LPsec: a fast and secure cryptographic system for optical connections

High capacity and low latency of optical connections are ideal for supporting current and future communication services, including 5G and beyond. Although some of those services are already secured at the packet layer using standard stream ciphers, like the Advanced Encryption Standard and ChaCha, secure transmission at the optical layer is still not implemented. To secure the optical layer, cryptographic methods need to be fast enough to support high-speed optical transmission and cannot introduce significant delay. Moreover, methods for key exchange, key generation, and key expansion are required, which can be implemented on standard coherent transponders. In this paper, we propose Light Path SECurity (LPsec), a secure cryptographic solution for optical connections that involves fast data encryption using stream ciphers and key exchange using Diffie–Hellman protocol through the optical channel. To support encryption of high-speed data streams, a fast, general-purpose pseudorandom number generator is used. Moreover, to make the scheme more secure against exhaustive search attacks, an additional substitution cipher is proposed. In contrast to the limited encryption speeds that standard stream ciphers can support, LPsec can support high-speed rates. Numerical simulation for 16 quadrature amplitude modulation (QAM), 32-QAM, and 64-QAM show that LPsec provides a sufficient security level while introducing only negligible delay.H2020 Industrial Leadership [H2020 B5G-OPEN (101016663)]; H2020 Marie Skłodowska-Curie Actions [REALNET (813144)]; Agencia Estatal de Investigación [IBON (PID2020- 114135RB-I00)]; Institució Catalana de Recerca i Estudis Avançats.Peer ReviewedPostprint (author's final draft

Totally secure classical networks with multipoint telecloning (teleportation) of classical bits through loops with Johnson-like noise

First, we show a new inexpensive defense against intruders and the man-in-the-middle attack in the Kirchhoff's-loop-Johnson-like-noise (KLJN) cipher. Then instead of point-to-point communication, we propose a high efficiency, secure network. The (in the idealistic case totally secure) classical network is based on an improved version of the KLJN cipher. The network consists of two parallel networks: i) a chain-like network of securely communicating, electrically isolated Kirchhoff-loops with Johnson-like noise and driven by a specific switching process of the resistances; ii) and a regular non-secure data network with a Coordinator-server. If the classical network is fast enough, the chain-like network of N communicators can generate and share an N bit long secret key within a single clock period of the ciphers and that implies a significant speed-up compared to the point-to-point key exchanges used by quantum communication or RSA-like key exchange methods. This is a teleportation-type multiple telecloning of the classical information bit because the information transfer can take place without the actual presence of the information bit at the intermediate points of the network. With similar quantum schemes the telecloning of classical bits via quantum communicator networks without telecloning the quantum states is also possible.Comment: Quantum-based network application added. 13 page

A high-speed integrated circuit with applications to RSA Cryptography

Merged with duplicate record 10026.1/833 on 01.02.2017 by CS (TIS)The rapid growth in the use of computers and networks in government, commercial and private communications systems has led to an increasing need for these systems to be secure against unauthorised access and eavesdropping. To this end, modern computer security systems employ public-key ciphers, of which probably the most well known is the RSA ciphersystem, to provide both secrecy and authentication facilities. The basic RSA cryptographic operation is a modular exponentiation where the modulus and exponent are integers typically greater than 500 bits long. Therefore, to obtain reasonable encryption rates using the RSA cipher requires that it be implemented in hardware. This thesis presents the design of a high-performance VLSI device, called the WHiSpER chip, that can perform the modular exponentiations required by the RSA cryptosystem for moduli and exponents up to 506 bits long. The design has an expected throughput in excess of 64kbit/s making it attractive for use both as a general RSA processor within the security function provider of a security system, and for direct use on moderate-speed public communication networks such as ISDN. The thesis investigates the low-level techniques used for implementing high-speed arithmetic hardware in general, and reviews the methods used by designers of existing modular multiplication/exponentiation circuits with respect to circuit speed and efficiency. A new modular multiplication algorithm, MMDDAMMM, based on Montgomery arithmetic, together with an efficient multiplier architecture, are proposed that remove the speed bottleneck of previous designs. Finally, the implementation of the new algorithm and architecture within the WHiSpER chip is detailed, along with a discussion of the application of the chip to ciphering and key generation

Ensemble of Chaotic and Naive Approaches for Performance Enhancement in Video Encryption

Owing to the growth of high performance network technologies, multimedia applications over the Internet are increasing exponentially. Applications like video conferencing, video-on-demand, and pay-per-view depend upon encryption algorithms for providing confidentiality. Video communication is characterized by distinct features such as large volume, high redundancy between adjacent frames, video codec compliance, syntax compliance, and application specific requirements. Naive approaches for video encryption encrypt the entire video stream with conventional text based cryptographic algorithms. Although naive approaches are the most secure for video encryption, the computational cost associated with them is very high. This research work aims at enhancing the speed of naive approaches through chaos based S-box design. Chaotic equations are popularly known for randomness, extreme sensitivity to initial conditions, and ergodicity. The proposed methodology employs two-dimensional discrete Henon map for (i) generation of dynamic and key-dependent S-box that could be integrated with symmetric algorithms like Blowfish and Data Encryption Standard (DES) and (ii) generation of one-time keys for simple substitution ciphers. The proposed design is tested for randomness, nonlinearity, avalanche effect, bit independence criterion, and key sensitivity. Experimental results confirm that chaos based S-box design and key generation significantly reduce the computational cost of video encryption with no compromise in security

Field test of quantum key distribution in the Tokyo QKD Network

A novel secure communication network with quantum key distribution in a metropolitan area is reported. Different QKD schemes are integrated to demonstrate secure TV conferencing over a distance of 45km, stable long-term operation, and application to secure mobile phones.Comment: 21 pages, 19 figure

Field test of a practical secure communication network with decoy-state quantum cryptography

We present a secure network communication system that operated with decoy-state quantum cryptography in a real-world application scenario. The full key exchange and application protocols were performed in real time among three nodes, in which two adjacent nodes were connected by approximate 20 km of commercial telecom optical fiber. The generated quantum keys were immediately employed and demonstrated for communication applications, including unbreakable real-time voice telephone between any two of the three communication nodes, or a broadcast from one node to the other two nodes by using one-time pad encryption.Comment: 10 pages, 2 figures, 2 tables, typos correcte

Long-distance entanglement-based quantum key distribution over optical fiber

We report the first entanglement-based quantum key distribution (QKD) experiment over a 100-km optical fiber. We used superconducting single photon detectors based on NbN nanowires that provide high-speed single photon detection for the 1.5-µm telecom band, an efficient entangled photon pair source that consists of a fiber coupled periodically poled lithium niobate waveguide and ultra low loss filters, and planar lightwave circuit Mach-Zehnder interferometers (MZIs) with ultra stable operation. These characteristics enabled us to perform an entanglement-based QKD experiment over a 100-km optical fiber. In the experiment, which lasted approximately 8 hours, we successfully generated a 16 kbit sifted key with a quantum bit error rate of 6.9 % at a rate of 0.59 bits per second, from which we were able to distill a 3.9 kbit secure key