Research On Physical Layer Security Authentication And Encryption Technology Of Optical Network

The rapid development of information technology has brought great changes to human production and life.New technology and new applications have a large number of links such as the generation,transmission,exchange and processing of information and data.The speed and distance of optical communication have been greatly improved,and the openness of optical networks has been significantly enhanced.Due to the endless means of information eavesdropping,the existing optical communication cannot resist the line or node eavesdropping attack,which poses a serious threat to the high-speed interconnection security of key information infrastructure.To realize the safe transmission of data,it is urgent to develop the data protection scheme in optical fiber communication.The security of the physical layer is independent of the content of data information,so all transmission signals on the optical fiber line can be protected safely.In the physical layer,there are security loopholes not only in the data transmission link,but also in the receiver.Unauthorized device access,injection attacks,and camouflage can seriously threaten the security performance of the entire system.Therefore,appropriate authentication and encryption mechanisms are required.The development of secure authentication and encryption protocols that can resist cloning and other simulated attacks is an important research field in physical layer security.The security of the traditional fiber optic network mainly depends on the implementation of the classical cryptographic algorithm at the top of the protocol stack,and its security mechanism is achieved mainly due to the computational complexity of the algorithm.Due to the limited computing power of the attacker,the key cannot be deciphered in time in the RS A public key algorithm which cannot resist the attack of the quantum computer.Key distribution is considered to be an effective security scheme,and quantum key distribution(QKD)can achieve unconditional security.However,it is not compatible with long distance optical amplifiers,and the system design is expensive and complex.Therefore,it is necessary to design a simpler and more economical key distribution scheme in classical channel.At present,the following problems still need to be solved:(1)In existing authentication schemes it is difficult to resist violent attacks,so a more reliable security authentication scheme is needed before optical network transmission.(2)In existing key distribution schemes both the key generaton rate and key consistency rate are low,so an attack resistant and high-rate physical layer based key distribution scheme is needed.(3)The existing encryption and key distribution schemes are independent,so what is needed is a secure communication scheme integrating key distribution and encryption and compatible with the existing system.In view of the above problems,this paper proposes a scheme of optical fiber communication physical layer security authentication.The authentication feature extraction is completed,and the certified party is judged.The key distribution scheme based on optical physical layer is proposed,and the key extraction,quantification as well as coding are carried out.Finally,the key sequence with high consistency rate and high bit rate is generated.The scheme based on the integration of key distribution and encryption in optical communication physical layer is proposed.The transmitted data is encrypted by using Y00 encryption protocol.The scheme is verified in experiment.Three innovative works have been completed in this paper.1.Physical layer security authentication scheme based on channel feature extraction in optical networkIn view of the problem that traditional security authentication based on key algorithm is easy to be solved,this paper proposes a physical layer security authentication scheme which can be realized by measuring BER changes of both sides of communication.By using the short-term correlation between channels,the legitimacy of receiver is identified by analyzing BER variation of fiber loop.Then,we simulate a phase modulation optical transmission system using IMDD-OFDM.The authentication effect under the condition of interference caused by extra noise introduced by eavesdropper(Eve),splitter eavesdropper and substitution attack is analyzed.Simulation and experimental results show that the scheme is very sensitive to attack,and has a high detection probability PPD and a low false alarm rate PFAR.With the increase of frequency test,PPD and PFAR tend to be stable.When the transmitting power of the laser is 1mW,the wavelength is 1550nm and the optical fiber link is 200km,the detection probability PPD is close to 98%and the false alarm rate PFAR is close to 0.1.On this basis,a physical layer security authentication scheme based on SNR of optical network channel characteristics is proposed.This scheme solves the problem of compatibility of security authentication and security transmission.The certification party calculates the SNR change rate through the channel feature extraction,quantization and noise reduction methods.Taking the SNR change rate as the key index of optical fiber physical layer authentication,it can accurately reflect the dynamic characteristics of the channel.The simulation results show that under the condition of using I/Q modulator and coherent demodulation,in the system the detection probability PPD is close to 98%and the false alarm rate PFAR is close to 0.1,which can effectively realize the security certification.At the same time,SNR has the characteristics of convenient and quick measurement,which is very suitable for popularization and application,and has higher economic benefits.2.Key distribution scheme based on channel characteristics extraction of optical communication physical layerIn view of the complexity of traditional physical layer key distribution system,the short transmission distance and the low key generation rate(KGR),this paper presents a key distribution scheme based on BER measurement in optical fiber channel.By measuring the BER loop at the sender and receiver,BER is quantified and encoded to generate a random key with a high consistency rate.The security of the key generation is improved by using the randomness of the optical fiber channel.The system has a high key generation rate compatible with the existing communication equipment,and the measurement is simple.The BER of the extracted channel security feature information is measured by 10 Gb/s-200km coherent optical communication system.The experimental results show that under the conditions of laser transmitting power of 10dBm,wavelength of 1550nm and fiber loss of 0.2dB/km,the system can generate Key generation rate(KGR)up to 2Mbps,and the key consistency rate(KCR)of key distribution can reach 98%.In order to further solve the problem of transmission performance,this paper proposes a key distribution scheme based on the SNR measurement characteristics of the physical layer of optical fiber channel,so that the SNR of the system can be relatively high and the normal transmission will not be affected.The advantage of SNR key distribution is that the system BER is not required to be very high,and the SNR can be measured in the case of low BER,so it does not affect the normal transmission,and the combination of key distribution and encryption transmission can be realized.The simulation results show that the final KGR of the system can reach 25Kbps and the KCR can reach 99%when the laser transmitting power is 1mW.3 The integrated scheme of optical communication physical layer key distribution and encryptionTo solve the problem of compatibility of key distribution and encryption union,this paper proposes a key distribution and encryption joint control system based on the physical layer of optical channel,which can effectively solve the problem of integration of communication and encryption.In this paper,a 10Gbps-200km optical fiber communication system is used to measure the channel characteristics of the system by looping back,and then the key is generated by quantifying and coding the BER.The QPSK signal is modulated to a highorder quadrature amplitude modulation(QAM)signal of 1024 X 1024 by using quantum noise stream encryption method.The high-order QAM signal is easily covered by noise to encrypt and transmit.The BER changes of channel can be reflected by various physical characteristics of channel,such as noise,dispersion and polarization.The experimental results show that when the transmitting voltage of any signal generator is 400mV,the EDFA power is 10dBm and the optical fiber loss is 0.2dB/km,the system's KGR reaches 400Kbps.The key obtained from BER is used to encrypt the quantum noise stream of the system to realize the secure transmission of 200km,and the BER of the transmission system is low.On this basis,when the EDFA transmission power is 12dBm and the fiber loss size is 0.16dB/km,the integrated transport negotiation performance of 300km long span is verified.The experimental results show that the KGR of the system can reach 400Kbps,and the safety negotiation KER is less than 2%.High performance optical fiber transmission equipment is used in the system,which greatly improves the transmission performance of the system.After error correction,the far noise BER of the system is 0.