Chaotic phase noise-like encryption based on geometric shaping for coherent data center interconnections

Wenjun Zeng; Chongfu Zhang; Xinshuai Liang; Yufeng Luo; Xue Wang; Kun Qiu

doi:10.1364/OE.506738

1. Introduction

Data centers (DCs) have become an important infrastructure in the digital information society with the rapid development of cloud computing, and digital economy, etc [1,2]. DC interconnection (DCI) is used to interconnect DCs with the dispersed physical locations into a huge virtual resource pool for achieving data provisioning and management. The network traffic of DCIs is increasing with the increasing demand for computing power in cloud services [3]. In addition, some business data need to be transferred to other DCs for storage or high-performance computing to solve the problem of imbalance in regional energy distribution and computing power demand [4]. This transmission process may span multiple regions and cover thousands of kilometers. It will be easier for an attacker to steal optical signals in physical transmission links [5–7]. Therefore, the DCs face great challenges in data transmission security during such long-haul transmission and frequent interactions.

Encryption technology is one of the effective means to protect data confidentiality in optical fiber communication networks [8–10]. At present, the upper-layer application encryption technology has been widely used. However, this encryption technology cannot effectively protect the control information, and its security is seriously dependent on the computational complexity of encryption algorithms [11]. Computing resources and speed have been greatly improved with the development of quantum computers [12], and it has become easier for attackers to break these encryption algorithms using high computing power devices. Therefore, the reliability of upper-layer application encryption is threatened.

A series of secure communication technologies performed on physical layer have been proposed, including quantum key distribution (QKD) [13], optical code division multiple access (OCDMA) [14], quantum noise stream cipher (QNSC) [15], optical steganography [16], optical chaos security technology [17,18], digital chaotic encryption technology [19,20], etc. QKD can provide information theory security, but its transmission rate is limited and not suitable for DCI high-capacity transmission scenarios. The key space of OCDMA is small, so it cannot resistant brute-force attacks. QNSC reduces the spectrum utilization, which is undesirable in DCIs. Optical steganography has good data transmission concealment, but it is greatly affected by link damage, and its transmission distance is limited. Optical chaos security technology is difficult to achieve chaos synchronization in long-haul transmission scenarios, and the bandwidth of chaotic optical signals is limited [21]. On the contrary, digital chaotic encryption technology has good compatibility with communication networks. The encryption operation is carried out on the digital signal processing (DSP) in the physical layer [22–24], it utilizes the high randomness and initial value sensitivity of chaotic systems to meet the security requirements of DCIs [25].

At present, the digital chaotic encryption technology is mainly applied in optical access network scenarios, and some effective schemes have been proposed to enhance the security of data transmission [26–29]. However, the transmission distance and speed of optical access networks are smaller compared to DCIs. The existing schemes rarely consider the impact of channel parameter characteristics on encryption, such as dispersion, polarization mode dispersion, phase noise, etc. In the long-haul DCIs, the coherent receivers are generally used along with DSP techniques for channel equalization [30,31]. There are almost no reports on the impact of digital chaotic encryption technology and coherent DSP equalization algorithms in the context of DCIs. In addition, the transmission performance of DCIs is affected because the peak power or Euclidean distance of symbols is changed during the encryption process in digital chaotic encryption [32]. Usually, the symbols with a higher disturbance level can provide a higher security level. Therefore, the security and transmission performance of communication systems have been an irreconcilable contradiction in the physical layer encryption technologies.

Some effective methods have been proposed to improve the transmission performance, such as probabilistic shaping (PS) [33] and geometric shaping (GS) [34]. The PS and GS have been verified in the security optical access network scenarios [35–37]. The PS is to change the distribution probability of constellation symbols, but it can cause an uneven distribution of transmission symbols, and attackers may obtain some information through statistical analysis. The GS is to change the geometric position of constellation symbols, which combined with digital chaos encryption can hide the constellation geometry information. The parameters of coherent equalization algorithms need to be matched with the constellation information parameters, the difficulty of attackers in deciphering can be increased when the constellation geometry information is hidden. Therefore, a digital chaotic encryption based on the GS is expected to solve the contradiction between the security performance and the transmission performance of communication systems.

In this paper, we first propose a digital chaotic encryption scheme based on GS for secure coherent DCIs. Circular (1,7) is used as a GS constellation, and the impact of GS on DSP equalization algorithms has been studied. Then, a three-dimensional (3D) Chen system is used to generate key streams. Data are scrambled by a multi-level chaotic encryption scheme based on phase noise-like transformation (PNLT). The results indicate that this scheme can effectively solve the contradiction between security performance and transmission performance in coherent DCIs.

2. Principle

The secure transmission model based on a chaotic phase noise-like encryption for coherent DCIs is shown in Fig. 1. The employed chaotic system is the 3D Chen system. The data sent by DC1 is processed by the chaotic phase noise-like encryption module. The components of the module include GS, chaotic symbol mapping, polarization symbol disruption, and PNLT. Then the encrypted data is sent through the coherent transmitter for in-phase/quadrature (IQ) modulation and polarization multiplexing into the fiber channel. At the receiver of DC2, the optical signals are converted to electrical signals by a coherent frontend. The data is then performed for decryption and equalization. Firstly, orthogonality compensation (OC) and chromatic dispersion compensation (CDC) are applied. The OC compensates for the non-orthogonality of in-phase and quadrature components caused by the imperfect factors of modulators and mixers. Secondly, the adaptive equalization (AE) algorithm is used for the polarization demultiplexing and the removal of inter-symbol interference. Phase decryption needs to be performed after AE to restore normal phase information. The carrier recovery algorithm is used to remove the phase noise caused by carrier frequency deviation and laser linewidth. Finally, the original data is recovered after polarization symbol decryption and chaotic symbol demapping. Specifically, GS, AE, and carrier recovery are described in section 2.1. The chaotic symbol mapping and polarization symbol disruption are detailed in section 2.2. The process of PNLT is described in section 2.3. The decryption process is the reverse operation of encryption.

Fig. 1. The secure transmission model based on a chaotic phase noise-like encryption for coherent DCIs. Key_X,1, Key_X,2, and Key_X,3 are the encryption keys of X polarization branches; Key_Y,1, Key_Y,2, and Key_Y,3 are the encryption keys of Y polarization branches; OC: orthogonalization compensation; CDC: chromatic dispersion compensation. The red box indicates that GS can affect the effectiveness of adaptive equalization and carrier recovery.

Download Full Size | PDF

2.1 Geometric shaping and equalization

Methods for GS are mainly divided into an objective function optimization method and a direct design method. Direct design methods commonly have lower complexity. We used the GS constellation diagram circular (1,7) obtained through the direct design method to verify the effectiveness of the combination of GS and digital chaotic encryption. The constellation diagram circular (1,7) was proposed by Thomas [38] and its transmission performance effectiveness has been proven in the field of optical communication [39,40]. The constellation diagrams of rectangular, circular (4,4), and circular (1,7) are shown in Figs. 2(a) and (b), (c) respectively. Table 1 shows the minimum Euclidean distance (MED) and peak to average power ratio (PAPR) parameters of different 8-QAM constellations. A large MED can increase noise resistance, while a high PAPR exacerbates the influence of nonlinear effects on the signal. The circular (1,7) has a larger MED and a lower PAPR, thereby it has good noise resistance ability and nonlinearity tolerance.

Fig. 2. Conventional and geometric shaping of 8-QAM constellation diagrams. (a) rectangular, r₁= 1, r₂= 1.414; (b) circular (4,4), r₁= 0.707, r₂= 1.366; (c) circular (1,7), r = 1.153.

Download Full Size | PDF

Table 1. Different 8-QAM Constellation Parameters

View Table | View all tables in this article

The existing coherent DSP algorithms generally use blind equalization algorithms, which are related to constellation geometry distribution information. Therefore, the receiver is difficult to correctly recover the data without the correct constellation geometry distribution information. The types of blind equalization algorithms mainly include AE, carrier frequency recovery, and carrier phase recovery. The AE algorithm generally uses the constant modulus algorithm (CMA) and radius-directed equalization (RDE) algorithm. The CMA is mainly used for constant-amplitude constellations. The RDE algorithm can achieve a better equalization effect when it is a constellation diagram with multiple amplitude values. The error function of the RDE algorithm for the GS constellations with two amplitude values can be defined as Eq. (1) [41].

(1)$$\begin{array}{l} {E_{RDE1}}[k] = ({R_1}^2 - |{y_1}[k]{|^2}){y_1}[k]\\ {E_{RDE2}}[k] = ({R_2}^2 - |{y_2}[k]{|^2}){y_2}[k]\textrm{ }\;\;\;{R_1},\textrm{ }{R_2} \in CO{N_{GS}} \end{array}$$

where ${y_1}[k]$ and ${y_2}[k]$ are the received data of polarization X and polarization Y, respectively. ${R_1}$ and ${R_2}$ are the two radii of GS constellation, k is the data index. The goal of RDE algorithm is to converge to the corresponding constellation radius. Therefore, it is necessary to know the radius of GS constellation. Attackers can use CMA for the channel equalization, but the effect of using CMA equalization would be poor in high-order modulation situations. In addition, the GS can also have a certain impact on carrier frequency recovery and carrier phase recovery. The commonly used effective carrier frequency recovery algorithm is the 4^th power algorithm based on the frequency domain analysis. The key step of the algorithm is shown in Eq. (2) [42].

(2)$${(y[k])^n} = {A_p}{e^{j2\pi n(\varphi + k\Delta f{T_S})}}$$

where $\varphi$ is the constant phase, ${A_p}$ is the constant amplitude, $\Delta f$ is the frequency offset, ${T_S}$ is the symbol period, $y[k]$ is the received data. The value of n is determined based on the constellation distribution characteristics. For example, the value of n is 4 when the modulation format is quadrature phase shift keying (QPSK). The value of n needs to be changed when the GS is applied. Otherwise, the influence of frequency offset cannot be eliminated. The carrier phase recovery algorithm generally uses the blind phase search (BPS) algorithm. This algorithm applies B rotational phases to the received data as shown in Eq. (3) [43].

(3)$${y_b}[k] = y[k]{e^{j\frac{b}{B}\phi }},\textrm{ }b \in \left\{ { - \frac{B}{2}, \cdots , - 1,0,1, \cdots ,\frac{B}{2}} \right\}$$

where B is the total number of phases tested, $\phi$ is the phase rotation range and it is related to the constellation information. For example, $\phi = \frac{\pi }{2}$ for the symmetric M-QAM modulation format. In contrast, the value of $\phi$ is related to the k-fold blurring of the recovered phase for irregular constellation diagrams. Then, the rotated constellation diagrams need to be subjected to a minimum Euclidean distance judgment for subsequent decision-making operations. The exact information of constellation points is required. Therefore, the introduction of GS can enhance the transmission security in coherent DCIs.

2.2 Chaotic symbol encryption

The 3D Chen system is shown in Eq. (4) [44]. The system is in a chaotic state when $a = 35$, $b = 3$, $c = 28$. The two polarization branches use different initials to generate different two sets of chaotic sequences ${u_X}$, ${v_X}$, ${w_X}$ and ${u_Y}$, ${v_Y}$, ${w_Y}$, respectively. ${u_X}$, ${w_X}$, and ${u_Y}$, ${w_Y}$ are used for the chaotic symbol mapping and the polarization symbol disruption. Then, the encryption keys are generated as shown in Eq. (5).

(4)$$\left\{ \begin{array}{l} \dot{u} = a(v - u)\\ \dot{v} = (c - a)u - uw + cv\\ \dot{w} = uv - bw \end{array} \right.$$

(5)$$\begin{array}{l} Ke{y_{X,1}} = \bmod (floor({u_X}\cdot {10^{12}}),8)\\ Ke{y_{Y,1}} = \bmod (floor({u_Y}\cdot {10^{12}}),8)\\ Ke{y_{X,2}} = \bmod (floor({w_X}\cdot {10^{12}}),2)\\ Ke{y_{Y,2}} = \bmod (floor({w_Y}\cdot {10^{12}}),2)\\ Ke{y_2} = XOR(Ke{y_{X,2}},Ke{y_{Y,2}}) \end{array}$$

where $\bmod ({\cdot} )$ represents the modulo operation, $floor({\cdot} )$ represents the rounding towards negative infinity, and $XOR({\cdot} )$ represents the exclusive-OR operation. The X and Y polarization branches are respectively subjected to chaotic symbol mapping operations, as shown in Eq. (6).

(6)$$\begin{array}{l} EN{C_{X,1}} = \bmod (Odat{a_X} + Ke{y_{X,1}},8)\\ EN{C_{Y,1}} = \bmod (Odat{a_Y} + Ke{y_{Y,1}},8) \end{array}$$

where $Odat{a_X}$ and $Odat{a_Y}$ represent the octal data corresponding to the X and Y polarization branches, respectively. The chaotic symbol mapping can transform the original data to different positions during the constellation mapping process, which can increase the security of the original data. However, it only protects the data of its own polarization branch, and an attacker can obtain the plaintext with the key of a single channel. So, we propose the polarization symbol disruption as shown in Eq. (7).

(7)$$EN{C_2} = Exchange([EN{C_{X,1}},EN{C_{Y,1}}],Ke{y_2})$$

where $Exchange({\cdot} )$ represents the polarization symbol exchange operation, $EN{C_{X,1}}$ and $EN{C_{Y,1}}$ represent the data to be exchanged between the X polarization branch and the Y polarization branch, respectively. $Ke{y_2}$ is a symbol exchange controller. The symbols remain unchanged when $Ke{y_2}$ is set to 0. On the contrary, the symbols are exchanged when $Ke{y_2}$ is set to 1. The encrypted symbols of two polarization branches are interconnected, and attackers need to obtain the ciphertext and corresponding keys of two polarization branches to decipher one channel of data.

2.3 Phase noise-like transformation

The chaotic symbol mapping and polarization symbol disruption can improve transmission security by disrupting constellation positions, but the positions of constellation points are still within the regular constellations. The PNLT can increase the position status of constellation, and the phase information would be converted into a noise-like signal. The chaotic sequence ${v_X}$ and ${v_Y}$ are used to generate the corresponding transformation keys, as shown in Eq. (8).

(8)$$\begin{array}{l} Ke{y_{X,3}} = roundn(\bmod (floor({v_X}\cdot {10^{12}}),10)\cdot {10^{ - 1}},TPA)\\ Ke{y_{Y,3}} = roundn(\bmod (floor({v_Y}\cdot {10^{12}}),10)\cdot {10^{ - 1}},TPA) \end{array}$$

where $roundn({\cdot} )$ represents the transformation accuracy selection operation, $TPA$ indicates the value of transformation phase accuracy. The transformation operation is shown in Eq. (9).

(9)$$\begin{array}{l} EN{C_{X,3}} = EN{C_{X,2}}{e^{j2\pi Ke{y_{X,3}}}}\\ EN{C_{Y,3}} = EN{C_{Y,2}}{e^{j2\pi Ke{y_{Y,3}}}} \end{array}$$

where $EN{C_{X,2}}$ and $EN{C_{Y,2}}$ represent the data of X and Y polarization branches after polarization symbol disruption, respectively. The constellation variation diagram during the encryption process is shown in Fig. 3. The data are divided into X and Y polarization branches for transmission. The encryption procedure is divided into four steps: 1) The GS constellation circular (1,7) is used for the constellation mapping. In this step, the constellation geometry distribution information is changed; 2) The constellation symbols are randomly scrambled to other locations based on the $Ke{y_{X,1}}$ and $Ke{y_{Y,1}}$. For example, the green constellation point (100) is scrambled to the pink constellation point (011). It is worth noting that this step does not change the constellation mapping table, but changes the value of each symbol; 3) The symbol data of the X and Y polarization branches are randomly exchanged based on the $Ke{y_2}$. For example, the pink constellation data in the X polarization branch is exchanged to the Y polarization branch; 4) The phase states of constellations are randomly perturbed according to the $Ke{y_{X,3}}$ and $Ke{y_{Y,3}}$. Different transformation phase accuracy can be achieved by setting different TPAs. The encryption process of chaotic symbol mapping and polarization symbol disruption cannot increase the number of constellation states. Their scrambled regions remain in the original constellation position states. The number of phase states in the constellation diagram increases significantly when the PNLT is performed. The phase distribution is visible because the transformation phase accuracy is the lowest when $TPA = 1$. On the contrary, the phase distribution is dispersed and the phase state increases significantly when $TPA \ge 2$, which has a good communication concealment performance.

Fig. 3. Schematic illustration of constellation variation diagram during the encryption process. Different colors represent different constellation points, and the lines represent the trajectory of the constellation points during encryption. TPA: transformation phase accuracy.

Download Full Size | PDF

3. Results and discussions

The verification setup of secure coherent DCI is shown in Fig. 4. The data processed by the GS and the chaotic encryption in the DC1 is divided into four channels. The scheme employs polarization multiplexing (PM) and 8-QAM symbol mapping format. The symbol length is 65536. Then, the four digital signals are converted into analog signals through a digital analog converter (DAC) and pulse shaping (PS), the sampling rate and resolution of DAC are 72 GSa/s and 8 bits, respectively. The cutoff frequency of the low-pass filter used in PS is set to 36 GHz. Then, a dual polarization (DP) IQ modulator with a half-wave voltage of 5 V is used for electro-optic modulation. The employed laser source is a continuous wave (CW) laser, which is divided into X-polarized light and Y-polarized light by a polarization beam splitter (PBS). The laser is operated at a wavelength of 1550 nm and a power is 0 dBm. The modulated optical signal is combined through a polarization beam combiner (PBC) and transmitted to DC2 through a three spans standard single mode fiber (SSMF). Each span of the SSMF is 80 km. The attenuation coefficient and dispersion coefficient of the SSMF are $0.2$ dB/km, and $16$ ps/(nm⋅km), respectively. An erbium-doped fiber amplifier (EDFA) is used for attenuation compensation in each span of SSMF. The bit rate of data transmission is 216 Gb/s. A DP coherent receiver is used for receiving optical signals in DC2. In the DP coherent receiver, the power of the local oscillator laser is 4 mW and the frequency offset is 100 MHZ, the sampling rate and resolution of the analog digital converter (ADC) are 72 GSa/s and 8 bits. Then, the received digital signal is processed by the coherent DSP, including OC, CDC, AE, carrier frequency recovery, and carrier phase recovery. The corresponding employed algorithms are as follows: Gram-Schmidt orthogonalization procedure (GSOP) [45], CDC based on overlap-save method [46], RDE based on CMA initialization [41], frequency recovery based on the 4^th power spectral analysis [42], and BPS algorithm [43].

Fig. 4. The verification setup of secure coherent DCI from DC1 to DC2. CW: continuous wave; PBS: polarization beam splitter; DP: dual polarization; IQ: in-phase/quadrature; DAC: digital analog converter; PS: pulse shaping; PBC: polarization beam combiner; EDFA: erbium-doped fiber amplifier. x3: a three spans standard single mode fiber (SSMF), each span is 80 km, and an EDFA is used for attenuation compensation in each span.

Download Full Size | PDF

The GS constellation used in our scheme is circular (1,7). We assume that an attacker does not have the correct GS information (GSI) to decipher ciphertext data, and uses different constellation for DSP equalization. The circular (4,4), rectangular, triangular, 8-AMPM [47], and Eric-8-QAM [48] constellations are used, and their constellation coordinates are shown in Table 2 (The coordinate values are accurate to 0.01). The constellation coordinates need to be power normalized. The encryption schemes are classified according to different encryption steps and parameters as follows: 1) encryption using chaotic symbol mapping (Encstep1); 2) encryption using chaotic symbol mapping and polarization symbol disruption (Encstep2); 3) encryption using chaotic symbol mapping, polarization symbol disruption, and PNLT with $TPA = 1$ (Encstep3_1); 4) encryption using chaotic symbol mapping, polarization symbol disruption, and PNLT with $TPA = 2$ (Encstep3_2); 5) encryption using chaotic symbol mapping, polarization symbol disruption, and PNLT with $TPA = 3$ (Encstep3_3); 6) encryption using chaotic symbol mapping, polarization symbol disruption, and PNLT with $TPA = 4$ (Encstep3_4). Figure 5(a) shows the decipherment results with or without a key stolen by an attacker. The different color symbols represent the BER results using different constellations in the DSP equalization. The circular symbol means that the attacker stole the key and the square symbol means that the attacker does not steal the key. The attacker cannot recover the correct data without the correct GSI even if the key is stolen. Because different constellations have different amplitude and phase distributions, this leads to the inability to accurately recover signals during the AE and carrier phase recovery. Therefore, the BER of attacker with or without the key is constantly close to 0.5 in the case of using an incorrect GSI. The correct key is required to decrypt the data when using the correct GSI. The decryption prerequisite for our encryption scheme is that the correct GSI needs to be obtained first, which is different from existing chaotic encryption schemes. The different encryption schemes have similar BER when GSI is the same. It shows that each level of our proposed encryption scheme has independent security properties. We have discussed the comparison of the security parameters of different encryption schemes in the subsequent. Figures 5(b) and (c) show the DSP equalization results without a key using circular (4,4) and circular (1,7), respectively. The density distribution of constellation points obtained by these two GSIs is different. This means that the ciphertext data generated by the attacker during the DSP equalization is different, which can confuse the attacker. The attacker cannot recover the data correctly after the BPS because the correct key is not used for decryption in AE in Fig. 5(c). Figure 5(d) shows the DSP equalization results using circular (1,7) with a key. The distribution of data can be consistent with the distribution of the circular (1, 7) constellation only if the correct GSI and key are obtained at the same time. In addition, the decryption operation of our encryption scheme needs to be implemented in the corresponding DSP equalization stage. The implementation of the decryption operation in the wrong stage cannot recover the signal correctly, which increases the difficulty of deciphering. Therefore, the combination of GS and digital chaotic encryption can improve data transmission security.

Fig. 5. Results of an attacker using different GSIs to decipher encrypted data. (a) Decipherment results with or without a key stolen by an attacker. Encstep1: chaotic symbol mapping only; Encstep2: chaotic symbol mapping and polarization symbol disruption; Encstep3_1, Encstep3_2, Encstep3_3, and Encstep3_4 are encryption using chaotic symbol mapping, polarization symbol disruption and PNLT with $TPA = 1$, $TPA = 2$, $TPA = 3$, and $TPA = 4$, respectively; (b) DSP equalization results in Encstep3_2 using circular (4,4) without key; (c) DSP equalization results in Encstep3_2 using circular (1,7) without key; (d) DSP equalization results in Encstep3_2 using circular (1,7) with key.

Download Full Size | PDF

Table 2. Different 8-QAM Constellation Coordinates

View Table | View all tables in this article

Different encryption schemes have a similar BER due to the high randomness of chaotic systems. And the use of BER to evaluate the security of encryption schemes has some limitations. We calculate different security parameters to evaluate the encryption schemes, including permutation entropy (PE), scrambling rate (SR), and scrambling point states (SPS), as shown in Table 3. The PE is the indicator used to measure the complexity of time series and could be used to evaluate the chaotic degree in encrypted data. The value of PE is between 0 and 1, a larger PE represents a higher complexity of encrypted data. The encryption scheme using PNLT has a higher PE. The value of PE tends to stabilize at 0.9947 when $TPA \ge 2$. The SR is defined as the ratio of the number of constellation symbols with positional changes during the encryption process to the total number of constellation symbols. It evaluates the degree of data scrambling caused by encryption algorithms. The SR of the encryption scheme using PNLT has been significantly improved, and it is increased with the increase of TPA. The maximum SR is 98.42% when the Encstep3_4 is used. The SPS is defined as the number of states of encrypted data. A larger SPS represents a more chaotic transmission system. Encstep1 and Encstep2 do not change the number of symbol states during the encryption process, so their SPSs are the same as the unencrypted system. The encryption scheme using PNLT increases the number of symbol states, and the SPS increases with the increase of TPA. The number of symbol states reaches 44642 when $TPA = 4$. This indicates that our proposed encryption scheme provides high security and strong anti-attack capability. It is worth noting that the increase of TPA increases the key storage space. Therefore, TPA needs to be set in the right range to balance security and storage resources.

Table 3. Security Parameters of Encryption Schemes

View Table | View all tables in this article

Furthermore, the ciphertext correlation coefficients generated by DSP equalization using different GSIs are studied. Figure 6 shows the correlation coefficient between ciphertext data using different GSIs in Encstep3_2. The circular columns represent the ciphertext correlation coefficients of the same GSI, while the square columns represent the ciphertext correlation coefficients of different constellations. There is no doubt that the ciphertext correlation coefficient is 1 when the same GSI is used in DSP equalization. The value range of square columns is between $3.43 \times {10^{ - 4}}$ and $5.42 \times {10^{ - 2}}$. So, the ciphertext data generated by different GSIs exhibit a weak correlation. The attacker generates different ciphertext data based on the selected constellation. However, the ciphertext data is not consistent when different constellations are used. The uncertainty of ciphertext data makes it difficult for attackers to decipher data using cryptanalytic attacks.

Fig. 6. The ciphertext correlation coefficients using different GSIs in Encstep3_2. cir17: circular (1,7); cir44: circular (4,4); rec: rectangular; tri: triangular; 8ampm: 8-AMPM; Eric8: Eric-8-QAM. The circular columns represent the ciphertext correlation coefficients of the same GSI, while the square columns represent the ciphertext correlation coefficients of different constellations.

Download Full Size | PDF

The GS and PNLT can increase the amplitude and phase points required for constellation mapping. Therefore, the impact of DAC resolution on encryption schemes is investigated. The BER threshold for coherent communication systems is generally 10⁻² to 10⁻³. The required optical signal-to-noise ratio (OSNR) to achieve a BER threshold of 10⁻³ at different DAC resolutions is shown in Fig. 7. Circular (1,7), circular (4,4), and rectangular constellations all have significant performance degradation at a DAC resolution of 3 bits. They have flat required OSNR (ROSNR) curves at DAC resolutions of 4 to 8 bits. It is shown that the circular (1,7) does not require high DAC resolution. Moreover, the ROSNR curves of the proposed encryption scheme have a similar trend for different TPAs. Their BER performance is basically not affected when the DAC variation range is 5 to 8 bits. The encryption scheme with a high TPA can greatly increase the constellation phase points, but its requirement for DAC resolution is not increased. The possible reason for this is that PNLT encryption corresponds to the introduction of a higher degree of noise, which is certain to require a corresponding encryption key to be eliminated. However, the insufficient DAC resolution in PNLT corresponds to the introduction of a small amount of noise, which can be eliminated in the DSP equalization stage. Therefore, our encryption scheme provides good compatibility with the performance of existing DAC chips.

Fig. 7. ROSNR of encryption scheme reaching 10⁻³ BER threshold at different DAC resolutions. ROSNR: required optical signal-to-noise ratio.

Download Full Size | PDF

Finally, the BER performance of the encryption scheme is tested, as shown in Fig. 8. The DAC resolution is 8 bits. The OSNR required for the circular (4,4), and rectangular to reach the BER threshold of 10⁻³ are 20.5 dB and 20.6 dB, respectively. In contrast, the OSNR for circular (1,7) to reach the same BER threshold is 19.2 dB. Thus, the maximum gain of the GS scheme is 1.4 dB. The encryption schemes with different TPAs have similar BER performance, and their OSNRs to reach the BER threshold of 10⁻³ are all 19.5 dB. Different TPAs cause different number of phase states and some phase noise may remain after decryption, but this phase noise is within the tolerance limit of BPS. Therefore, the data can be recovered correctly if the correct key is used. The proposed scheme has 0.3 dB performance degradation compared with the unencrypted GS scheme. However, it has a performance gain of 1.1 dB compared with the scheme without GS. Therefore, the proposed scheme can effectively improve DCI transmission performance.

Fig. 8. BER performance of the proposed encryption scheme and the unencrypted scheme.

Download Full Size | PDF

4. Conclusions

A chaotic physical layer encryption based on GS has been first proposed for coherent DCIs. GS was introduced to change the constellation geometry information and improve transmission performance. Then, a three-level chaotic encryption scheme was proposed, including chaotic symbol mapping, polarization symbol disruption, and PNLT. The constellation geometry information can be masked by PNLT, and the specific matching of GS and DSP equalization algorithm parameters was utilized to increase the security performance. Finally, 216 Gb/s DP-8-QAM signals were successfully verified for transmission on a 240 km SSMF. We can summarize the following conclusions from the validation results:

1) The combination of GS and coherent DSP equalization algorithm can improve the security performance. In addition, the GS introduces the uncertainty of ciphertext to the security system, which greatly improves the attack-resistance capacity.
2) The PNLT can effectively improve the scrambling level of encrypted data and increase the values of PE, SR, and SPS security indicators.
3) The proposed encryption scheme does not increase additional DAC resolution requirements and has good compatibility with existing optical communication systems.
4) The proposed encryption scheme not only improves the security performance but also improves the BER performance of 1.1 dB, which provides a reference value for DCI confidentiality programs.

Funding

National Natural Science Foundation of China (62071088); National Key Research and Development Program of China (2018YFB1801302).

Disclosures

The authors declare no conflicts of interest.

Data availability

Data underlying the results presented in this paper are not publicly available at this time but may be obtained from the authors upon reasonable request.

References

1. C. Xie and B. Zhang, “Scaling optical interconnects for hyperscale data center networks,” Proc. IEEE 110(11), 1699–1713 (2022). [CrossRef]

2. X. Dong, “LINA: A fair link-grained inter-datacenter traffic scheduling method with deadline guarantee,” IEEE Trans. Cogn. Commun. Netw. 9(2), 507–520 (2023). [CrossRef]

3. S. J. Ben Yoo, “Prospects and challenges of photonic switching in data centers and computing systems,” J. Lightwave Technol. 40(8), 2214–2243 (2022). [CrossRef]

4. C. Xu, K. Wang, P. Li, et al., “Renewable energy-aware big data analytics in geo-distributed data centers with reinforcement learning,” IEEE Trans. Netw. Sci. Eng. 7(1), 205–215 (2020). [CrossRef]

5. Q. Zhu, X. Yu, Y. Zhao, et al., “Resource allocation in quantum-key-distribution-secured datacenter networks with cloud-edge collaboration,” IEEE Internet Things J. 10(12), 10916–10932 (2023). [CrossRef]

6. N. Skorin-Kapov, M. Furdek, S. Zsigmond, et al., “Physical-layer security in evolving optical networks,” IEEE Commun. Mag. 54(8), 110–117 (2016). [CrossRef]

7. M. P. Fok, Z. Wang, Y. Deng, et al., “Optical layer security in fiber-optic networks,” IEEE Trans. Inf. Forensic Secur. 6(3), 725–736 (2011). [CrossRef]

8. Z. Guo, B. Liu, J. Ren, et al., “High security optical OFDM transmission scheme with four-dimensional region joint encryption based on power division multiplexing,” Opt. Express 31(9), 14673–14684 (2023). [CrossRef]

9. X. Liang, C. Zhang, Y. Luo, et al., “Secure key distribution and synchronization method in an OFDM-PON based on chaos,” Opt. Express 30(11), 18310–18319 (2022). [CrossRef]

10. Y. Zhou, M. Bi, X. Zhuo, et al., “Physical layer dynamic key encryption in OFDM-PON system based on cellular neural network,” IEEE Photonics J. 13(2), 1–14 (2021). [CrossRef]

11. X. Gao, L. Xiong, Y. Sha, et al., “A fast and efficient multiple images encryption based on single-channel encryption and chaotic system,” Nonlinear Dyn. 108(1), 613–636 (2022). [CrossRef]

12. H. Zhong, H. Wang, Y. Deng, et al., “Quantum computational advantage using photons,” Science 370(6523), 1460–1463 (2020). [CrossRef]

13. F. Xu, M. Curty, B. Qi, et al., “Measurement-device-independent quantum cryptography,” IEEE J. Sel. Top. Quantum Electron. 21(3), 148–158 (2015). [CrossRef]

14. K. Fouli and M. Maier, “OCDMA and optical coding: principles, applications, and challenges [Topics in optical communications],” IEEE Commun. Mag. 45(8), 27–34 (2007). [CrossRef]

15. F. Futami, K. Tanizawa, and K. Kato, “Y-00 quantum-noise randomized stream cipher using intensity modulation signals for physical layer security of optical communications,” J. Lightwave Technol. 38(10), 2774–2781 (2020). [CrossRef]

16. B. Wu, Z. Wang, Y. Tian, et al., “Optical steganography based on amplified spontaneous emission noise,” Opt. Express 21(2), 2065–2071 (2013). [CrossRef]

17. Y. Fu, M. Cheng, X. Jiang, et al., “Wavelength division multiplexing secure communication scheme based on an optically coupled phase chaos system and PM-to-IM conversion mechanism,” Nonlinear Dyn. 94(3), 1949–1959 (2018). [CrossRef]

18. A. Zhao, N. Jiang, S. Liu, et al., “Physical layer encryption for WDM optical communication systems using private chaotic phase scrambling,” J. Lightwave Technol. 39(8), 2288–2295 (2021). [CrossRef]

19. C. Zhang, W. Zhang, C. Chen, et al., “Physical-enhanced secure strategy for OFDMA-PON using chaos and deoxyribonucleic acid encoding,” J. Lightwave Technol. 36(9), 1706–1712 (2018). [CrossRef]

20. J. Shen, B. Liu, Y. Mao, et al., “Enhancing the reliability and security of OFDM-PON using modified Lorenz chaos based on the linear properties of FFT,” J. Lightwave Technol. 39(13), 4294–4299 (2021). [CrossRef]

21. L. Wang, X. Mao, A. Wang, et al., “Scheme of coherent optical chaos communication,” Opt. Lett. 45(17), 4762–4765 (2020). [CrossRef]

22. X. Liang, C. Zhang, Y. Luo, et al., “Secure encryption and key management for OFDM-PON based on chaotic hilbert motion,” J. Lightwave Technol. 41(6), 1619–1625 (2023). [CrossRef]

23. S. Li, M. Cheng, L. Deng, et al., “Secure key distribution strategy in OFDM-PON by utilizing the redundancy of training symbol and digital chaos technique,” IEEE Photon. J. 10(2), 1–8 (2018). [CrossRef]

24. B. Zhu, F. Wang, and J. Yu, “A chaotic encryption scheme in DMT for IM/DD intra-datacenter interconnects,” IEEE Photonics Technol. Lett. 33(8), 383–386 (2021). [CrossRef]

25. Y. Luo, C. Zhang, X. Wang, et al., “Robust key update with controllable accuracy using support vector machine for secure OFDMA-PON,” J. Lightwave Technol. 41(14), 4663–4671 (2023). [CrossRef]

26. Y. Wan, B. Liu, J. Ren, et al., “PAPR-degraded secure OFDM-WDM-PON based on chaotic set-partitioned SLM,” IEEE Photonics Technol. Lett. 33(24), 1387–1390 (2021). [CrossRef]

27. W. Zhang, C. F. Zhang, C. Chen, et al., “Experimental demonstration of security-enhanced OFDMA-PON using chaotic constellation transformation and pilot-aided secure key agreement,” J. Lightwave Technol. 35(9), 1524–1530 (2017). [CrossRef]

28. M. Cheng, L. Deng, X. Gao, et al., “Security-enhanced OFDM-PON using hybrid chaotic system,” IEEE Photonics Technol. Lett. 27(3), 326–329 (2015). [CrossRef]

29. M. Cui, Y. Chen, C. Zhang, et al., “Chaotic RNA and DNA for security OFDM-WDM-PON and dynamic key agreement,” Opt. Express 29(16), 25552–25569 (2021). [CrossRef]

30. D. Tauber, B. Smith, D. Lewis, et al., “Role of coherent systems in the next DCI generation,” J. Lightwave Technol. 41(4), 1139–1151 (2023). [CrossRef]

31. T. Gui, X. Wang, M. Tang, et al., “Real-time demonstration of homodyne coherent bidirectional transmission for next-generation data center interconnects,” J. Lightwave Technol. 39(4), 1231–1238 (2021). [CrossRef]

32. A. Sultan, X. L. Yang, A. A. E. Hajomer, et al., “Chaotic distribution of QAM symbols for secure OFDM signal transmission,” Opt. Fiber Technol. 47, 61–65 (2019). [CrossRef]

33. J. Cho and P. J. Winzer, “Probabilistic constellation shaping for optical fiber communications,” J. Lightwave Technol. 37(6), 1590–1607 (2019). [CrossRef]

34. B. Chen, Y. Lei, Liga, et al., “Geometrically-shaped multi-dimensional modulation formats in coherent optical transmission systems,” J. Lightwave Technol. 41(3), 897–910 (2023). [CrossRef]

35. J. Ren, B. Liu, D. Zhao, et al., “Chaotic constant composition distribution matching for physical layer security in a PS-OFDM-PON,” Opt. Express 28(26), 39266–39276 (2020). [CrossRef]

36. W. Xia, B. Liu, J. Ren, et al., “High-security 3D CAP modulation scheme based on a pyramid constellation design for 7-core fiber,” Opt. Express 31(4), 6659–6674 (2023). [CrossRef]

37. Y. Luo, C. Zhang, X. Liang, et al., “Secure OFDM-PON using three-dimensional selective probabilistic shaping and chaos,” Opt. Express 30(14), 25339–25355 (2022). [CrossRef]

38. C. Thomas, M. Weidner, and S. Durrani, “Digital amplitude-phase keying with M-Ary alphabets,” IEEE Trans. Commun. 22(2), 168–180 (1974). [CrossRef]

39. J. Zhao, C. Qin, M. Zhang, et al., “Investigation on performance of special-shaped 8-quadrature amplitude modulation constellations applied in visible light communication,” Photonics Res. 4(6), 249 (2016). [CrossRef]

40. M. Nölle, F. Frey, R. Elschner, et al., “Performance comparison of different 8QAM constellations for the use in flexible optical networks,” 2014 Proc. Opt. Fiber Commun. Conf. (2014). [CrossRef]

41. D. Lavery, M. Paskov, R. Maher, et al., “Modified radius directed equaliser for high order QAM,” 2015 Proc. Eur. Conf. Opt. Commun., (2015). [CrossRef]

42. M. Selmi, Y. Jaouen, and P. Cibalt, “Accurate digital frequency offset estimator for coherent PolMux QAM transmission systems,” 2009 Proc. Eur. Conf. Opt. Commun., (2009).

43. T. Pfau, S. Hoffmann, and R. Noe, “Hardware-efficient coherent digital receiver concept with feedforward carrier recovery for M-QAM constellations,” J. Lightwave Technol. 27(8), 989–999 (2009). [CrossRef]

44. G. Chen and T. Ueta, “Yet another chaotic attractor,” Int. J. Bifurcation Chaos 09(07), 1465–1466 (1999). [CrossRef]

45. I. Fatadin, S. J. Savory, and D. Ives, “Compensation of quadrature imbalance in an optical QPSK coherent receiver,” IEEE Photonics Technol. Lett. 20(20), 1733–1735 (2008). [CrossRef]

46. R. Kudo, T. Kobayashi, K. Ishihara, et al., “Coherent optical single carrier transmission using overlap frequency domain equalization for long-haul optical systems,” J. Lightwave Technol. 27(16), 3721–3728 (2009). [CrossRef]

47. G. Ungerboeck, “Channel coding with multilevel/phase signals,” IEEE Trans. Inf. Theory 28(1), 55–67 (1982). [CrossRef]

48. E. Sillekens, G. Liga, D. Lavery, et al., “High-cardinality geometrical constellation shaping for the nonlinear fibre channel,” J. Lightwave Technol. 40(19), 1–14 (2022). [CrossRef]

Constellation	MED	PAPR
circular (1,7)	0.9277	1.1429
circular (4,4)	0.9193	1.5774
rectangular	0.8165	1.3333

Constellation	Point1	Point2	Point3	Point4	Point5	Point6	Point7	Point8
circular (1,7)	(1.15,0)	(0.72,0.9)	(−1.04,0.5)	(−0.26,1.12)	(−0.26,−1.12)	(0.72,−0.9)	(−1.04,−0.5)	(0,0)
circular (4,4)	(−1.37,0)	(−0.5,0.5)	(−0.5,−0.5)	(0,1.37)	(0,−1.37)	(0.5,0.5)	(0.5,−0.5)	(1.37,0)
rectangular	(−1,−1)	(−1,0)	(0,−1)	(−1,1)	(1,0)	(1,1)	(1,−1)	(0,1)
triangular	(−0.5,0)	(−1,0.87)	(−1,−0.87)	(0,−0.87)	(0,0.87)	(0.5,0)	(1,0.87)	(1,−0.87)
8-AMPM	(1,−3)	(−3,−3)	(3,−1)	(3,3)	(−1,−1)	(−3,1)	(1,1)	(−1,3)
Eric-8-QAM	(1.2,0.57)	(0.35,0.57)	(−1.2,0.57)	(−0.35,0.57)	(1.2,−0.57)	(0.35,−0.57)	(−1.2,−0.57)	(−0.35,−0.57)

Encryption scheme	PE	SR	SPS
Encstep1	0.9511	87.56%	8
Encstep2	0.9515	87.67%	8
Encstep3_1	0.9942	97.86%	78
Encstep3_2	0.9947	98.35%	708
Encstep3_3	0.9947	98.41%	7423
Encstep3_4	0.9947	98.42%	44642

Constellation	MED	PAPR
circular (1,7)	0.9277	1.1429
circular (4,4)	0.9193	1.5774
rectangular	0.8165	1.3333

Constellation	Point1	Point2	Point3	Point4	Point5	Point6	Point7	Point8
circular (1,7)	(1.15,0)	(0.72,0.9)	(−1.04,0.5)	(−0.26,1.12)	(−0.26,−1.12)	(0.72,−0.9)	(−1.04,−0.5)	(0,0)
circular (4,4)	(−1.37,0)	(−0.5,0.5)	(−0.5,−0.5)	(0,1.37)	(0,−1.37)	(0.5,0.5)	(0.5,−0.5)	(1.37,0)
rectangular	(−1,−1)	(−1,0)	(0,−1)	(−1,1)	(1,0)	(1,1)	(1,−1)	(0,1)
triangular	(−0.5,0)	(−1,0.87)	(−1,−0.87)	(0,−0.87)	(0,0.87)	(0.5,0)	(1,0.87)	(1,−0.87)
8-AMPM	(1,−3)	(−3,−3)	(3,−1)	(3,3)	(−1,−1)	(−3,1)	(1,1)	(−1,3)
Eric-8-QAM	(1.2,0.57)	(0.35,0.57)	(−1.2,0.57)	(−0.35,0.57)	(1.2,−0.57)	(0.35,−0.57)	(−1.2,−0.57)	(−0.35,−0.57)

Chaotic phase noise-like encryption based on geometric shaping for coherent data center interconnections

Abstract

1. Introduction

2. Principle

2.1 Geometric shaping and equalization

2.2 Chaotic symbol encryption

2.3 Phase noise-like transformation

3. Results and discussions

4. Conclusions

Funding

Disclosures

Data availability

References

Data availability

Cited By

Figures (8)

Tables (3)

Equations (9)

Optics Express