10,218 research outputs found
Automatic Intent-Based Secure Service Creation Through a Multilayer SDN Network Orchestration
Growing traffic demands and increasing security awareness are driving the
need for secure services. Current solutions require manual configuration and
deployment based on the customer's requirements. In this work, we present an
architecture for an automatic intent-based provisioning of a secure service in
a multilayer - IP, Ethernet, and optical - network while choosing the
appropriate encryption layer using an open-source software-defined networking
(SDN) orchestrator. The approach is experimentally evaluated in a testbed with
commercial equipment. Results indicate that the processing impact of secure
channel creation on a controller is negligible. As the time for setting up
services over WDM varies between technologies, it needs to be taken into
account in the decision-making process.Comment: Parts of the presented work has received funding from the European
Commission within the H2020 Research and Innovation Programme, under grant
agreeement n.645127, project ACIN
Synchronization of spatiotemporal semiconductor lasers and its application in color image encryption
Optical chaos is a topic of current research characterized by
high-dimensional nonlinearity which is attributed to the delay-induced
dynamics, high bandwidth and easy modular implementation of optical feedback.
In light of these facts, which adds enough confusion and diffusion properties
for secure communications, we explore the synchronization phenomena in
spatiotemporal semiconductor laser systems. The novel system is used in a
two-phase colored image encryption process. The high-dimensional chaotic
attractor generated by the system produces a completely randomized chaotic time
series, which is ideal in the secure encoding of messages. The scheme thus
illustrated is a two-phase encryption method, which provides sufficiently high
confusion and diffusion properties of chaotic cryptosystem employed with unique
data sets of processed chaotic sequences. In this novel method of cryptography,
the chaotic phase masks are represented as images using the chaotic sequences
as the elements of the image. The scheme drastically permutes the positions of
the picture elements. The next additional layer of security further alters the
statistical information of the original image to a great extent along the
three-color planes. The intermediate results during encryption demonstrate the
infeasibility for an unauthorized user to decipher the cipher image. Exhaustive
statistical tests conducted validate that the scheme is robust against noise
and resistant to common attacks due to the double shield of encryption and the
infinite dimensionality of the relevant system of partial differential
equations.Comment: 20 pages, 11 figures; Article in press, Optics Communications (2011
Field test of a practical secure communication network with decoy-state quantum cryptography
We present a secure network communication system that operated with
decoy-state quantum cryptography in a real-world application scenario. The full
key exchange and application protocols were performed in real time among three
nodes, in which two adjacent nodes were connected by approximate 20 km of
commercial telecom optical fiber. The generated quantum keys were immediately
employed and demonstrated for communication applications, including unbreakable
real-time voice telephone between any two of the three communication nodes, or
a broadcast from one node to the other two nodes by using one-time pad
encryption.Comment: 10 pages, 2 figures, 2 tables, typos correcte
Roadmap on optical security
Postprint (author's final draft
Using quantum key distribution for cryptographic purposes: a survey
The appealing feature of quantum key distribution (QKD), from a cryptographic
viewpoint, is the ability to prove the information-theoretic security (ITS) of
the established keys. As a key establishment primitive, QKD however does not
provide a standalone security service in its own: the secret keys established
by QKD are in general then used by a subsequent cryptographic applications for
which the requirements, the context of use and the security properties can
vary. It is therefore important, in the perspective of integrating QKD in
security infrastructures, to analyze how QKD can be combined with other
cryptographic primitives. The purpose of this survey article, which is mostly
centered on European research results, is to contribute to such an analysis. We
first review and compare the properties of the existing key establishment
techniques, QKD being one of them. We then study more specifically two generic
scenarios related to the practical use of QKD in cryptographic infrastructures:
1) using QKD as a key renewal technique for a symmetric cipher over a
point-to-point link; 2) using QKD in a network containing many users with the
objective of offering any-to-any key establishment service. We discuss the
constraints as well as the potential interest of using QKD in these contexts.
We finally give an overview of challenges relative to the development of QKD
technology that also constitute potential avenues for cryptographic research.Comment: Revised version of the SECOQC White Paper. Published in the special
issue on QKD of TCS, Theoretical Computer Science (2014), pp. 62-8
- …