100G Ethernet

Telcordia Readies 100-Gbit/s Encryption

Telcordia Technologies Inc. is aiming to bring an optical-layer security scheme to market that uses optical phase shifts for its encryption keys and promises the possibility of 100-Gbit/s security.

The technology, called Photonic Layer Security (PLS), is something the optical crowd has known about for a while. An early instantiation got noted at last year's OFC/NFOEC, and details of the scheme were published in August's Institute of Electrical and Electronics Engineers Inc. (IEEE) Communications Magazine.

Telcordia hasn't done much publicity for PLS beyond engineering circles, though. A press release is due out Monday, but the organization has given Light Reading the lowdown on the technology.

Speed isn't its only selling point. The rise of reconfigurable optical add-drop multiplexers (ROADMs) has created a security hole in the network, Telcordia claims, as it's possible to intercept traffic at that add/drop point. It's also possible to insert spoofed traffic there.

PLS gets around this because unless the recipient has the proper key, the optical signal can't be unscrambled. Instead of clean zeroes and ones, the receiver gets a blur.

PLS starts by sending each user's optical signal through an encryption key that changes its phase by different amounts at different points.

That mixes things up, but the number of phase changes involved is small enough to be cracked by trying enough possible permutations. (There's a limit to the number of usable codes that can be applied to that step.) So, PLS calls for multiple signals to get combined, with a second encoding iteration done on the aggregated stream, again using phase shifts.

The result: Anyone eavesdropping on the signal sees an optical garble, as the signals can't be resolved into zeroes and ones, let alone readable packets. Moreover, spoofed signals can't be inserted into the stream, because they'll run through the decoding key at the receiving end, again creating garbage.

DARPA discovery
PLS emerged from a Defense Advanced Research Projects Agency (DARPA) project that had nothing to do with security. It was an attempt to use optical code division multiplexing (OCDM) access to get around congestion, creating codes analogous to telephone numbers that would let traffic reroute past certain points of the network.

"That was interesting, but the spectral efficiency was very poor," says Shahab Etemad, a chief scientist with Telcordia. In other words, the resulting data throughput wasn't all that high.

What else could the research be used for? Passive optical networking (PON) was a possibility, but the market wasn't likely to accept what would be yet another PON type. Eventually, in 2005, the researchers stumbled onto the possibility of using their work for security.

By 2007, they had gotten the spectral efficiency to 90 percent and were able to apply PLS to a 40-Gbit/s network over 400 kilometers, a result accepted as an OFC/NFOEC post-deadline paper.

The method can work at 10 or 40 Gbit/s, but Telcordia is shooting for the 100 Gbit/s market, since there's no security standard there yet. A commercialized product could be ready in about two years, Etemad thinks, which would be on track with the expected 2010 ratification of the IEEE 802.3ba standard for 100-Gbit/s Ethernet.

The organization is hoping to find an equipment-vendor partner to turn PLS into a real product by then. Likely end users would be the usual groups needing security -- the military, financial companies, or health care organizations.

"I've got banks who are wanting it. I'm telling them to talk to their vendors into doing it," Etemad says.

— Craig Matsumoto, West Coast Editor, Light Reading

gbmorrison 12/5/2012 | 3:29:17 PM
re: Telcordia Readies 100-Gbit/s Encryption True. Bank IT and telco capex for 2009 is going to be a fraction of previous years, I would think. But consumer demand on bandwidth should look really healthy. It's just that you don't need to super encrypt Spaghetti Cat.
Pete Baldwin 12/5/2012 | 3:29:18 PM
re: Telcordia Readies 100-Gbit/s Encryption This topic opens up an interesting question I was thinking we should pursue for a story:

With all the financial institutions going broke (figuratively, i hope), what happens to all this bandwidth and security demand that was going to come from them?

I'm thinking it stalls. And that could be trouble, giving the number of companies who've been talking our ear off about the high-end data center.
Pete Baldwin 12/5/2012 | 3:29:18 PM
re: Telcordia Readies 100-Gbit/s Encryption The argument is that there are cases where you don't want a snooper to receive any kind of coherent signal at all, not even an encrypted one.

Is there a big market there? Dunno. But I'll bet the military, at least, is egging Telcordia on.
pavlovsdog 12/5/2012 | 3:29:18 PM
re: Telcordia Readies 100-Gbit/s Encryption The rest of the industry is moving away from optical processing and more towards electronics.

Look at all the 100G coherent DSP work.

Why would one want to encrypt optically, when you could do it in a CMOS DSP?

gbmorrison 12/5/2012 | 3:29:18 PM
re: Telcordia Readies 100-Gbit/s Encryption "Look at all the 100G coherent DSP work." Sounds interesting, who's up to this?
Pete Baldwin 12/5/2012 | 3:29:19 PM
re: Telcordia Readies 100-Gbit/s Encryption I see your point, but we *are* talking about the military here, and I'd imagine they want to plug any conceivable security hole.

Telcordia also says the U.S. Office of the Comptroller of Currency is requiring financial institutions to "encrypt optical communications leaving their secure locations," to quote the IEEE article. They're interpreting that to mean these optical links will need this kind of security.

Telcordia does admit that it's a small minority of links that would be candidates for this stuff, but that's still a multi-hundred million dollar market without any competition yet.
gbmorrison 12/5/2012 | 3:29:20 PM
re: Telcordia Readies 100-Gbit/s Encryption How real is this threat exactly? It seems you would have to be terribly sophisticated to breach the fiber line data in the first place, or you are the government in which case the equipment owner has to let them in anyway and you can't be putting up unbreachable security. I mean it sounds perfectly neat, but is there a real market?
Sign In