Distribution and Hybrid WDM-TDM ... architecture based on WDM-TDM and optical elements are proposed. ..... Fig.20 Offered TDM PON Load as Function of.
Advances in Information Science and Computer Engineering
Architecture of Decentralized Multicast Network Using Quantum Key Distribution and Hybrid WDM-TDM A.F.Metwaly 1, Nikos E. Mastorakis 2 1 Information
Technology Department, Al-Zahra College for Women, Oman of Sofia, Bulgaria
2 Technical University
Abstract. Multicasting refers to the transferring of a message or information from one sender to multiple receipts instantaneously. Group key management protocols can be almost organized into three categories centralized, decentralized, and distributed. Maintaining confidentiality in a multicast communication system is mainly significant concern. Confidentiality means generation, management and distribution of keys among group members in a secured manner. Quantum key distribution proves unconditional security characteristic through no cloning theorem. Virtual private network “VPN” protects each transmitted packet/message over the internet through tunnelling mechanism. Most of current key management approaches’ and techniques’ used through quantum key distribution are unicast. In this paper, a secured multicast group is divided into smaller groups and each subgroup will assign to a local Multicast Quantum Key Controller “ . Each requires two different channels; quantum and classical. A quantum channel is to transmit and deliver the encoded quantum signals to its sub-group members’, as well QKD protocol to generate authentication and private keys. A classical channel is used to transmit messages and distribute raw private keys among sub-group members’, as well as, transmit the encrypted messages through VPN. According to the work in this paper, a decentralized group key management logical architecture using quantum key distribution and virtual private network, as well as, physical architecture based on WDM-TDM and optical elements are proposed. Multiple members’ communication is achieved with full or partial support of . Rotation of polarized photons in Pauli X Bloch sphere direction is used to generate keys. Encryption of the transmitted messages among multicast sub-group members is achieved by rotated angle in Y direction. Decryption of the transmitted messages is reached through the inverse rotation in Y direction with rotated angle
Key-Words: Virtual Private Network, Multicast Quantum Key Controller, Decentralized Group Key, Quantum Key Distribution 1. Introduction
Using IP Multicast is capable of overcome unicast problems. Secure multicast network requires an effective key management scheme where the participants group can signify
IP unicast deteriorates from many problems as exhausted network bandwidth and performance.
ISBN: 978-1-61804-276-7
504
Advances in Information Science and Computer Engineering
participants would like to transmit information securely, they have to distribute a secret key beforehand the encryption process is initiated. There are two solutions for this problem, either by using asymmetric or quantum cryptography. In Asymmetric Cryptography, each participant has two different keys called public and private respectively. The public key is visibly announced and utilized for encryption process. The private key is confident and just known for perspective user, as well as, it is used for decryption process. If a sender wishes for transmitting a message / plain text to a receiver, then sender has to encrypt the message with receiver’s public key commonly called cipher text, subsequently receiver decrypt cipher text by its private key. In 1976 Whitfield Diffie and Martin Hellman [ref] have proposed the first asymmetric cryptography technique. In 1978, Ronald Rivest, Adi Shamir, and Leonard Adleman “RSA” have performed the first practical execution of asymmetric cryptography. Asymmetric cryptography techniques depend on unverified computational postulations which conduct to future security issues. Most common asymmetric cryptography algorithms are Digital Signature Algorithm and RSA [16, 17]
variable levels of Credibility. The concept of multicasting is established in 1985 and expanded by Steve Deering from University of Stanford [1]. On the other hands, group key management protocols can be almost structured into three categories; exactly centralized, decentralized, and distributed. Centralized Group Key Management “CGKM“ systems which have been proposed in [2,3,4, 5, 6, 7, 8] require a single centralized confidence group controller which is responsible to manage the secured transmitted messages among group members’, as well as, synchronize member joining / leaving and rekeying the messages. CGKM suffers from many serious problems as single point of failure which means that by failing CGKM, the whole multicast network stops working, The other problem is the performance bottleneck where CGKM receives requests from multiple members of the whole group concurrently which leads to transmission suspension or network breakdown [2,3,4, 5]. Decentralized Group Key Management “DGKM“systems which have been proposed in [9, 10, 11, 12] rely on that the group is spitted into several distinctive smaller groups also called sub-groups. Each sub-group has a controller called a subgroup controller “SC”. The SC is responsible for key generation and distribution, as well as, synchronization of member joining / leaving and rekeying the messages among its sub-group members’. DGKM suffers from many problems like single point of failure conversely from smaller level where each sub-group members relies on its local controller, and by failing a local sub-group controller, the whole multicast sub-group stops working. Distributed /Contributory Group Key Management “CGKM“systems which have been proposed in [13, 14, 15] indicate that all multicast group members participate in the key agreement and generation. In CGKM scheme, all members are equally and uniformly effort load. CGKM have many issues, the most important one is strict synchronization among all contributed members
Currently, most of asymmetric algorithms are extensively suffer from the mathematical drawbacks as prime factorization and discrete logarithm calculation. One of the primitive innovations in quantum computation and quantum information is the key distribution between communicating participants without compromising security. This technique is identified as the quantum cryptography or quantum key distribution [ref]. In 1960, the principal idea of quantum cryptography has been proposed by Stephen Wiesner. Unfortunately, this idea has not accepted for publication. Based on Stephen Wiesner’s previous effort, Bennett and Brassard have used quantum mechanics and proposed the first Quantum Key Distribution protocol called BB84 [18,19,20]. Quantum cryptography or quantum key distribution has been used to develop the laws of quantum mechanics to allow provably the secured sharing of
Key generation and distribution is the principal challenge in the multicast cryptography. If two
ISBN: 978-1-61804-276-7
505
Advances in Information Science and Computer Engineering
confidential information between two participants over a freely available “public” channel by generating qubits based on randomly polarized photons. Accordingly, the resulted private keys are proved with unconditional security property based on fundamental laws of physics. No-cloning theory proves that an intruder can’t obtain any information form transmitted qubits between communicating parties without disrupting their status. Quantum key distribution has only one constraint is that error rate must be lower than a greed threshold. If the error rate is less than the agreed threshold, the communication process will continue. Otherwise, the processed protocol will be terminated. Quantum mechanical laws can be used to solve the mathematical problems more efficient for any classical information processing [21, 22, 23]
uses quantum key distribution and classical channel uses virtual private network. The physical architecture of the proposed scheme based on hybrid WDM-TDM and optical elements, where multiple users in sub-group can share one WDM wavelength's capacity with fixed slots of TDM. Key generation and distribution for a multicast sub-group uses rotation of polarized photons in Pauli X Bloch sphere direction to generate keys. Rotation is achieved with rotated angle in x with 180◦. Encryption of the transmitted messages among multicast sub-group members is achieved by rotating the transmitted polarized photon with rotated angle on Y Bloch Sphere direction. Decryption of transmitted messages is reached through the rotation in reverse Y direction with rotated angle . Members in the same subgroup communicate securely using shared Quantum Transport Encryption Key. Members in Different sub-group communicate securely by entirely and partially support of local and respectively. destined
Time division multiplexing (TDM) is a kind of digital multiplexing which manipulates the communication of several transmitters consecutively by providing a transmitter the whole wavelength scope of channel but channel is spitted into time slots. Every transmitter has provided a slot and the slots are turned amongst the transmitters. After the last time slot for channel is handled, the cycle begins around once again with a new frame, starting with the second sample, byte or data block from the channel. Time Division Multiplexing is distinguished in synchronous and asynchronous. WDM is founded on a recognized model called frequency division multiplexing or FDM. FDM splits channel bandwidth into several channels. Every channel occupies a part frequency band. In WDM architecture, every signal channel is identified as one wavelength. Single wavelength is transferred and developed into concurrent multi-wavelength. So, the transmission capacity will be grown [24, 25]
This paper is organized as; in section 2, the literature review of related works is discussed. In section 3, our general proposed logical and physical architecture for designing a secured decentralized multicast QKD network is illustrated in details with VPN and WDMTDM. In section 4, key generation, encryption and decryption, as well as, concurrent Members’ Communication requests are discussed in details. Section 5 demonstrates the security and performance analysis. Section 6 concludes the paper.
2. Related Works The majority of the current applications of Quantum cryptography are point-to-point approaches with one source transferring to only one destination which delivers a secured key. There are number of approaches and prototypes for the exploitation of QKD to secure communications. In 2003, the European project Secure Communication based on Quantum Cryptography (SECOQC) is started by effort of 41 research and modern groups
In our proposed scheme a secured multicast group is divided into smaller groups and each sub-group will assign to a local Multicast Quantum Key Controller “ . A decentralized group key management logical architecture requires two different channels; quantum and classical. The quantum channel
ISBN: 978-1-61804-276-7
506
Advances in Information Science and Computer Engineering
form the European Union, Switzerland and Russia. SECOQC aspires to improve the pointto-point Quantum cryptography as long distance key distribution. The architecture of SECOQC network consists of two divisions. The first division is a trusted private network which established between end points and Quantum Back Bone “QBB”. The second division is a quantum system which made up of QBB nodes. QBB is contained with a number of QKD devices that are attached with other QKD devices in one-to-one connection as shown in Fig. 1 [26, 27]
Fig.2 DARPA point-to-point QKD Network Structure In [30] architecture of centralized multicast scheme is proposed based on hybrid model of quantum key distribution and classical symmetric encryption. The proposed scheme solved the key generation and management problem using a single entity called centralized Quantum Multicast Key Distribution Centre as well authentication between Quantum Multicast Key Distribution Centre and group members achieved using EPR entangled Photons and controlled-NOT gate as shown in Fig. 3
Fig.1 SECOQC QKD Network Structure
Quantum Multicast Key Distribution Centre
In 2003, Advanced Research Projects Agency (DARPA) and Bolt, Beranek and Newman (BBN) Technologies have constructed the first completely functioning quantum cryptography network in the world. Firstly DARPA – BBN project consists of 6 nodes but now total nodes is 10 among Harvard University, Boston University, and BBN. All nodes are successively running on a high-speed fiber optic telecommunications infrastructure. DARPA – BBN project goal is to distribute the security keys from node-to-node using Quantum Key Distribution, as well as, protect message movement among communicating nodes using IPsec- VPN technology. DARPA – BBN network maintains a diversity of QKD technologies fiber modulated phase, entanglement over fiber and wireless quantum network but it is still used for point to point communication system as shown in Fig. 2 [28, 29]
ISBN: 978-1-61804-276-7
Group Member
m
s
f
CNOT
Identify
f
f
s
Measurement
CNOT
m
Key Update
Measurement
Fig.3 Quantum Multicast Key Distribution Centre using EPR entangled Photons and controlled-NOT gate
507
Advances in Information Science and Computer Engineering
3. General Logical and Physical Architecture of Decentralized Multicast QKD-VPN
routing. QKD nodes obviously act as mutualized resources for all as shown in Fig.5.
In our proposed scheme as illustrated in Fig.4, a secured multicast group is broken into numerous smaller groups called subgroups. Each sub-group will be assigned to its perspective . Each requires two different channels which quantum and classical. A quantum channel is to transmit and delivery of encoded quantum signals to its sub-group members’ as well as, QKD protocol for generation authentication and private keys. A classical channel is used to transmit the messages and distribute the raw private keys among sub-group members’ as well as, transmit encrypted messages through VPN. The generated keys used for encryption and decryption also play an important role for designing a decentralized secured multicast network from QKD protocols.
Fig.5 Decentralized QKD Node-by-Node Routing
QKD nodes are also responsible for messages and signals movement/ routing. Individual users send interesting traffic to its local . Each accumulates interesting traffic from its perspective members and sends it to the nearest QKD node. The interesting traffics then is transmitted and routed through node by node until is received by the desired in other side. 3.2 Architecture of Decentralized VPN Node by Node In our scheme, as illustrated in Fig.6, site-to-site multicast group VPN tunnel is used to connect multiple sub-groups securely over the classical channel, as well as, to ensure data integrity, confidentiality and protection of transmitted messages among different sub-group members. Tunnelling mechanism means adding a security layer for all transmitted packets. In tunnel mode, virtual channels have to build between sub-groups. These virtual channels are familiarized with virtual private network (VPN). A Multicast VPN provides subgroups’ to clearly communicate its private network over the network backbone of a service provider as well delivers a dynamically scalable high-speed
Fig.4 General Logical Architecture of Decentralized Multicast QKD-VPN 3.1 Architecture of Decentralized QKD Node by Node Quantum network structure for transmitting quantum signals and moving photons from one sub-group to another sub-group, in other words transmitting quantum signals’ between two different , is done through QKD nodes
ISBN: 978-1-61804-276-7
508
Advances in Information Science and Computer Engineering
information transmission for several sites concurrently. Multicast VPN protects segments transmission over an open network by using tunneling mechanism. In virtual private network, data encryption and decryption performed at inbound and outbound tunnel interfaces respectively.
Fig.7 Physical Architecture of WDM-TDM Decentralized Network
Transmitting
the whole wavelength between
and sub-groups is achieved by TDM. Channels between and sub-groups are spitted into time slots. Every sub-group has provided a slot and the slots are turned amongst the sub-groups. After the last time slot for channel is handled, the cycle begins around once again with a new frame, starting with the second sample, byte or data block from the channel. TDM and WDM operation is illustrated in Figs. 8 and 9 respectively
Fig.6 Decentralized VPN Node-by-Node Tunneling
3.3 Physical Architecture of WDM-TDM Decentralized Network In order to provide high utilization of the fiber bandwidth capacity in our proposed physical architecture, a hybrid WDM -TDM is used between and sub-groups. Hybrid WDM -TDM combines advantages of both techniques. Advantages of WDM include increasing capability of delivered capacity as each subgroup has its own λ channel and λ-routing, congestion is stopped between and subgroups, as well as, virtual communication is and sub-groups. established between Advantages of TDM include sharing, power splitting and flexibility of delivered capacity between and sub-groups, as illustrated in Fig.7
Fig.8 TDM Operation for Sub-Group 1
Fig.9 WDM Operation for Sub-Group 1
ISBN: 978-1-61804-276-7
509
Advances in Information Science and Computer Engineering
4. Key Generation and Members Communication
has two line cards; uplink and downlink cards, which used for upstream and downstream between and sub-groups respectively. Each sub-group has one uplink and one downlink card, for example sub-group 1 has uplink and downlink card 1 connected to the number of uplink and downlink cards depends on the number of the connected subgroups. For N sub-groups, requires N uplink and N downlink cards. In the downstream path data transfer “OLT to the ONUs” is transmitted from to subgroups, while in the upstream path data transfer “ONUs to the OLT” is transmitted from subgroups to . The transformation between the electrical waves managed by ’s equipment and the fiber optic signals used by sub-groups is achieved through an optical line termination (OLT) ,as well as, synchronize the multiplexing between the transformation tools of optical network unit (ONU). Altogether ONUs are linked to the OLT through a combiner/splitter, the transmission between ONUs is achieved only through the OLT. ONU provides access to the fiber distribution cable between and sub-groups as well deterrence of unauthorized Access. The performance and diagnostics monitoring between and sub-groups are achieved using fault monitor. Fault monitor connected through Ethernet switch to ONU, as illustrated in Fig.10.
For each sub- group, is responsible for generating and managing keys amongst local members, as well as, for distributing two keys for each member in a local group. One key is employed for encryption, decryption and authentication of transmitted messages called Quantum Transport Encryption Key. The Other key, called Quantum Local Encryption Key is used to encrypt Quantum Transport Encryption Key, as well as, for communicating between a member and its perspective . The sender uses Quantum Transport Encryption Key to encrypt a multicast message using symmetric key algorithm. chooses a random string of bits to generate different Quantum Transport Encryption keys for sub-groups ,as well as, a series of polarized quantum-state photons from a quantum source to encode random string of bits. qubits are sent from to sub-group through quantum fiber optic channel. Each sub- group computes each photon in one of frequent randomly choice bases. Each Multicast Quantum Key Controller has a key store / buffer to push the generated keys to all members in sub-group, as well as, key synchronization between Multicast Quantum Key Controller and its sub-group members’. Key information has to be removed from the joint store to be dedicated for inbound or outbound communication. As soon as key information has been successfully used, it is destroyed and no longer available (see Fig. 11).
Fig.11 Multicast Operation
Fig.10 Detailed Physical Architecture of WDM-TDM Decentralized Network
ISBN: 978-1-61804-276-7
510
Quantum
Key
Controller
Advances in Information Science and Computer Engineering
The confidence and effectiveness of the distributed keys rely on eavesdroppers’ detection using quantum principles and laws to calculate quantum bit error rate. and the sub-group compare qubits over classical channel. Transmitting encoded qubits messages over classical channel are secured based on VPN. An eavesdropper attempts to spy on communication channel at some point of key distribution stage which produces measurements based on wrong basis.
Quantum bit error rate is decided by the percentage of errors in the distributed keys and a particular established threshold level between and sub-groups. If Quantum bit error rate is within a specified threshold, then the remaining transmission process is resumed else the transmission process is abandoned. Subsequently, correct the resultant transmission errors and improve the privacy of final agreed raw key using key distillation process. Abstract parameters and terminology which are used for the proposed scheme are defined in Table 1.
Table 1: Abstract Parameters and Terminology Used
4.1 Key Generation Sub-Group with ID i
Key generation plays an important role in security of decentralized communication system. In our scheme, the rotation of polarized photons in Pauli X Bloch sphere direction is used to generate keys. The rotation is achieved with
Quantum Multicast Key Controller of Sub-Group with ID i Quantum Local Encryption Key of Sub-Group with ID i
rotated angle in x direction with X operator. X operator is equivalent to a rotation of 180◦ about the x axis as showing in equations 1-3.
Quantum Transport Encryption Key of Sub-Group with ID i
First Key
Quantum Inter-Domain Key between controller I and controller j A member with ID I within SubGroup i
=
(1)
Plain message
Second Key Cipher message
E
D
.
Encrypt plain message M by rotation in Y direction
=
Decrypt cipher message by inverse rotation in Y direction Quantum Inter-Sub-Group key between member with ID I within Sub-Group I and member with ID j within Sub-Group j
ISBN: 978-1-61804-276-7
=
.
.
(2)
Final Key
.
511
=
.
Advances in Information Science and Computer Engineering
=
.
Let be a decryption of received quantum state which consists of encrypted single transmitted photon from a sender to a receiver. When the receiver receives encrypted polarized photon , it has to rotate the received photon by the , which means the rotation in reverse Y direction with rotated angle . So the receiver can retrieve original as in equations 9-13. state
(3)
4.2 Encryption be an encryption of quantum state Let which consists of single transmitted photon from a sender to a receiver. With the purpose of preventing eavesdropper from reading and stealing the polarized transmitted photons, the sender encrypts each transmitted polarized photon by rotating on Y Bloch Sphere direction. Let rotating on Y Bloch Sphere direction with rotated angle and qubit are given respectively by equations 4-8
=
=
(9)
(10)
Receiver decrypts generate
(4)
with
(11)
(5) Sender encrypts
with
and
and
generate (12)
(6) =
=
(13)
(7) 4.4 Members’ Communications in Same Sub-Group
(8)
This result indicates that component with
If two members within the same sub- group need to communicate securely, they communicate using shared Quantum Transport Encryption Key. The transmitter encodes plain message by shared Quantum Transport Encryption Key as in equation 14.
rotate and
component
with
4.3 Decryption
ISBN: 978-1-61804-276-7
)
512
(14)
Advances in Information Science and Computer Engineering
When the destination receives cipher text, it decrypts it using the same Key as in equation 15.
the received original message using Quantum Local Encryption Key of initiated sub-group, as well as, encrypting it with agreed inter domain encryption key.. The destined decrypts message with agreed inter domain encryption key, as well as, encrypting it with destined sub-group Quantum Local Encryption Key. The destined member decrypts it with Quantum Local Encryption Key. Moreover, the destination receives the original message which is sent by the sender as shown in equations 16-21 and Figs. 13, 14 respectively. (1) Sender encrypts message with Quantum Local Encryption Key of its sub –group and sends it along with the desired member to its perspective local
(15) If two or more members in the same sub-group need to securely transmit messages then encoding / decoding process is obtained by Quantum Transport Encryption Key of subgroup. The sender encodes original message using sub-group Quantum Transport Encryption Key. Encoded messages will be sent out through fiber optic telecommunication infrastructure. The destination decodes it by the same key. Now, the destination recovers original message as illustrated in Fig.12
Plain Message
Encode
Cipher Message
Decode
) (16) decrypts it with Quantum (2) Local Local Encryption Key of Sender sub – group
Plain Message
(17) (3) Local opens a secured channel with destined of desired member to create agreed intra-domain encryption key (4) Local encrypts message with agreed intra-domain encryption key and sends it along with the desired member to destined
Sub-Group 2
Sub-Group 2
Quantum Transport Encryption Key
Fig.12 Members’ Communications in Same Sub-Group 2
(18)
4.5 Members’ Communication in Different Sub-Groups by Entirely Local and Destined This procedure involves the behaviour of local . If one participant in a sub –group needs to communicates with another participant in a different sub –group by full process of . In this process, the sender encrypts messages with its sub –group Quantum Local Encryption Key and sends it along with the desired member to its perspective local . The local and destined communicate with each other to generate agreed inter domain encryption key The local is responsible for decrypting
ISBN: 978-1-61804-276-7
Fig.13 Right Part operation between Sub-Group1 and its Local , Left Part operation between Local and Destined
513
Advances in Information Science and Computer Engineering
Encryption Key of Sender subgroup. The sender retrieves both agreed Quantum InterSub-Group Key and Quantum Transport Encryption Key of the destined sub –group by decrypting with Quantum Local Encryption Key of its subgroup. The sender encrypts agreed Quantum Inter-Sub-Group Key with Quantum Transport Encryption Key of the destined sub –group. The receiver retrieves agreed Quantum Inter-Sub-Group by decrypting with its Quantum Transport Encryption Key. So, now sender and receiver can communicate securely with agreed Quantum Inter-Sub-Group key as shown in equations 22-28 and Fig. 15 respectively.
(5) Destined decrypts message with agreed intra-domain encryption key ,as well as, encrypts it with Quantum Local Encryption Key of destined sub –group (19) )
(20)
(6) Destined sends messages to desired member (7) Desired member decrypts messages with its sub –group Quantum Local Encryption Key
(1) The sender encrypts message with Quantum Local Encryption Key of its sub –group and sends it along with the receiver member to its perspective local , see equation 16. (2) The Local decrypts it with Sender sub –group Quantum Local Encryption Key see equation 17 (3) The Local opens a secured channel with destined of the desired member to create agreed Quantum Inter-Sub-Group key between the sender and the receiver (4) The Destined forwards Quantum Transport Encryption Key of the receiver sub –group to Local (5) The Local encrypts both agreed Quantum Inter-Sub-Group Key and Quantum Transport Encryption Key of destined subgroup with Quantum Local Encryption Key of Sender sub –group, see equations 22, 23.
(21) (8) Now , the desired member retrieves the original messages transmitted by the sender
Fig.14 Operation between Sub-Group 2 and its Local 4.6 Members’ Communication in Different Sub-Groups by Partially Local and Destined This process involves the behaviour of if one participant in a subgroup needs to communicate with another participant in a different subgroup by partial support of . In this process, the local and destined communicate with each other to generate agreed Quantum Inter-Sub-Group key between the sender and the receiver. The Local encrypts both agreed Quantum Inter-SubGroup Key and Quantum Transport Encryption Key of destined subgroup with Quantum Local
ISBN: 978-1-61804-276-7
(22) (23) (6) The sender retrieves both agreed Quantum Inter-Sub-Group Key and Quantum Transport Encryption Key of the destined subgroup by decrypting with
514
Advances in Information Science and Computer Engineering
Quantum Local Encryption Key of its sub – group, see equations 24,25
5. Performance Demonstration
Analysis
In our simulated experiment, as illustrated in Fig.16, an Optical Line Terminal (OLT) is configured on quantum multicast key controller side and a number of Optical Network Terminals (ONTs) configured on sub-groups side, as for each sub-group assigned to one ONT. The Communication and transferring between quantum multicast key controller and sub-groups, in other words between OLT and various ONTs, is achieved over an optical splitter. Optical splitter responsibility is multiplex or de-multiplex signals relied on their source and receiver. An optical splitter 1x32 for 32 sub-groups is used in our simulated experiment. Concurrent transmission of distributed keys as well as, different secured separate service types which includes data,
(24) (25) (6) The sender encrypts agreed Quantum InterSub-Group Key with Quantum Transport Encryption Key of the destined sub –group, see equation 26
(26) (7)
and
The receiver retrieves agreed Quantum Inter-Sub-Group by decrypting with its Quantum Transport Encryption Key, see equation 27.
information and multimedia between and sub-groups on the same fiber is achieved by different wavelengths for each direction. Using λ =1490 for shared voice and data traffic downstream communications as well λ =1550 for shared video.
(27) (8) Now , member with ID I within Sub-Group I and member with ID j within Sub-Group j communicate securely with Quantum Inter-SubGroup key, see equation 28.
(28)
Fig.16 Simulated Decentralized Network
Using λ =1310 for voice and data upstream traffic communications. In downstream communication, broadcasts data through OLT towards all ONTs of sub-groups. When ONT receives data, it extracts address field. If an address matches sub-group address, data will be forwarded, otherwise it is
Fig.15 Operation of M embers’ Communication in Different Sub-Groups by Partially Local and Destined
ISBN: 978-1-61804-276-7
515
Advances in Information Science and Computer Engineering
discarded. The transmission between OLT and ONT has to encrypt by agreed various generated keys between and sub-groups. In upstream communication, ONTs of subgroups share wavelength using Time Division Multiple as well through OLT controls the ONTs timeslots. The required optical power from the OLT to the ONTs will be extremely influenced by an increasing of power splitting percentage. For the initiation duration of communication between and sub-groups optical power capacities is required to certify that adequate power is provided to all ONTs of sub-groups in both direction of downstream and upstream. In Fig.17, an achieved downstream and upstream optical Power Performance is illustrated as function of relative different wavelengths.
Fig.18 Generated Secure and Sifted keys as Function of Fibre Distance The sifted key rate across 35 km and 80 km are 1395.64 and 121.36 Kbits/s respectively. Fig.19 demonstrates and summarizes Quantum Bit Error Rate “QBER” and number of errors as a relation of secured key rate. For secured key rate equal to 1000 Kbits/s is showing 2.2 % and 22 Kbits/s as QBER and number of errors respectively. For secured key rate equal to 600 Kbits/s is showing 4.2 % and 25.28 Kbits/s as QBER and number of errors respectively.
Fig.17 Achieved Downstream and Upstream Optical Power Performance as Function of Relative Different Wavelengths Fig.18 demonstrates and summaries secure key ratio and sifted key rated in Kbits/s as a function of fiber distance in km. According to Fig. 15, we can examine that there is contradictory relation between the generated keys and fiber cable distance, as long fiber cable distance increases, the generated secure keys decreases. The secured key rate over 20 km and 50 km are 1500 and 530 Kbits/s respectively. As per fiber optics properties’, the generated sifted key rate downgraded as fiber distance increases.
ISBN: 978-1-61804-276-7
Fig.19 Generated Secure and Sifted keys as Function of Fibre Distance In Figs.20, 21, five sub-groups are randomly selected as 1, 2, 4, 8 and 16 respectively for checking overall. The overlap partition with the wavelength arcs for the various sub-groups
516
Advances in Information Science and Computer Engineering
delivers a comparable suspension and packet deficiency state for wholly sub-groups. The relation between numbers of operative TDM optical networks, average and highest number of wavelengths essentially needed for various sub-groups packets movement load.
that increased number of sub-groups in a decentralized network and the network operational improvement. From the results, we can notice that there is a large inconsistency regard an extremely flow of traffic between the normal and the highest number of wavelengths required.
6. Conclusion A decentralized secured multicast group is divided into smaller groups and each sub-group will assign to a local Multicast Quantum Key Controller “ . Each requires two different channels; quantum and classical. A quantum channel is to transmit and delivery of encoded quantum signals to its sub-group members’, as well as, QKD protocol for entertains authentication and private keys. A classical channel is used for movement of messages and distribution of raw private keys among sub-group members’, as well as, for transmitting the encrypted messages through VPN. In order to provide high utilization of the fiber bandwidth capacity, a hybrid WDM -TDM is used between and sub-groups. Key generation and distribution for a multicast sub-group using rotation of polarized photons in Pauli X Bloch sphere direction to generate keys. Encryption and Decryption of transmitted messages are reached through the rotation and reverse rotation in Pauli Y Bloch sphere direction respectively. According to the simulated results, we can examine there is contradictory relation between the generated keys and fiber cable distance, as long as fiber cable distance increases, the generated secure keys decreases. Additionally, there is a contradictory relation between the multicasting flexibility and the network operational improvement, as well as, there is a large inconsistency regard an extremely flow of traffic between the normal and the highest number of wavelengths required. In the future, we will work on the implementation of multicast quantum network for free space technology, as well as, for optical wireless technology. Also, the enhancement of multicasting flexibility and the network operational will be investigated.
Fig.20 Offered TDM PON Load as Function of Average Number of wavelengths for SubGroups 1,2,4,8 and 16 Numeral of wavelengths is illustrated as parallel line. Hence, it obviously illustrated there is a consistent relation between numbers of allocated TDM per sub-group and the whole decentralized network output. So, as the number of allocated TDM increases per sub-group then a decentralized network output increases for equivalent deferral and packet drop performance.
Fig.21 Offered TDM PON Load as Function of Maximum Number of wavelengths for SubGroups 1,2,4,8 and 16
References 1. S. Deering, Internet Draft, RFC 1112, August (1989). 2. R. Canetti, J. Garay, G. Itkis, D. Micciancio, M. Naor, B. Pinkas,
On other side, there is a contradictory relation between multicasting flexibility which means
ISBN: 978-1-61804-276-7
517
Advances in Information Science and Computer Engineering
3.
4.
5. 6. 7. 8.
9.
10. 11.
12.
13.
14.
15.
16.
17.
Proceedings of INFOCOM’99 Conference on Computer Communications 2, 708 (1999) p. 708 R. Canetti, T. Malkin and K. Nissim, Advances in Cryptology, EUROCRYPT, Lecture Notes in Computer Science (Springer-Verlag, 1592, Prague, Czech Republic 1999) p. 459 G. Caronni, K. Waldvogel, D. Sun, B. Plattner, Proceedings of the Seventh IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET-ICE ’98) p. 376 (1998) H. Hamey and C. Muckenhim, Internet Draft, RFC 2094, July (1997). S. Rafaeli, D. Hutchison, ACM Comput. Surv. 35, 309 (2003) C.K. Wong, M. Gouda, S.S. Lam, IEEE/ACM Trans. Network. 8, 16 (2000) H.M.N. Dilum Bandara, A.P. Jayasumana, Peer-to-Peer Networking and Applications (Springer) 6, 257 (2013) L. R. Dondeti, S. Mukherjee, and A. Samal, 4th IEEE Symposium on Computers and Communications (Sharm El Sheikh, 1999) p. 2 S. Mittra, Journal of Computer Communication Reviews, 27, 277 (1997) R. Molva and A. Pannetrat, 6th ACM Conference on Computer and Communications Security (Singapore, 1999) p. 101 I. Ingemarsson, D. Tang, and C. Wong , IEEE Transactions on Information Theory, 28, 714 (1982) C.-J. Guo, Y.-M. Huang, International J. Innovative Comput. Information & Control 8, 5523 (2012) H. Siramdasu, H. Krishna, International J. Engineering Trends and Technology (IJETT) 4, 1367 (2013) D. Steer, L. Strawczynski, W. Diffie, and Wiener, Advances in Cryptology, CRYPTO, (Springer-Verlag, California, USA 1990) p. 520 W. Diffie and M. E. Hellman, IEEE Transactions on Information Theory, 22, 644 (1976) Y. Kumar, R. Munjal, H. Sharma, International Journal of Computer Science and Management Studies 11, 60 (2011)
ISBN: 978-1-61804-276-7
18.
19. 20. 21. 22.
23. 24.
25.
26.
27. 28. 29.
30.
518
C.H. Bennett, G. Brassard, Proceedings of IEEE International Conference on Computers, Systems and Signal Processing (Bangalore, India, 1984), p. 175 C.H. Bennett, Phys. Rev. Lett. 68, 3121 (1992) C.H. Bennett, F. Bessette, G. Brassard, L. Salvail, J. Smolin, J. Cryptology 5, 3 (1992) W.K. Wooters, W.H. Zurek, Nature 299, 802 (1982) F. A. Bovino , P. Varisco, A. Martinoli, P. De Nicolo, S. Bruzzo, A. M. Colla, G. Castagnoli, G. Di Giuseppe, and A. V., International Journal of Quantum Information, 3 , 141 (2005) L. Goldenberg, L. Vaidman, Phys. Rev. Lett. 75, 1239 (1995) C. Bock, J. Prat, and S. D. Walker, “Hybrid WDM/TDM PON Using the AWG FSR and Featuring Centralized Light Generation and Dynamic Bandwidth Allocation”, Journal of Lightwave Technology, Vol. 23, No. 12, Dec. 2005, pp. 3981-3988. N. Calabretta, M. Presi, R. Proietti, G. Contestabile, and E. Ciaramella, IEEE Photonics Technology Letters, 19 , 1227 (2007) A. Poppe, M. Peev, and O. Maurhart, International Journal of Quantum Information, 6, 209 (2008). M. Peev, C. Pacher, et al., New Journal of Physics, 11, 1367 (2009). C. Elliott, New Journal of Physics, 4, 46 (2002). C. Elliott, A. Colvin, D. Pearson, O. Pikalo, J. Schlafer, and H. Yeh, Proceeding of SPIE Quantum Information and Computation III. (SPIE press, 5815, Washington, USA 2005) p. 138 A.F. Metwaly, M.Z. Rashad, F.A. Omara, A.A. Megahed, Eur. Phys. J. Special Topics ,223,4 (2014)
