Optical Cryptography 158
chill writes: "In Cryptonomicon, Neil Stephenson wrote about Bell Labs' research into using static, or chaotic signals to mask communications. A message would be generated, then the signal masked in noise. Someone on the other end would subtract out the noise to get the signal. Works great if both ends have the exact same noise. Now, Jia-ming Liu, professor of electrical engineering at UCLA, is giving a presentation on doing essentially the same thing using OC-48 (2.5 Gbps) optical circuits. The presentation will be at the upcoming Optical Fiber Communications Conference and Exhibit. There is an article covering this and some other nice advances in optical over in Wired."
A Shortcut... (Score:5, Informative)
Nope: You've just given the bad guy your key. (Score:3, Informative)
The trick to all noise-masking techniques is for YOU and YOUR PARTNER to have the same set of noise and NOBODY ELSE to have it.
Use a well-known public noise source and a link to that source becomes the key which decrypts all your traffic.
Oops!
Re:steganography ? (Score:3, Informative)
This is a one time pad (Score:3, Informative)
--sam
Re:Seems like a waste of noise... (Score:2, Informative)
--sam
Re:How is this different from (Score:2, Informative)
Re:Seems like a waste of noise... (Score:1, Informative)
Light consists of waves, and when two waves are placed on top of each other, they form a new wave that takes no more space or bandwidth than the first one.
Not the same as cryptonomicon. (Score:4, Informative)
The encryption in cryptonomicon was a one time pad. The pad was implemented as a record, but the concept was the same. The fact that the conversation could only last as long as the record and each record was only used once is indicative.
But then, perhaps the lasers could be considered an infinite one-time pad? Of course, if anyone else is listening to the synchronisation codes, couldn't they themselves end up with a synched laser too?
As a form of encryption, this doesn't appear (to me) to be incredibly useful to the average person. It doesn't secure the communication, only the physical connection between the two points. However, it would work for keeping snooping foreign governments from listening in on international traffic on submarine cables. Or nasty pirates from splicing themselves into the cable TV network...
No chaotic communication is *not* a one time pad. (Score:4, Informative)
It relies on the effect of chaotic synchronization. That sort of amazing fact that even though you can have a dynamical system that is continuously unstable in 'some degrees of freedom' making up the chaotic system the combination system of transmitter and receiver can still be stable in the 'transverse' direciton to the synchronization manifold.
All communication systems work by synchronization whether implicitly or explicitly. Here you will explicitly have chaotic oscillators as both transmitters and receivers. Yes, radio is like this too, you have a linear oscillator in the transmitting tower and an oscillator in your RF circuit in your receiver and their electric fields will synchronize the receiver's oscillator to the transmitter.
The trick is how to add in modulation and demodulation that does not destabilize the system and still permit reconstruction of the transmitted information.
All chaotic systems essentially have some sort of nonlinear feedback. The trick that seems to work very frequently with optical dynamics is to mix in some of the transmitted signal coming over the channel with the self-regenerated system at the receiver. In previous work with fiber optic ring laser it really was literally mixing optical signals, in the thing I did it was mixing in electro-optic electrical feedback signals; more like mixing intensities.
It turns out that a fairly generic form of dynamics often seems to work.
I worked on this project from a theoretical modeling level with Jia-Ming Liu's group at UCLA.
(We're at UCSD not UCLA).
I'm not sure what this new work is about but in the version that I did there was no significant role for the dynamics or properties of the fiber optics in the creation of the chaos or the demodulation.
It will a very significant amount of engineering to make this fully practical and find all the good properties but that's true for every advance.
Re:Seems like a waste of noise... (Score:1, Informative)
British American Link during World War II (Score:3, Informative)
Check out the NSA's explanation [nsa.gov]
Previous Slashdot Story [slashdot.org]
This isn't about the OTP (Score:2, Informative)
Yes, the actual encryption being performed is similar to a OTP. That's not the news here, though. The problem with OTPs has always been how to generate and distribute the pads. Typically, this requires transmission via some separate secure link (for instance, a courier), and leaves you with a limited amount of pad-- once you run out, you need to go through the whole rigamarole again.
This is a technique by which a key can be generated and distributed without that messy step. In the end, the data's basically being put through the same encryption process as one would use with a OTP, but it's being done with a random signal that's being generated on the fly over a wire between two geographically separated points, but is (ideally) still secure even if somebody eavesdrops.
Quantum cryptography is another example of a nifty concept that (in the end) relies on the old OTP technique. A random signal is generated and measured in two different places by measuring quantum characteristics of entangled particles. This is the cool part. Then that signal, which is truly random, can't be intercepted, and doesn't require a courier to deliver, is used as a OTP, which is the bread-and-butter part.
You might as well criticize a story on the development of fusion powered cars because the car still rests on old-fashioned wheels... which've been around for sooo many years.
Re:No chaotic communication is *not* a one time pa (Score:3, Informative)
For communication it is one-way synchronization with unidirectional coupling, not the mutual coupling which is more well known in math and physics.
The important point is that the chaos and the 'keys' and the message can all be combined nonlinearly.
Eavesdropper C would need the same chaotic system with the same settings up to some tolerance. Notice that robustness to attack is thus inversely proportional to tolerance to mismatch.
The issue of security is not directly addressed by chaotic communication.
Chaos may be an opportunity to do things other than classical encipherment. It may be like CDMA spreading a signal over a wider frequency band. It may allow you to use cheaper devices or those running past their "normal" tolerance bounds if the requirement for linearity is no longer a factor. It may mean lots of different things; the general point is a greatly increased flexibility and the potential to try widely different kinds of transmission methods. Linear signal transmission is kind of boring, there's AM, FM and minor variations upon those.
However, it may be that some digital ciphers have properties similar to chaotic systems and people are starting to investigate this connection at a different level. that is more mathematics now than communications engineering.
random noise (Score:2, Informative)
There's a couple things to be aware of in this system. First, it does not increase the amount of information sent. Here's an example:
Here's the message: 0 1 1 0 1 0 0 1
Here's the noise : 1 0 1 1 0 1 0 0
Then XOR them : 1 1 0 1 1 1 0 1
Notice that the message does not get any longer by encrypting it. As long as you know the noise, then you can take the XORed result and find the original message.
Another problem is that a lot of noise isn't really random. If the noise isn't random, then the message can be decrypted. For example, if there is a tendency for the noise to have a pattern or there are long series of 0's, the original message can be decripted without the "noise key". Very few physical processes are actually random (not hits on a website, not sunspots). One of them that is random is radioactive decay.
Variation on a theme (DSSS) (Score:2, Informative)
One useful side effect is that you can use two or more different sequences on the same band (or wire) the two underlying signals do not interfere with each other (or not to a great extent).
Anyway it looks like this professor has managed to create the optical equivalent of a linear feedback shift register with two matching lasers.
Simmilar work at Bangor University (Score:3, Informative)
Prof Alan Shore [bangor.ac.uk] has done some work simmilar to this [bangor.ac.uk] at Bangor university
Spectrum widening (Score:2, Informative)
Spectrum widening consists on "dissoluting" the original signal (i.e. a 1 MHz signal) into a larger one (i.e. a 100 MHz signal). This way, information is distributed thru the whole 100 MHz spectrum and you get shielding against noise and big resistance to spyers.
Re:Asymptotic rate is not good enough. (Score:2, Informative)
Roughly, Rissanen proved how well any estimator for probabilities that has a total of "k" free parameters that you can use as a coding thing (Kraft inequality and all that).... the extra coding redundancy, i.e. number of bits about N*H where H is the entroypy rate is k/2 log N.
So if you have a source with k free parameters and your receiver is in the same model class and can adapt those 'k' parameters, you will get a redundancy of k/2 log N.
That assumes you know the class.
If you don't know anything about the class it's also been proven that there is no single unviversal appraoch to the limit, i.e. the thing you're asking for in the first part is impossible to get.
For certain classes of input like Markov models, yes the CTW and other methods achieve the Rissanen limit and Lempel-Ziv does not, it has a clearly slower rate of convergence.
You might wonder whether or not LZ does achieve that limit on some other class of sources and CTW does not, but the class of sources that is LZ's is defined very implicitly and it's not very obvious.
There's been nothing found theoretically and in imost practical tests the modeling algorithms (CTW and prediction by partial matching---PPM) seem to be better on compression performance both finite length and asymptotically.
Interestingly the BWT and the subsequent coding of the transformed signal (BWT is only half of the bzip2 algorithm!) turns out to be sort of like a rough approximation to a context-tree kind of method (PPM or CTW) but with some extra glitches.
The advantage is that it's computationally fast.