Integration of Self-Adaptive Physical-Layer Key Distribution and Encryption in Optical Coherent Communication

We propose and experimentally demonstrate a compatible physical-layer secure optical communication (PLSOC) system that integrates self-adaptive physical-layer key distribution (PLKD) and encryption (PLE) in optical coherent communication. Based on bit error rate difference of QAM signals mapped by asymmetric basis state Y-00 protocol, the secret key can be secretly exchanged over public fiber links without the pre-shared keys. Moreover, we perform a parameter self-adaptive strategy for practical and dynamic PLKD. The security of the key is evaluated in the case of a fiber-tapping attack. A secure hash algorithm, SHA3-512, is used to perform privacy amplification to obtain the virtually secure key. An error-free PLKD rate reaches 39.3 Kbits/s over 300km ultra-low loss fiber. We experimentally enable the integration of the proposed PLKD scheme and quantum noise stream cipher (QNSC) with a single wavelength, same system. Q factor penalty of the integration system compared to the QNSC system is 3.7dB (optical back-to-back) and 4.8dB (300km) respectively. By exploiting a common hardware platform, with the same wavelength, the proposed PLSOC system addresses the problem that PLKD and PLE are separately performed through independent optical fiber links or wavelengths. Since only digital signal processing is used, the scheme does not require extra hardware

Physical-Layer Encryption Using Digital Chaos for Secure OFDM Transmission

Due to the broadcasting nature of passive optical network (PON), data security is challenging. For the transmission of orthogonal frequency division multiplexing (OFDM) signals, the high peak-to-average power ratio (PAPR) is considered as one of the major drawbacks. This chapter reviews the digital chaos-based secure OFDM data encryption schemes, where the transmission performance is improved via PAPR reduction. The digital chaos is incorporated into the signal scrambling approaches: selective mapping (SLM), partial transmit sequence (PTS); and precoding approaches: discrete Fourier transform (DFT) and Walsh-Hadamard transform (WHT) for PAPR reduction. Multi-fold data encryption is achieved with a huge key space provided by digital chaos, to enhance the physical-layer security for OFDM-PON, while the pseudo-random properties of digital chaos are applied for PAPR reduction, which consequently improves the transmission performance. The evidences of these encryption approaches are presented in terms of theories, simulations, as well as experimental demonstrations. The chaotic data encryption schemes could be promising candidates for next-generation OFDM-PON

Design of an OFDM Physical Layer Encryption Scheme

This paper presents a new encryption scheme implemented at the physical layer of wireless networks employing orthogonal frequency-division multiplexing (OFDM). The new scheme obfuscates the subcarriers by randomly reserving several subcarriers for dummy data and resequences the training symbol by a new secure sequence. Subcarrier obfuscation renders the OFDM transmission more secure and random, whereas training symbol resequencing protects the entire physical layer packet but does not affect the normal functions of synchronization and channel estimation of legitimate users while preventing eavesdroppers from performing these functions. The security analysis shows that the system is robust to various attacks by analyzing the search space using an exhaustive key search. Our scheme is shown to perform better in terms of search space, key rate, and complexity in comparison with other OFDM physical layer encryption schemes. The scheme offers options for users to customize the security level and the key rate according to the hardware resource. Its low complexity nature also makes the scheme suitable for resource-limited devices. Details of practical design considerations are highlighted by applying the approach to an IEEE 802.11 OFDM system case study

Modulation Signal Chain for a 5G PDSCH Reciever

LTE (Long Term Evolution), marketed as 5G LTE, is a standard for wireless communication of high-speed data for mobile phones and data terminals. It increases the system capacity and speed. The standard is developed by the 3GPP (3rd Generation Partnership Project). The scrambling and modulation was implemented using hardware and software methods. The using of scrambling and modulation mapping with help of constellation method is used. Constellation method is easily differentiating the real and imaginary terms of the modulation mapping. Depending on the hardware structure, particular scrambling and modulation mapping was designed using Verilog RTL coding. Simulation and synthesis was carried out using Xilinx Vivado 2015.4.2 design and implemented on Artix-7 FPGA board. Clock cycle delay is reduced to two clock cycle

Security and Privacy for IoT Ecosystems

Smart devices have become an integral part of our everyday life. In contrast to smartphones and laptops, Internet of Things (IoT) devices are typically managed by the vendor. They allow little or no user-driven customization. Users need to use and trust IoT devices as they are, including the ecosystems involved in the processing and sharing of personal data. Ensuring that an IoT device does not leak private data is imperative. This thesis analyzes security practices in popular IoT ecosystems across several price segments. Our results show a gap between real-world implementations and state-of-the-art security measures. The process of responsible disclosure with the vendors revealed further practical challenges. Do they want to support backward compatibility with the same app and infrastructure over multiple IoT device generations? To which extent can they trust their supply chains in rolling out keys? Mature vendors have a budget for security and are aware of its demands. Despite this goodwill, developers sometimes fail at securing the concrete implementations in those complex ecosystems. Our analysis of real-world products reveals the actual efforts made by vendors to secure their products. Our responsible disclosure processes and publications of design recommendations not only increase security in existing products but also help connected ecosystem manufacturers to develop secure products. Moreover, we enable users to take control of their connected devices with firmware binary patching. If a vendor decides to no longer offer cloud services, bootstrapping a vendor-independent ecosystem is the only way to revive bricked devices. Binary patching is not only useful in the IoT context but also opens up these devices as research platforms. We are the first to publish tools for Bluetooth firmware and lower-layer analysis and uncover a security issue in Broadcom chips affecting hundreds of millions of devices manufactured by Apple, Samsung, Google, and more. Although we informed Broadcom and customers of their technologies of the weaknesses identified, some of these devices no longer receive official updates. For these, our binary patching framework is capable of building vendor-independent patches and retrofit security. Connected device vendors depend on standards; they rarely implement lower-layer communication schemes from scratch. Standards enable communication between devices of different vendors, which is crucial in many IoT setups. Secure standards help making products secure by design and, thus, need to be analyzed as early as possible. One possibility to integrate security into a lower-layer standard is Physical-Layer Security (PLS). PLS establishes security on the Physical Layer (PHY) of wireless transmissions. With new wireless technologies emerging, physical properties change. We analyze how suitable PLS techniques are in the domain of mmWave and Visible Light Communication (VLC). Despite VLC being commonly believed to be very secure due to its limited range, we show that using VLC instead for PLS is less secure than using it with Radio Frequency (RF) communication. The work in this thesis is applied to mature products as well as upcoming standards. We consider security for the whole product life cycle to make connected devices and IoT ecosystems more secure in the long term

Physical-Layer Security Enhancement in Wireless Communication Systems

Without any doubt, wireless infrastructures and services have fundamental impacts on every aspect of our lives. Despite of their popularities, wireless communications are vulnerable to various attacks due to the open nature of radio propagation. In fact, communication security in wireless networks is becoming more critical than ever. As a solution, conventional cryptographic techniques are deployed on upper layers of network protocols. Along with direct attacks from lower layer, wireless security challenges come with the rapid evolution of sophisticated decipher techniques. Conventional security mechanisms are not necessarily effective against potential attacks from the open wireless environment anymore. As an alternative, physical-layer(PHY) security, utilizing unique features from lower layer, becomes a new research focus for many wireless communication systems. In this thesis, three mechanisms for PHY security enhancement are investigated. Beginning with a discussion on the security vulnerability in highly standardized infrastructures, the thesis proposed a time domain scrambling scheme of orthogonal frequency division multiplexing (OFDM) system to improve the PHY security. The method relies on secretly scrambling each OFDM symbol in time domain, resulting in constellation transformation in frequency domain, to hide transmission features. As a complement to existing secrecy capacity maximization based optimal cooperative jamming systems, a security strategy based on the compromised secrecy region (CSR) minimization in cooperative jamming is then proposed when instantaneous channel state information(CSI) is not available. The optimal parameters of the jammer are derived to minimize the CSR which exhibits high secrecy outage probability. At last, security enhancement of OFDM system in cooperative networks is also investigated. The function selection strategies of cooperative nodes are studied. Our approach is capable of enhancing the security of broadband communications by selecting the proper function of each cooperative node. Numerical results demonstrate the feasibility of three proposed physical layer security mechanisms by examining the communication reliability, achievable CSR and secrecy capacity respectively