Physical-Layer Secure Key Generation And Distribution Based On Feature Fluctuation Of Optical Signal

Fiber networks have been widely used in very sensitive areas,such as financial,medical and military applications.Therefore,security is a critical issue for fiber networks.At present,security in fiber networks is applied at the upper-layer of the protocol stack using conventional cryptographic schemes such as: RSA and Diffie-Hellman.The main disadvantage of these algorithms is their computational security,which can be breached by quantum algorithms.In contrast,quantum key distribution(QKD)provides,in principle,unconditional security,but the scalability and rate-distance product as well as the high cost due to the high sensitivity photon detection are remaining quite challenging.One promising classical and cost-effective approach for key distribution is the physicallayer secure key generation and distribution(SKGD)utilizing unique and random properties of optical fiber channels.It employs an asymmetry in the measurement complexity between the legal and illegal users as a security mechanism,and thus provides high-level security regardless of the attacker’s computational power.Moreover,it has the advantage of enabling the coexistence of data transmission and SKGD in the same fiber channel and fully compatible with the existing fiber networks infrastructure,avoiding the requirement of additional fiber and current deployed third-party key management infrastructure.However,there are still major issues to be resolved to make physical-layer SKGD a ready solution for data encryption in fiber networks.These challenges are:(i)Incomplete key extraction techniques,which requires further exploration;(ii)static nature of fiber channels,which limits the key generation rate(KGR)to many orders of magnitude below communication bit rate;(iii)post-processing protocol for generating error-free and random secret keys,which could fill the gap between the initial key extraction and the available secret key for data encryption in fiber networks.This thesis proposes novel designs of practical-oriented physical-layer SKGD from the perspectives of both theoretical and experimental analysis.In this context,the main contributions of the thesis can be summarized as follows:1.SKGD based on phase fluctuation of polarization modesFor SKGD schemes using random optical phase variation as an entropy pool for key generation,we propose a physical-layer SKGD based on phase fluctuation between two orthogonal polarization modes.To extract the phase fluctuation in the optical channel,a delay interferometer(DI)is constructed with the use of two reconfigurable lengths of polarization-maintaining fiber(PMF)and placed between Alice and Bob.The secret key bits are generated from corresponding highly-correlated intensity waveforms at the outputs of DI.Experimentally,a KGR of 220 bit/s with key disagreement rate(KDR)of 5% is successfully demonstrated over 25-km standard single-mode fiber(SSMF),while the generated key passed the random test suite.Moreover,high-level security is provided by the practical difficulties in extracting the accumulative phase variation in the whole DI,which is analyzed and verified for potential fiber tapping attacks.The proposed scheme has advantages of the coexistence with the data transmission,as well as the long-distance transmission as optical amplifiers can be applied.2.SKGD based on dynamic Stokes parametersAs an alternative straightforward and classical SKGD scheme,we propose physicallayer SKGD utilizing dynamic Stokes parameters(SPs)of the polarization state in fiber channels.Due to the random and time-varying fiber birefringence,the polarization state of propagating light in fiber channels is randomly varied,providing a random source for key bits extraction.It is proven that the optical channel reciprocity ensures correlated polarization state shared between Alice and Bob.The secret key is extracted from Alice’s and Bob’s respective dynamic SPs of their polarization states,where a KGR of 222 bit/s with KDR of 4.5% is successfully demonstrated over 25-km SSMF.For security robustness,the unique fiber birefringence between Alice and Bob provides high-level security against fibertapping attacks,which is experimentally verified.Moreover,the randomness of the generated key is confirmed using random tests suit.Similar to DI based SKGD,the proposed scheme has the benefits of simple implementation and compatibility with long-distance transmission.3.Accelerated SKGD based on polarization scramblingFast KGR is a prerequisite for perfect secrecy using one-time-pad data encryption.However,the quasi-static nature of fiber channels dramatically limits the available KGR less than ~kbit/s.Here we effectively accelerate the KGR by six orders of magnitude using a developed high-speed chaotic polarization scrambler(CPS)driven by digital chaos in fiber channels.A KGR of 375 Mbit/s is experimentally demonstrated over a 24-km SSMF,where the generated key passes the random test suite.Moreover,we fully analyze the security mechanism and find that a strong asymmetry exists between legal and illegal users,ensuring high-level security against potential fiber-tapping attacks.This scheme provides a major step towards the practical implementation of the one-time-pad in secure data transmission over fiber networks.4.Post-processing protocol for SKGDThe existing SKGD schemes merely concentrate on random features extraction,while the post-processing is vital to guarantee error-free and random secret keys.To deal with this issue,we propose a full-post processing protocol,including three stages: quantization,information reconciliation and privacy amplification.The initial secret key is extracted using an optimized lossy quantizer to get rid of the tradeoff between KGR and KDR.An error-free key is obtained after applying information reconciliation based on the distributed source coding.Finally,the key secrecy and randomness are enhanced by adopting privacy amplification.The post-processing protocol offers a ready physical-layer SKGD solution for fiber networks.In summary,this thesis proposes and verifies practical SKGD schemes from unique and random properties of fiber channels,namely,polarization dynamics and phase difference between orthogonally polarized modes.Moreover,a high-speed SKGD scheme is realized by incorporating a polarization scrambler in the fiber channel,paving the way for the practical implementation of the one-time-pad data encryption at the communication bit rate.Finally,we propose and evaluate a full-post processing protocol for a practical and ready SKGD solution in optical fiber networks.