研究目的
To propose and implement a new physical layer encryption method for optical 10-Gb Ethernet links, enhancing security without introducing overhead or throughput losses.
研究成果
The proposed 10G-PHYsec encryption method works correctly without harming data traffic or link establishment, making Ethernet frames indecipherable and obfuscating completely the data traffic patterns. It enhances security at the physical level with no throughput losses, null overhead, and low latency, compatible with other solutions at different layers.
研究不足
The encryption method requires an increment of FPGA resources, mainly for the keystream generator module. The sensitivity to plaintext and ciphertext changes is not achieved, making it vulnerable to differential known-plaintext attacks if the keystream generator is restarted with the same key.
1:Experimental Design and Method Selection:
The methodology involves modifying the Ethernet 10GBase-R standard to introduce encryption at the physical coding sublayer level using a symmetric streaming cipher based on a chaotic algorithm.
2:Sample Selection and Data Sources:
Ethernet traffic is used as the data source, encrypted, transmitted, and decrypted over a multimode optical link.
3:List of Experimental Equipment and Materials:
A field programmable gate array (FPGA) is used for implementation, connected to two SFP+ modules capable of transmitting at a rate of
4:3125 Gbps at 850 nm over multimode fiber. Experimental Procedures and Operational Workflow:
The system includes two 10G Ethernet interfaces with the 10G-PHYsec function and Ethernet Frame Generator modules for testing. The encryption operation is performed at the input of the scrambler and decryption at the output of the descrambler.
5:Data Analysis Methods:
The system's performance is evaluated in terms of encryption/decryption correctness, frame losses, CRC errors, and the indistinguishability of data traffic patterns.
独家科研数据包����,助您复现前沿成果,加速创新突破
获取完整内容
