Information Leakage Rate of Optical Code Division Multiple Access Network Using Wiretap Code

Abstract

Secrecy capacity is usually employed as the performance metric of the physical layer security in fiber-optic wiretap channels. However, secrecy capacity can only qualitatively evaluate the physical layer security, and it cannot quantitatively evaluate the physical layer security of an imperfect security system. Furthermore, secrecy capacity cannot quantitatively evaluate the amount of information leakage to the eavesdropper. Based on the channel model of an optical CDMA network using wiretap code, the information leakage rate is analyzed to evaluate the physical layer security. The numerical results show that the information leakage rate can quantitatively evaluate the physical layer security of an optical CDMA wiretap channel, and it is related to transmission distance, eavesdropping position, confidential information rate and optical code.

1. Introduction

Fiber-optic communication systems are vulnerable to various types of physical layer attacks [1]. For example, an eavesdropper (Eve) can extract a portion of the transmitted signal by bending the fiber. In this way, Eve can recover the original signal and cannot be detected easily by legitimate users [2]. Quantum key distribution (QKD) can theoretically provide absolute security, but it cannot support high-speed data streams, such as a key rate of only 0.014 bps under a 833 km optical fiber transmission distance [3].

The physical layer security of fiber-optic networks is increasingly important because it guarantees the confidentiality of information without compromising the computing power of Eve, and it eliminates the key distribution and management required by traditional encryption techniques [4,5,6,7]. In 1975, Wyner proposed the wiretap channel model and secrecy capacity [8]. Secrecy capacity was defined as the maximum achievable system transmission rate at which Eve could not gain any useful information about a message. Later, it was extended to broadcast channels with confidential messages and Gaussian wiretap channels [9,10]. Kyle Guan et al. analyzed the security of space-division multiplexed fiber-optic communication systems and used distortion as a quantitative metric for secrecy. They investigated how the rate of reliable communication between the legitimate transmitter–receiver pair could be chosen to maximize reconstruction errors of Eve [11]. Then, they further analyzed the information theoretic security of multiple-input–multiple-output space-division multiplexed fiber-optic communication systems in the presence of multiple Eves [12]. Physical layer security is an important performance parameter of optical code division multiple access (OCDMA), which can improve the security of optical fiber transmission systems [13]. Yeteng Tan et al. proposed a novel secure communication scheme based on OCDMA technology, and secrecy capacity was employed to evaluate the physical layer security level [14]. The secrecy capacity of a quantum secure direct communication system was studied [15]. Andrew Lonnstrom et al. proposed a method for optimizing the information theoretic secure goodput of a multiple-input–multiple-output degraded wiretap channel using inverse precoding [16]. In order to quantify the security of specific coding schemes, the rate distortion of multimode optical fiber communication systems was studied [17].

A wiretap code can be designed by choosing two code rates, namely, the codeword rate R_b and the rate of transmitted confidential information R_s [18]. The redundancy rate R_e = R_b − R_s is used to confuse Eve. In order to ensure the reliability and security, we must ensure R_b ≤ C_B and R_e ≥ C_E, where C_B and C_E are the main channel capacity and the wiretap channel capacity, respectively. When the main channel is better than the wiretap channel, secrecy capacity is defined as C_S = C_B − C_E, which is the difference between the main channel capacity and the wiretap channel capacity. Secure communication can be achieved as long as R_s ≤ C_S.

However, for a long-distance fiber-optic communication system, when Eve is close to the transmitter, Eve can obtain a higher signal-to-noise ratio (SNR) than the legitimate users. Although we can reduce the channel capacity of Eve by sending artificial noise [19], the system still cannot guarantee the physical layer security. On the other hand, because Eve’s location is unknown, there are several different cases of security in the whole communication link. (1) C_S ≥ R_s: in this case, the communication system can achieve perfect security. (2) 0 < C_S < R_s: in this case, some confidential information is leaked to Eve. (3) C_S = 0: in this case, Eve can obtain all the confidential information. Therefore, secrecy capacity can only qualitatively evaluate the physical layer security under perfect security conditions; it cannot quantitatively evaluate the physical layer security under imperfect security conditions. Moreover, secrecy capacity cannot quantitatively evaluate the information leakage.

In this paper, we investigate the information leakage rate of an OCDMA network using wiretap code. The rest of this paper is organized as follows: In Section 2, we propose the channel model of the OCDMA network using wiretap code and theoretically analyze the information leakage rate of the fixed-rate wiretap code. The numerical results and discussions will be given in Section 3. The conclusion will be given in Section 4.

2. System Model and Theoretical Analysis

Figure 1 depicts the channel model based on OCDMA using wiretap code. At the transmitter, Alice outputs confidential information M, which is encoded by a wiretap channel encoder and an OCDMA encoder. Then, an n-vector Xⁿ is transmitted through the fiber channel. The length of the fiber link is L, and the legitimate user Bob receives Yⁿ. After using a matched OCDMA decoder and optically amplified receiver (OAR), Bob can recover confidential information via the wiretap channel decoder. On the other hand, Eve intends to obtain useful information at extraction location l with an extraction ratio x. According to Kerckhoffs’s principle [20], Eve knows the data rate, coding type and code length, but does not know the specific optical code used by the legitimate user. Hence, Eve receives Zⁿ and can only use an unmatched OCDMA decoder. The wiretap system adopts random coding. The confidential information rate is $R_s=H(M)/n$, where H(M) is the entropy of M. The codeword rate is $R_b=H(X^n)/n$, where H(Xⁿ) is the entropy of Xⁿ. The wiretap code is constructed by generating $2^{n{R}_b}$ codewords. For each message $u=\left\{1,2,3,\cdots ,2^{n{R}_s}\right\}$, we randomly select one codeword from $v=\left\{1,2,3,\cdots ,2^{n(R_b-R_s)}\right\}$. The OCDMA encoder uses optical orthogonal code (F, W, 1, 1), where F is the code length, W is the code weight and the autocorrelation and cross-correlation limits are 1.

At the receiver, OAR includes an erbium-doped fiber amplifier (EDFA), an optical filter, a photodiode, a low-pass electrical filter (LPF) and a decision circuit, as shown in Figure 2. In this system, the noise mainly includes shot noise, signal–spontaneous beat noise, spontaneous–spontaneous beat noise, thermal noise and dark current noise.

At the transmitter, P is the optical power of chip “1” after the OCDMA encoder. The optical fiber attenuation coefficient is ɑ, and the chip power P_l at the position l is [21]

$$P_l=\frac{P}{{10}^{\alpha l/10}}$$

(1)

Because Eve adopts an unmatched decoder, the cross-correlation value of optical orthogonal code is 1. Therefore, the optical power of Eve’s receiver is

$$P_{Eve}=x{P}_l$$

(2)

The legitimate user adopts a matched decoder, and the autocorrelation peak value of optical orthogonal code is W. Hence, the optical power of Bob’s receiver is

$$P_S=(1-x)\frac{WP}{{10}^{\alpha L/10}}$$

(3)

When the user data are “1”, the mean current value and the total noise are expressed as [22]

$$I_{m1}=R_c(G{P}_S+P_{ASE})$$

(4)

$$\begin{array}{ll}{\sigma }_{\mathrm{m}1}^2& ={\sigma }_{\mathrm{s}\mathrm{h}1}^2+{\sigma }_{\mathrm{s}\text{-}\mathrm{s}\mathrm{p}1}^2+{\sigma }_{\mathrm{sp}\text{-}\mathrm{sp}}^2+{\sigma }_{\mathrm{th}}^2+{\sigma }_{\mathrm{d}}^2\\ & =2e{B}_e{R}_c(G{P}_S+P_{ASE})+2\frac{B_e}{B_o}G{R}_c^2{P}_S{P}_{ASE}+\frac{B_e}{B_o^2}{(R_{\mathrm{c}}{P}_{ASE})}^2(2B_o-B_e)\\ & +(4k_{B}T/R)B_e+2e{I}_d{B}_e\end{array}$$

(5)

where R_c is the receiver responsivity, B_o is the optical bandwidth, G is the amplifier gain, e is electron charge and N_sp is the spontaneous radiation factor. Amplified spontaneous radiation noise power is $P_{ASE}=2hv{N}_{sp}(G-1)B_o$ and R is the receiver load resistance. Photodetector bandwidth $B_e=(3/4)F{R}_b$, T is the temperature, k_B is Boltzmann constant and I_d is dark current.

When the user data are “0”, the mean current value and the total noise are expressed as [22]

$$I_{m0}=R_c{P}_{ASE}$$

(6)

$$\begin{array}{ll}{\sigma }_{\mathrm{m}0}^2& ={\sigma }_{\mathrm{s}\mathrm{h}0}^2+{\sigma }_{\mathrm{sp}\text{-}\mathrm{sp}}^2+{\sigma }_{\mathrm{th}}^2+{\sigma }_{\mathrm{d}}^2\\ & =2e{B}_e{R}_{\mathrm{c}}{P}_{ASE}+2\frac{B_e}{B_o}G{R}_c^2{P}_S{P}_{ASE}+\frac{B_e}{B_o^2}{(R_c{P}_{ASE})}^2(2B_o-B_e)\\ & +(4k_{B}T/R)B_e+2e{I}_d{B}_e\end{array}$$

(7)

The bit error rate (BER) of legitimate users can be calculated by

$$P_e=\frac{1}{2}erfc(\frac{Q}{\sqrt{2}})\approx \frac{\exp (-Q^2/2)}{Q\sqrt{2\pi }}$$

(8)

where $Q=(I_{m1}-I_{m0})/({\sigma }_{m1}+{\sigma }_{m0})$, erfc() is the complementary error function. Similarly, Eve’s BER can be calculated.

It is assumed that the probability of user data being “0” and “1” is equal, and the channel is simplified to a binary symmetric channel model with an error transmission probability P_e, as shown in Figure 3.

The main channel capacity is

$$C_B=\max \left\{I(X^n;Y^n)\right\}=1-h(P_e)$$

(9)

where $h(P_e)=-P_e\log (P_e)-(1-P_e)\log (1-P_e)$. After calculating the BER of Eve, the channel capacity of Eve can also be obtained.

Partial secrecy is usually quantified by the equivocation. In this paper, we use fractional equivocation, which is defined as [10]

$$\mathsf{\Delta }=\frac{H(M|Z^n)}{H(M)}$$

(10)

H(M|Zⁿ) is denoted as the entropy of residual uncertainty at Eve. Therefore, in a partial secrecy scenario, the maximum achievable fractional equivocation can be obtained from the following equation [23]:

$$\mathsf{\Delta }=\left\{\begin{array}{cc}1,& if{C}_{\mathrm{E}}\le C_B-R_s\\ \frac{C_B-C_E}{R_s},& if{C}_B-R_s<C_{\mathrm{E}}<C_B\\ 0,& if{C}_B\le C_E\end{array}\right.$$

(11)

Given the transmission rate of confidential information R_s, the information leakage rate can be obtained [23]:

$$R_L=\frac{I(M;Z^n)}{n}=(1-\mathsf{\Delta })R_s$$

(12)

Hence, the lower bound of the information leakage rate is obtained:

$$R_{\mathrm{L}}=\left\{\begin{array}{cc}0,& if{C}_E\le C_B-R_s\\ h(P_m)-h(P_w)+R_s,& if{C}_B-R_s<C_E<C_B\\ R_s,& if{C}_B\le C_E\end{array}\right.$$

(13)

Here, P_m and P_w are the BER of Bob and Eve, respectively. The lower bound of the information leakage rate of Equation (13) represents the minimum secret information which is obtained by Eve.

3. Numerical Result and Discussion

In this section, we use MATLAB software for numerical analysis. The system parameters are as follows: The extraction ratio is 1%, the bit rate is 10 Gbit/s, the optical wavelength is 1550 nm, the EDFA gain G= 20 dB, the EDFA noise index F_n = 5 dB, B_o = 62.43 GHz, B_e = 52.5 GHz, R_c = 0.8 A/W, α = 0.2 dB/km, I_d = 2 nA, T = 300 K and R = 50 Ω. Legitimate users use optical orthogonal code (7,2,1,1). In order to meet the reliability requirement, the transmitted power must be designed to ensure Bob’s BER ≤ 10⁻⁹. In this case, the channel capacity of legitimate users is close to 1 bit/symbol.

Figure 4 shows the relationship between the secrecy capacity, information leakage rate and the eavesdropping distance of Eve. The transmission distance of Alice and Bob is 100 km, R_b = C_B and R_s = 0.9R_b. With the increase in the eavesdropping distance, the SNR of Eve will deteriorate. Hence, the secrecy capacity gradually increases. As can be seen from Figure 4, when the eavesdropping distance is 62 km, C_S = R_s. In a [0, 62] km link, C_S ≤ R_s, Eve can obtain some confidential information. In a [62, 100] km link, R_s ≤ C_S, Eve will not obtain any information. Therefore, the secrecy capacity can only qualitatively describe which link segment is secure and which link segment is insecure, and cannot quantitatively evaluate the security of the whole link.

In a fiber-optic communication system, it is generally impossible to guarantee that the whole link has perfect security. Therefore, it is necessary to use the information leakage rate to quantitatively evaluate physical layer security in imperfect secure links. As can be seen from Figure 4, with the increase in the eavesdropping distance, the information leakage rate remains unchanged at first, then gradually decreases, and finally reduces to zero. In the [0, 0.2] km link, the information leakage rate is equal to R_s, which corresponds to secrecy capacity of 0. This distance is defined as the complete interception distance. At this time, Eve can obtain all the confidential information. In the [0.2, 62] km link, the information leakage rate is less than R_s, which means that some confidential information is leaked to Eve. Hence, this distance is defined as the partial interception distance. In the [62, 100] km link, the information leakage rate is equal to 0, which means that the secrecy capacity is no less than R_s. At this point, the link is perfectly secure, and no confidential information is leaked to Eve. This distance is defined as the safe transmission distance.

By calculating the information leakage rate of different eavesdropping distances, the physical layer security of the whole link can be quantitatively evaluated. For example, R_L will be 0.784 bit/symbol, 0.57 bit/symbol and 0.324 bit/symbol for eavesdropping distances of 20 km, 30 km and 40 km, respectively.

Figure 5 is the information leakage rate under different optical orthogonal codes. It is shown that the information leakage rate of OOC (7,3,1,1) is lower than that of OOC (7,2,1,1). The reason for this is that, whether using OOC (7,3,1,1) or OOC (7,2,1,1), Eve can only obtain one chip pulse by using an unmatched decoder. The legitimate user can obtain three chip pulses by using OOC (7,3,1,1), while it can obtain two chip pulses by using OOC (7,2,1,1). Therefore, by using OOC (7,3,1,1), Alice can achieve reliable transmission at lower chip power. This reduces Eve’s receiving power, resulting in a decrease in the eavesdropping channel capacity.

Figure 6 shows the relationship between the information leakage rate and eavesdropping distance under different R_s. With the decrease in R_s, the information leakage rate decreases. This is because Eve will receive more redundant information, resulting in less confidential information. This indicates that redundant information can effectively improve the physical layer security. On the other hand, with the decrease in R_s, the distance range with no information leakage increases, that is, the safe transmission distance increases.

We consider an extreme case where R_s = R_b, that is, the system does not use wiretap code. As shown in Figure 6, even at 100 km, Eve can obtain confidential information. The reason for this is that the transmitted information has no redundancy information. From the perspective of secrecy capacity, this shows that the whole optical fiber link is insecure. However, from the perspective of the information leakage rate, the security of the whole link can be evaluated quantitatively.

Figure 7 shows the relationship between different R_s and information leakage rates at a certain eavesdropping distance d_e. As can be seen from Figure 7, with the increase in the eavesdropping distance, the information leakage rate will decrease. This indicates that the information leakage rate and transmission efficiency are restricted mutually. Under a certain eavesdropping distance, when R_s is less than a threshold, the information leakage rate will be equal to 0, that is, perfect secrecy will be achieved. As the eavesdropping distance increases, the threshold for perfect secrecy will increase, that is, a higher rate of confidential information can be transmitted. For example, to achieve perfect secrecy, R_s should be no larger than 0.1 bit/symbol for d_e = 20 km, while R_s should be no larger than 0.3 bit/symbol for d_e = 30 km.

4. Conclusions

Based on the OCDMA network using wiretap code, the information leakage rate is used as the performance metric to evaluate the physical layer security. The relationship between eavesdropping distance, confidential information rate and information leakage rate is quantitatively analyzed from the perspective of a partial security system. The results show that the information leakage rate decreases with the increase in the eavesdropping position. With the increase in the confidential information rate, the information leakage rate will decrease. It is also shown that the information leakage rate and transmission efficiency are restricted mutually.

Unlike secrecy capacity, the information leakage rate can quantitatively evaluate the security of the entire fiber link, which allows designers to have a clearer understanding of the physical layer security of communication systems. Considering practical systems, it is necessary to study the information leakage rate using finite length encoding. In future work, we will investigate the physical layer security of specific error correction code.