 and EDFA3) compensating the fiber loss. At receiver, the tunable laser (TLD) is employed as local light source, which is to be modulated by the MZM driven by the running key signal from a second channel of the AWG at the same symbol rate. The keying modulated local light is applied as the deciphering signal. To match the received encrypted optical signal with the modulated local light, optical tunable delay line (OTDL) and VOA3 are adopted to properly adjust the time delay and power levels, respectively. Then both the received optical signal carrying ciphertext and the matched local light modulated by corresponding running key are fed into the two input ports of BPD simultaneously. Because of balanced detection, the M-ary Y-00 signal and the M/2-ary key-modulated local light will be
In order to investigate the proposed scheme, several experimental tests are performed for back-to-back (B2B) transmission and 100-km transmission, and for different signal levels. 3.1. Time delay matching The key point to favorable system performance is the fine matching between the local and transmitted signals. And the time delay matching is the prerequisite of power levels adjustment and test operations. Specifically, the coarse adjustment of large-scale time delay is through setting the signal delay of AWG sequence for local light according to the result in OSCP, whose precision is 80 ps. Then the precise and rapid matching will make use of OTDL with precision of 0.01 ps. First, we give the same gate signal to both MZMs at transmitter and receiver simultaneously, of which the signal width is 4 ns with 10-bit consecutive ‘1’. Still, AWG is at sample rate of 12.5Gsample/s. For example, the time delay measured in Fig. 2(a) is Δτ = 19.66879 ns. Then, the running key sequence is delayed 245 sample points, corresponding to a time delay of 19.6 ns for local signal, as shown in Fig. 2(b). And, the residual time delay of Δτ-19.6 ns = 68.79 ps, within the OTDL range, will be compensated accurately, as shown in Fig. 2(c). Thus, the impact of differences in time delay and power levels on performance can be well eliminated. In addition, with this matching structure, the security of our scheme could be rather better than the pure Y-00 realization. After the matching step in advance, the eavesdropping behavior will
Fig. 2. Results of time delay matching (a) before matching; (b) after coarse adjustment; (c) after precise adjustment. 2
Optical Fiber Technology 53 (2019) 102007
H. Jiao, et al.
Fig. 3. Measured eye diagrams and waveforms of B2B test for 1024-ISK QSC. (a) (b) Y-00 encrypted signals; (c) (d) running key signals; (e) (f) decrypted signals.
secure dense M-ary QSC is achievable under the proposed experimental structure for high-speed long-distance fiber transmission. Further, comparing the results of M = 1024 and M = 4, we see dense M-ary modulation is necessary to protect the security of ciphertext with quantum noise. But it seems that the increasing number of signal levels may partly damage the transmission performance of ISK QSC, which has not been illustrated previously.
cause extra time delay or disorder of power levels. Then the eavesdropper may be detected by monitoring the BER and measured waveforms. 3.2. Measured eye diagrams and waveforms Fig. 3 presents the measured eye diagrams and waveforms of Y-00 encrypted signals, running key signals and decrypted binary signals, respectively, with M = 1024 for B2B transmission. The number of masked states (NMS) by quantum noise is a typical security metric for QSC system [7,9,10]. Generally, NMS greater than 1 is enough to provide the guaranteed data security [9]. The quantum noise for ISK QSC is the uncertainty of photon number, and the theoretical NMS for ISK is defined in [14,15], i.e., M
NMS =
ΔNavg δN
=
3.3. Measured BER and numerical results We investigate the system performance in terms of BER for different test conditions. The influence on the legitimate users of the number of signal levels, M, is demonstrated in Fig. 5. Fig. 5(a) is the measured BER for B2B case at 2.5 Gb/s without EDFA, which implies a slight tendency of BER degradation with M. This result is consistent with measured eye diagrams of Fig. 4(b) and (d). Further, we study the NMS and Q-factor as a function of M numerically, according to Eqs. (1) and (3). And Eq. (3) is for Q-factor, derived as below [15].
ext − 1 ¯ N M ⎤ ⎦ 1
∑i = 1 ⎡1 + (i − 1) ⎣ (ext − 1) N¯1
(1)
where ΔNavg is the average uncertainty of the M-level quantum states, δN is the difference of adjacent states, and N¯1 is the average photon number of the lowest level state. In the B2B case of Fig. 3, the data rate is R = 2.5Gbit/s, the output mesoscopic power is measured to be Pout = -17.57dBm and the measured extinction ratio ext = 12. Then the average photon number of the lowest level is deduced to be
2Pout N¯1 = (1 + ext ) hvR
Q=
1 M /2
= RPout
M /2
∑ m=1
Im + M /2 − Im σm + M /2 + σm
2 ⎛ ext − 1 ⎞ M ⎝ ext + 1 ⎠
M /2
∑ m=1
1 2 σT2 + σshot , M /2 + m +
2 σT2 + σshot ,m
(3)
Here Im is the m-th level electrical signal corresponding to the m-th level optical power Pm. And we take into account the quantum shot noise of 2 2 the m-th level σshot , m = 2qBe RPm and the thermal noise σT = 4kB TBe / RL , where q is electron charge and kB is Boltzmann constant. The other configured parameters follow the experimental setup as far as possible, as shown in Table 1. As shown in Fig. 5(b) and (c), it indicates the legitimate transmission performance of ISK QSC will degrade with the increase of signal levels, which becomes less influential for M large enough, in spite of the better security level with the larger NMS. In contrast, the BER performance of PSK scheme doesn’t have such a degradation tendency. That is because the quantum intensity noise for ISK is related to the signal level, as well as M, while the quantum phase noise for PSK is irrelevant to M. That is another advantage of PSK QSC over ISK scheme, besides the better tolerance over four-wave mixing, self-phase modulation and cross phase modulation [14,17]. We perform the competitive tests to discuss the impact of mesoscopic power for B2B transmission with and without inner amplifier EDFA1 at 2.5 Gb/s. As shown in Fig. 6, here the length of PRBS is set 27–1 and M = 1024. It is found that the mesoscopic power can be decreased by about 14.34 dB BER = 10−9 with inner EDFA1 employed.
(2)
where h is the Planck constant and ν is photon frequency in optical fiber (λ = 1545.2 nm). Thus, from Eqs. (1) and (2), NMS is calculated to be 2.0766, which is the minimum NMS by only quantum noise. We can find that the eye-opening of Y-00 encrypted signals is not observed at all, due to the unavoidable quantum intensity noise fundamentally. In fact, there is other systematic noise like amplified spontaneous emission noise of EDFA. As shown in Fig. 3(a), the eye diagrams of encrypted signals can be regarded as what a powerful eavesdropper obtains, who intercepts the full quantum states (B2B) but measures without right key. Still, Eve cannot acquire the correct Y-00 signals, not to mention the plaintext, implying the security intuitively. However, the eyeopenings of decrypted signals (Fig. 3(e)) by the running key (Fig. 3(c)) can be clearly measured, which shows the transmission feasibility. Fig. 4 depicts the measured eye diagrams of the encrypted and corresponding decrypted binary signals with M = 1024 and M = 4 for 100-km transmission at 2.5Gbit/s. According to Eq. (1) and Eq. (2), the pure NMS is about 2.0837 for M = 1024, Pout = -17.6dBm and ext = 12. Similarly, the eye-opening of encrypted signal is totally closed, and that of the decrypted is well separated. So, the reliable and 3
Optical Fiber Technology 53 (2019) 102007
H. Jiao, et al.
Fig. 4. Measured eye diagrams after 100-km fiber transmission. (a) (c) Y-00 encrypted signals, (b) (d) corresponding decrypted signals, (a) (b) M = 1024, (c) (d) M = 4.
Meanwhile, the lower the mesoscopic power is, the more number of states will be masked, i.e., the larger NMS. Thus the better security can be acquired by adopting an inner amplifier, which also offers additional amplified spontaneous emission uncertainty. Eventually, Fig. 7 presents the measured BER as a function of average received power for B2B and 100-km transmission at 2.5 Gb/s and M = 1024. Note that both quantum-noise NMS greater than 2 can be guaranteed for B2B and 100-km transmission with Pout = -17.58dBm and −17.6dBm, which fundamentally manifests the high security of data communication. Also, it indicates both error-free transmission (BER less than 1 × 10−9) can be well achieved. The power penalty of this proposed system between B2B and 100-km transmission is about
4
8
16
32
Table 1 Simulation parameters.
64
M
128
Parameters
Values
extinction ratio of modulator, ext central wavelength of optical source receiver temperature, T receiver load resistance, RL data rate, R responsibility of Bob, R electrical bandwidth of receiver, Be
12 1545.2 nm 293 K 50 Ω 2.5 Gb/s 0.75 27 GHz
256
512
1024 2048
PRBS7 , Precv= -9.45 dBm PRBS11, Precv= -5.52 dBm
-2
Log(BER)
-4
-6
-8
-10
(a)
-12 2
4
8
16
32
64
M
128
256
4
5
6
512 1024 2048
@ Precv= -9.45dBm
11.7084
27.465
9 4
10 8
11
16
32
64
M
128
256
512
1024 2048 1.0
1.4 1.2
11.7080
1.0
11.7078
0.8
11.7076
@ Precv= -5.52dBm
27.460
0.8 27.455
NMS Q-factor
11.7082
0.6 27.450
0.4
0.6
11.7074
0.4
11.7072
27.445
0.2
27.440
0.0
0.2
11.7070
0.0
11.7068
(b )
8
1.6
11.7086
Q-factor
7
log2(M)
NMS
11.7088
3
2
3
4
5
6
7
log2(M)
8
9
10
11
(c)
2
3
4
5
6
7
log2(M)
8
9
10
11
Fig. 5. (a) Measured BER versus number of signal levels, M, (b) (c) Numerical Q-factor and NMS versus M at different received power. B2B without EDFA. 4
Optical Fiber Technology 53 (2019) 102007
H. Jiao, et al.
extra time delay or power attenuation unavoidably. Because the legitimate BER is quite sensitive to the matching between signal and local light, the disorder in time delay or power levels will introduce severe BER deterioration. As a result, Bob can discover the existence of wiretap attack, with proper protocol design, of course. The previous Y-00 schemes, which don’t rely on signal matching [10–13], have no such properties. In summary, we propose and demonstrate a ISK QSC scheme of Y-00 protocol, employing key-modulated local light as deciphering signal. The feasibility and security are presented by transmission experiments. We hope the proposed structure may provide a convenience to realize QSC experiments with general commercial components. In consequence, the error-free secure communication of QSC with signal levels up to 1024 is realized at 2.5 Gb/s over 100-km optically amplified links. And the guaranteed NMS is theoretically calculated to be more than 2 at least. Different from PSK scheme, we find the transmission performance of ISK QSC will become worse with the growth of signal levels to some extent, from experimental and numerical results. The comprehensive impact of keeping increasing signal levels of ISK QSC on both security and transmission capabilities will be researched in next work. Also, the potential security advantage of this proposed matching structure will be investigated by suitable protocol and experiments in the future.
Fig. 6. BER versus the mesoscopic output power, Pout. B2B with M = 1024.
Acknowledgment This study was supported by the National Natural Science Foundation of China (Grant Nos. 61475193, 61974165, 11404407). Appendix A. Supplementary data Supplementary data to this article can be found online at https:// doi.org/10.1016/j.yofte.2019.102007. References [1] K.I. Kitayama, M. Sasaki, S. Araki, M. Tsubokawa, A. Tomita, K. Inoue, K. Harasawa, Y. Nagasako, A. Takada, Security in photonic networks: threats and security enhancement, J. Lightwave Technol. 29 (21) (2011) 3210–3222. [2] B.B. Gupta, D.P. Agrawal, H.X. Wang, Computer and Cyber Security: Principles, Algorithm, Applications, and Perspectives, CRC Press, Taylor & Francis, 2018. [3] A.P. Pljonkin, B.B. Gupta, K.E. Rumyantsev, I. Korovin, G. Schaefer, Features of Detection of a Single-Photon Pulse at Synchronisation in Quantum Key Distribution Systems, in: 6th International Conference on Informatics, Electronics and Vision & 7th International Symposium in Computational Medical and Health Technology (ICIEV-ISCMHT) IEEE, Himeji, Japan, 2017, p. 1–3. [4] A.K. Ekert, Quantum cryptography based on bell’s theorem, Phys. Rev. Lett. 67 (6) (1991) 661–663. [5] S.K. Liao, H.L. Yong, C. Liu, G.L. Shentu, D.D. Li, J. Lin, H. Dai, S.Q. Zhao, B. Li, J.Y. Guan, W. Chen, Y.H. Gong, Y. Li, Z.H. Lin, G.S. Pan, J.S. Pelc, M.M. Fejer, W.Z. Zhang, W.Y. Liu, J. Yin, J.G. Ren, X.B. Wang, Q. Zhang, C.Z. Peng, J.W. Pan, Long-distance free-space quantum key distribution in daylight towards inter-satellite communication, Nat. Photonics 11 (2017) 509–513. [6] G.A. Barbosa, E. Corndorf, P. Kumar, H.P. Yuen, Secure communication using mesoscopic coherent states, Phys. Rev. Lett. 90 (22) (2003) 227901. [7] G.S. Kanter, D. Reilly, N. Smith, Practical physical-layer encryption: the marriage of optical noise with traditional cryptography, IEEE Commun. Mag. 47 (11) (2009) 74–81. [8] R. Nair, H.P. Yuen, E. Corndorf, T. Eguchi, P. Kumar, Quantum-noise randomized ciphers, Phys. Rev. A 74 (5) (2006) 052309. [9] H.S. Jiao, T. Pu, J.L. Zheng, P. Xiang, T. Fang, Physical-layer security analysis of a quantum-noise randomized cipher based on the wire-tap channel model, Opt. Express 25 (10) (2017) 10947–10960. [10] K. Tanizawa, F. Futami, Digital coherent PSK Y-00 quantum stream cipher with 217 randomized phase levels, Opt. Express 27 (2) (2019) 1071–1079. [11] F. Futami, Experimental demonstrations of Y-00 cipher for high capacity and secure optical fiber communications, Quantum Inform. Process. 13 (10) (2014) 2277–2291. [12] E. Corndorf, G. Barbosa, C. Liang, H.P. Yuen, P. Kumar, High-speed data encryption over 25 km of fiber by two-mode coherent-state quantum cryptography, Opt. Lett. 28 (21) (2003) 2040–2042. [13] G. Cincotti, L. Spiekman, N. Wada, K. Kitayama, Spectral coherent-state quantum cryptography, Opt. Lett. 33 (21) (2008) 2461–2463. [14] V.S. Grigoryan, G. S. Kanter, P. Kumar, Quantum-noise-randomized data encryption: Comparative analysis of M-ary PSK and M-ary ASK protocols for long-haul
Fig. 7. Power penalty and BER curves of the received power, Precv.
2.49 dB for 2.5 Gb/s and BER = 10−9.
4. Discussion and conclusion The feasibility of the proposed scheme is experimentally demonstrated, while the system performance seems not as good as that of other realizations [11]. The possible causes to be improved next is described as follows. For one thing, the DCF isn’t subtly matched with SSMF, and there is still some chromatic dispersion, which may broaden the received waveform and result in intersymbol interference. For another, the modulating signals of M-ary ciphertext and M/2-ary running key for MZM are planned to be uniformly-spaced. But due to the nonlinearity of MZM driver, the real modulating electrical signals become not uniformly-spaced, so will the modulated optical signals, which can damage the decipher performance. The both issues can be resolved properly. Besides, we note that NMS in this paper is obtained in theory, considering only the unavoidable quantum noise and imagining Eve of the strongest ability, i.e., she has access to the original output signals with ideal receiver. However, NMS realized in Ref. [16] can be quite large, which is obtained from the direct measurement of B2B test. The NMS of our scheme under practical measurement is believed to be fairly large, too. Moreover, our scheme can provide additional security due to the matching structure. The eavesdropping behavior of Eve will cause 5
Optical Fiber Technology 53 (2019) 102007
H. Jiao, et al.
[16] M. Yoshida, T. Hirooka, K. Kasai, M. Nakazawa, Single-channel 40 Gbit/s digital coherent QAM quantum noise stream cipher transmission over 480 km, Opt. Express 24 (1) (2016) 652–661. [17] X. Wei, X. Liu, Analysis of intrachannel four-wave mixing in differential phase-shift keying transmission with large dispersion, Opt. Lett. 28 (23) (2003) 2300–2302.
optical communications, in: Optical Fiber Communication and the National Fiber Optic Engineers Conference (OFC/NFOEC), Anaheim, USA, 2007, p. OWT3. [15] H.S. Jiao, T. Pu, J.L. Zheng, H. Zhou, L. Lu, P. Xiang, J.Y. Zhao, W.W. Wang, Semiquantum noise randomized data encryption based on an amplified spontaneous emission light source, Opt. Express 26 (9) (2018) 11587–11598.
6