LPsec: a fast and secure cryptographic system for optical connections

Abstract

High capacity and low latency of optical connections are ideal for supporting current and future communication services, including 5G and beyond. Although some of those services are already secured at the packet layer using standard stream ciphers, like the Advanced Encryption Standard and ChaCha, secure transmission at the optical layer is still not implemented. To secure the optical layer, cryptographic methods need to be fast enough to support high-speed optical transmission and cannot introduce significant delay. Moreover, methods for key exchange, key generation, and key expansion are required, which can be implemented on standard coherent transponders. In this paper, we propose Light Path SECurity (LPsec), a secure cryptographic solution for optical connections that involves fast data encryption using stream ciphers and key exchange using Diffie–Hellman protocol through the optical channel. To support encryption of high-speed data streams, a fast, general-purpose pseudorandom number generator is used. Moreover, to make the scheme more secure against exhaustive search attacks, an additional substitution cipher is proposed. In contrast to the limited encryption speeds that standard stream ciphers can support, LPsec can support high-speed rates. Numerical simulation for 16 quadrature amplitude modulation (QAM), 32-QAM, and 64-QAM show that LPsec provides a sufficient security level while introducing only negligible delay.

H2020 Industrial Leadership [H2020 B5G-OPEN (101016663)]; H2020 Marie Skłodowska-Curie Actions [REALNET (813144)]; Agencia Estatal de Investigación [IBON (PID2020- 114135RB-I00)]; Institució Catalana de Recerca i Estudis Avançats.

Peer Reviewed

Postprint (author's final draft)