1 Introduction

The issue of security is pivotal in fiber-optics network when it comes to huge amount of sensitive information. However, there are detrimental safety issues in fiber-optics transmission system, e.g., the eavesdropper (Eve) can get access to a small portion of optical signals by bending the optical fiber, which is not easy to be discovered by legitimate users (Shaneman and Gray 2004). At present, there are three types of security schemes including quantum key distribution (QKD), algorithmic cryptography and physical-layer cryptography. The traditional optical network security adopts data encryption of network upper layer protocol, and assumes that physical layer provides unblocked and error-free transmission. However, all algorithm-based encryption methods have been proven to be crackable (Zhou and Tang 2011). For example, it has been reported that the 768-bit RSA cryptosystem was broken in December 2009. QKD ensures the unconditional security in the sense that Eve can have unlimited physical abilities and computational power (Shields et al. 2012; Shimizu et al. 2014). The maximum key generation rate at present is around 1 Mb/s over a 50 km installed fiber (Sasaki et al. 2015). This performance, however, still falls short of the level for practical deployment in wide area public infrastructures. There is still a big gap between QKD and photonic network. Physical-layer cryptography can be an intermediate scheme to fill this gap (Jiang et al. 2006).

As an important merit of OCDMA technology, physical-layer security can improve the ability of optical fiber system to prevent eavesdropper from attack. Physical-layer security is measured by the probability that Eve could detect the user’s entire code (Shake 2005a, b). In the case of brute-force search, code cardinality is usually used to analyze the physical-layer security of the system (Wang et al. 2010). In Leaird et al. (2005), the eavesdropper uses energy detection for code interception, and physical-layer security is evaluated by code interception time and eye diagram. Three types of secrecy capacities are analyzed in Tan et al. (2016). Secrecy capacity is the largest rate at which eavesdropper gains no information from the message. Therefore, legitimate users need to select the appropriate channel coding to achieve the secrecy capacity. However, if the transmitter chooses to communicate at the channel capacity, the secrecy capacity is not sufficient to evaluate physical-layer security. In Ji et al. (2017), the security leakage factor is used to evaluate the physical-layer security level. However, due to the multiple access interference (MAI) and beat noise, the reliability and capacity of the system will be reduced, as well as the physical-layer security.

To further enhance the physical-layer security and reliability of coherent OCDMA systems, a quasi-synchronous coherent time-spreading OCDMA wiretap channel employing LA code is proposed in this paper. The influences of the extraction location, the extraction ratio, the number of active users on the physical-layer security are analyzed quantitatively.

This paper is organized as follows. In Sect. 2, we will introduce the quasi-synchronous coherent OCDMA wiretap channel model. In Sect. 3, performance of the quasi-synchronous coherent OCDMA wiretap channel will be analyzed. In Sect. 4, we will discuss the results of this security performance. The conclusions are drawn in Sect. 5.

2 Quasi-synchronous coherent OCDMA wiretap channel model

LA code is a kind of \(\left\{ { 0 ,\pm 1} \right\}\) sequence, which can be represented as LA (N, K, M). Here, N is the code length, K is the basic pulse number, and M is the length of the zero correlation zone (Fan et al. 1999). The normalized cross-correlation function of LA code is

$$\mathop C\nolimits_{x,y} (\tau ) = \left\{ {\begin{array}{ll} 0& {0 \le \tau \le {\text{M}} - 1} \\ {\frac{1}{N}\sum\limits_{i = 0}^{N - 1 - \tau } {\mathop a\nolimits_{i - \tau }^{x} \mathop a\nolimits_{i}^{y} } } & {{\text{M}} \le \tau < N - 1} \\ \end{array} } \right. .$$
(1)

Here, \(\mathop a\nolimits_{i}^{x(y)} (i = 0,1, \ldots ,N - 1)\) is the LA code for \(x(y)\) users, and \(\tau\) is the relative delay.

For LA (156, 8, 16), the length of is 156, the zero correlation zone is 16, and the code cardinality is 8. One of the basic LA codes is

$$\mathop a\nolimits^{1} = \left\{ {\underbrace {1,0, \ldots ,0}_{16},\underbrace {1,0, \ldots ,0}_{17},\underbrace {1,0, \ldots ,0}_{18},\underbrace {1,0, \ldots ,0}_{20},\underbrace {1,0, \ldots ,0}_{19},\underbrace {1,0, \ldots ,0}_{22},\underbrace {1,0, \ldots ,0}_{23},\underbrace {1,0, \ldots ,0}_{21},} \right\}.$$

If the relative delays between all LA codes are within the zero correlation zone, i.e., quasi-synchronization, the value of the code cross-correlation is zero. Therefore, the influence of MAI and beat noise in coherent OCDMA can be eliminated.

Figure 1 shows the quasi-synchronous coherent OCDMA wiretap channel model based on LA code, where legitimate users (Alice) wants to send a message to another user (Bob). An eavesdropper (Eve) intends to obtain useful information at extraction location with an extraction ratio x. Quasi-synchronous coherent OCDMA uses on–off keying (OOK) modulation. The system has k + 1 users, and each user data is encoded by different LA encoder. The relative delay between the users is controlled by the tunable optical delay line within the zero correlation zone. At the receiver, Bob will use matching decoder to decode the received optical signals, while Eve can only use non matching decoder. The receiver consists of an erbium-doped fiber amplifier (EDFA) with gain G and noise index F n , an optical filter with bandwidth B o , a p-i-n detector with responsivity R, and a low pass filter with an equivalent bandwidth B e (San and Vo 2000). We assume all users have the same transmit power P (Decoded chip signal power). The optical signal power at the Bob’s receiver is \(\mathop P\nolimits_{S} = (1 - x)\frac{P}{{\mathop {10}\nolimits^{\alpha L/10} }}\). Here, L is the total transmission distance of legitimate users, and α is the fiber attenuation coefficient. When the target user sends data “1” and “0”, the received average signal power can be represented as \(\mathop P\nolimits_{1} = \mathop P\nolimits_{S}\), \(\mathop P\nolimits_{0} = 0\).

Fig. 1
figure 1

Quasi-synchronous coherent OCDMA wiretap channel model based on LA code

Full size image

Eve intends to obtain useful information at extraction location \(l\) with an extraction ratio \(x\), and the signal power of extracting the target signal is \(\mathop P\nolimits_{Eve} = x\frac{P}{{10^{{{{al} \mathord{\left/ {\vphantom {{al} {10}}} \right. \kern-0pt} {10}}}} }}\). When Eve uses non matching decoder for decoding the optical signals, the cross-correlation peak of LA code is 1. Therefore, the received average optical power for data “1” is

$$\mathop P\nolimits_{E1} = \xi k\mathop P\nolimits_{Eve} + (1 /K^{2} )\mathop P\nolimits_{Eve} .$$
(2)

The received average optical power for data “0” is

$$\mathop P\nolimits_{E0} = \xi k\mathop P\nolimits_{Eve} .$$
(3)

Here, \(\xi\) is average normalized crosstalk value, i.e., \(\xi \equiv {{\left\langle {\mathop P\nolimits_{i} } \right\rangle } \mathord{\left/ {\vphantom {{\left\langle {\mathop P\nolimits_{i} } \right\rangle } {\mathop P\nolimits_{d} }}} \right. \kern-0pt} {\mathop P\nolimits_{d} }}\). \(\mathop P\nolimits_{i}\) and \(\mathop P\nolimits_{d}\) are the optical intensity of the decoded signal from inference users and targeted users.

3 Performance analysis

In quasi-synchronous coherent OCDMA wiretap channel, the relative delays between the users are controlled within the zero correlation zone of the LA code. Therefore, for legitimate user, the cross-correlation values are 0, and MAI and beat noise can be completely eliminated.

When the signal passes through the photodiode, the mixing of the target signal with the interfering signal causes signal-spontaneous beat noise \(\mathop \sigma \nolimits_{s - sp}^{{}}\), and spontaneous–spontaneous beat noise \(\mathop \sigma \nolimits_{sp - sp}^{{}}\). The shot noise \(\mathop \sigma \nolimits_{sh}\), thermal noise \(\sigma_{\text{th}}\) and dark current noise \(\sigma_{\text{d}}\) will also be considered here.

Hence, for legitimate user, the total noise variance for data “1” is

$$\mathop \sigma \nolimits_{1}^{2} = \mathop \sigma \nolimits_{sh1}^{2} + \mathop \sigma \nolimits_{s - sp1}^{2} + \mathop \sigma \nolimits_{sp - sp}^{2} + \mathop \sigma \nolimits_{th}^{2} + \mathop \sigma \nolimits_{d}^{2} .$$
(4)

The total noise variance for data “0” is

$$\mathop \sigma \nolimits_{0}^{2} = \mathop \sigma \nolimits_{sh0}^{2} + \mathop \sigma \nolimits_{s - sp0}^{2} + \mathop \sigma \nolimits_{sp - sp}^{2} + \mathop \sigma \nolimits_{th}^{2} + \mathop \sigma \nolimits_{d}^{2}$$
(5)

where \(\mathop \sigma \nolimits_{sh1}^{2} = 2e\left\{ {RG\mathop P\nolimits_{ 1} + R\mathop F\nolimits_{\text{n}} h\nu (G - 1)\mathop B\nolimits_{0} } \right\}\mathop B\nolimits_{e}\), \(\mathop \sigma \nolimits_{sh0}^{2} = 2e\left\{ {RG\mathop P\nolimits_{0} + R\mathop F\nolimits_{\text{n}} h\nu (G - 1)\mathop B\nolimits_{0} } \right\}\mathop B\nolimits_{e}\), \(\mathop \sigma \nolimits_{s - sp1}^{2} = 2\frac{{\mathop B\nolimits_{e} }}{{\mathop B\nolimits_{0} }}\mathop R\nolimits^{2} G\mathop P\nolimits_{1} \mathop P\nolimits_{ASE}\), \(\mathop \sigma \nolimits_{s - sp0}^{2} = 2\frac{{\mathop B\nolimits_{e} }}{{\mathop B\nolimits_{0} }}\mathop R\nolimits^{2} G\mathop P\nolimits_{0} \mathop P\nolimits_{ASE}\), \(\mathop \sigma \nolimits_{th}^{2} = \frac{{4\mathop k\nolimits_{B} T}}{{\mathop R\nolimits_{L} }}\mathop B\nolimits_{e}\), \(\mathop \sigma \nolimits_{d}^{2} = 2e\mathop I\nolimits_{d} \mathop B\nolimits_{e}\), \(\mathop \sigma \nolimits_{sp - sp}^{2} = \frac{{\mathop B\nolimits_{e} }}{{\mathop {\mathop B\nolimits_{0} }\nolimits^{2} }}\mathop {\left( {R\mathop P\nolimits_{ASE} } \right)}\nolimits^{2} (2B_{0} - B_{\text{e}} ).\)

Here, \(e\) is the electron charge, \(h\) is Planck’s constant, \(\nu\) is the incident light frequency, \(\mathop k\nolimits_{B}\) is Boltzmann constant, \(T\) is temperature, \(\mathop R\nolimits_{L}\) is load resistance and \(\mathop I\nolimits_{d}\) is dark current, \(\mathop P\nolimits_{ASE}\) is the spontaneous emission noise power generated by EDFA.

The average signals current for data “1” and “0” are

$$\mathop I\nolimits_{m1} = RG\mathop P\nolimits_{1} + R\mathop F\nolimits_{\text{n}} h\nu (G - 1)\mathop B\nolimits_{0}$$
(6)
$$\mathop I\nolimits_{m 0} = R\mathop F\nolimits_{\text{n}} h\nu (G - 1)\mathop B\nolimits_{0} .$$
(7)

Therefore, BER can be calculated by

$$BER = \frac{1}{2}erfc\left( {\frac{Q}{\sqrt 2 }} \right) \approx \frac{{\exp \left( {{{ - Q^{2} } \mathord{\left/ {\vphantom {{ - Q^{2} } 2}} \right. \kern-0pt} 2}} \right)}}{{Q\sqrt {2\pi } }}.$$
(8)

Here, \(Q = \frac{{\mathop I\nolimits_{m1} - \mathop I\nolimits_{m0} }}{{\mathop \sigma \nolimits_{1} + \mathop \sigma \nolimits_{0} }}\). \(erfc(\;)\) is complementary error function.

Assuming that Alice sends data “0” and “1” with the same probability, BER of Eve can be represented as

$$BER = \frac{ 1}{ 2}\left[ {p({0 \mathord{\left/ {\vphantom {0 1}} \right. \kern-0pt} 1}) + p({1 \mathord{\left/ {\vphantom {1 0}} \right. \kern-0pt} 0})} \right].$$
(9)

Here, p(0/1) indicates the error probability that the transmitted signal is “1” and the received signal is “0”, and p(1/0) indicates the error probability that the transmitted signal is “0” and the received signal is “1”.

For eavesdropper using non matching decoder, the cross-correlation value equals 1. Therefore, beat noise and MAI will exist in the receiver. For LA (N, K, M) code, it can be seen that

$$\xi = {{\left( {{{\left( {K \times K} \right)} \mathord{\left/ {\vphantom {{\left( {K \times K} \right)} N}} \right. \kern-0pt} N}} \right)} \mathord{\left/ {\vphantom {{\left( {{{\left( {K \times K} \right)} \mathord{\left/ {\vphantom {{\left( {K \times K} \right)} N}} \right. \kern-0pt} N}} \right)} {\mathop K\nolimits^{2} }}} \right. \kern-0pt} {\mathop K\nolimits^{2} }} = { 1\mathord{\left/ {\vphantom { 1N}} \right. \kern-0pt} N}.$$
(10)

The beat noise for data “1” is

$$\mathop \sigma \nolimits_{beat - 1}^{2} = 2k\xi \mathop {\left( {GR_{{P_{Eve} }} } \right)}\nolimits^{2} .$$
(11)

The beat noise for data “0” is

$$\mathop \sigma \nolimits_{beat - 0}^{2} = k(k - 1)\mathop \xi \nolimits^{2} \mathop {\left( {GR_{{P_{Eve} }} } \right)}\nolimits^{2} .$$
(12)

For coherent OCDMA based on LA (N, K, M), \(\mathop q\nolimits_{1}\) and \(\mathop q\nolimits_{0}\) are used to denote the probability that the cross-correlation values of the codes are “1” and “0” respectively, \(\mathop q\nolimits_{1} = {{\mathop K\nolimits^{2} } \mathord{\left/ {\vphantom {{\mathop K\nolimits^{2} } {2N}}} \right. \kern-0pt} {2N}}\), \(\mathop q\nolimits_{0} = 1 - \mathop q\nolimits_{1}\). The cross-correlation mean \(\mu\) and variance \(\mathop \sigma \nolimits^{2}\) are

$$\mu = {{\mathop K\nolimits^{2} } \mathord{\left/ {\vphantom {{\mathop K\nolimits^{2} } {2N}}} \right. \kern-0pt} {2N}}$$
(13)
$$\mathop \sigma \nolimits^{2} = \left( {1 - \left( {\frac{{\mathop K\nolimits^{2} }}{2N}} \right)} \right)\left( {\frac{{\mathop K\nolimits^{2} }}{2N}} \right).$$
(14)

Therefore, the variance of MAI is

$$\mathop \sigma \nolimits_{MAI}^{2} = k\mathop \sigma \nolimits_{MAI - 0}^{2} \mathop {\left( {GR_{{P_{Eve} }} } \right)}\nolimits^{2} .$$
(15)

Here, \(\mathop \sigma \nolimits_{MAI - 0}^{2}\) is the variance of a single interfering signal, \(\mathop \sigma \nolimits_{MAI - 0}^{2} = \left( {1 - \left( {\frac{{\mathop K\nolimits^{2} }}{2N}} \right)} \right)\left( {\frac{{\mathop K\nolimits^{2} }}{2N}} \right)\).

For user data “1” and “0”, the total noise variance for Eve is

$$\mathop \sigma \nolimits_{E1}^{2} = \mathop \sigma \nolimits_{sh1}^{2} + \mathop \sigma \nolimits_{s - sp1}^{2} + \mathop \sigma \nolimits_{sp - sp}^{2} + \mathop \sigma \nolimits_{th}^{2} + \mathop \sigma \nolimits_{d}^{2} + \mathop \sigma \nolimits_{MAI}^{2} + \mathop \sigma \nolimits_{beat - 1}^{2} .$$
(16)
$$\mathop \sigma \nolimits_{E0}^{2} = \mathop \sigma \nolimits_{sh0}^{2} + \mathop \sigma \nolimits_{s - sp0}^{2} + \mathop \sigma \nolimits_{sp - sp}^{2} + \mathop \sigma \nolimits_{th}^{2} + \mathop \sigma \nolimits_{d}^{2} + \mathop \sigma \nolimits_{MAI}^{2} + \mathop \sigma \nolimits_{beat - 0}^{2} .$$
(17)

Similarly, according to Eq. (8), BER of Eve can be calculated.

For coherent OCDMA based on 127 Gold code, there are also MAI and beat noise. The \(\xi\) value of 127 Gold code is \(\xi \approx 1 /\mathop N\nolimits_{chip} = 1 /127\). The calculation method of MAI for 127 Gold code was elaborated in Wang and Kitayama (2004).

4 Results and discussion

4.1 Bit error rate

In quasi-synchronous coherent OCDMA wiretap channel employing LA (156, 8, 16), simulation parameters for Matlab is listed in Table 1.

Table 1 Simulation parameters
Full size table

Figure 2 is the BER performance of the coherent OCDMA system based on LA (156, 8, 16) code and 127 Gold code, when the eavesdropper extraction ratio is 0.1% and the extraction distances are 5, 20, 50 km respectively. It can be seen from Fig. 2 a–c that, for legitimate user, BER of LA code is independent of the number of users and the extraction distances, and is only related to the extraction ratio of Eve. However, BER of 127 Gold code is dependent on the number of users, and it deteriorates as the number of users increases. For eavesdropping user, when extraction ratio is 0.1%, regardless of the system using LA (156, 8, 16) code or 127 Gold code, BER of Eve increases as the number of users increases. Compared with 127 Gold code, BER of LA (156, 8, 16) code is higher than that of Gold code. For example, when extraction distance is 50 km and the number of users is 3, BER of LA (156, 8, 16) code is 0.4963, while BER of 127 Gold code is 0.4931. Therefore, LA code can improve the physical-layer security and reliability simultaneously.

Fig. 2
figure 2

BER performance with extraction ratio 0.1%. a BER of legitimate user (5 km), b BER of legitimate user (20 km), c BER of legitimate user (50 km), d BER of eavesdropper, extraction location 5 km, e BER of eavesdropper, extraction location 20 km, f BER of eavesdropper, extraction location 50 km

Full size image

4.2 Secrecy capacity

The secrecy capacity is defined as the difference between main channel capacity and eavesdropping channel capacity. Secrecy capacity is the largest rate at which an eavesdropper gains no information about the message. If the non-zero security capacity exists, the main channel is superior to the eavesdropping channel.

Assuming that Alice sends data “0” and “1” with the same probability and the optimal decision threshold is used, the eavesdropping channel model can be simplified as a binary symmetric discrete channel. Assuming that \(\varepsilon\) is the eavesdropping channel transition probability, Eve’s channel capacity can be calculated by

$$\mathop C\nolimits_{XZ} = 1 - \left[ { - (1 - \varepsilon )\log (1 - \varepsilon ) - \varepsilon \log \varepsilon } \right].$$
(18)

Similarly, assuming that \(\tau\) is BER of legitimate user, channel capacity of the main channel is

$$\mathop C\nolimits_{XY} = 1 - \left[ { - (1 - \tau )\log (1 - \tau ) - \tau \log \tau } \right].$$
(19)

Secrecy capacity can be obtained by

$$C = \upsilon \times ({\text{k}} + 1)\left\{ {\mathop C\nolimits_{XY} - \mathop C\nolimits_{XZ} } \right\}.$$
(20)

Here, \(\upsilon = 1\;{\text{Gbit/s}}\), is the single-user transmission rate.

Figures 3, 4 and 5 is secrecy capacity of LA (156, 8, 16) code and 127 Gold code at different extraction ratio and same extraction distance. As can be seen from Figs. 3, 4 and 5, when the number of users is small, the secrecy capacity of the LA code and the Gold code are almost the same. But when the number of users is more than 4, the secrecy capacity of LA code is obviously better than that of Gold code. For example, when the extraction ratio of eavesdropper is 1%, extraction distance is 5 km and the number of users is 4, the secrecy capacity of LA (156, 8, 16) code is 3.99 × 109 bit/s, and the secrecy capacity of 127 Gold code is 3.98 × 109 bit/s. When the number of users is 8, the secrecy capacity of LA (156, 8, 16) code is 8 × 109 bit/s, and the secrecy capacity of 127 Gold code is 7.4 × 109 bit/s. The reason is that, as long as the relative delay between users is controlled in the range of the zero correlation zone, BER of legitimate user with LA code is independent of the number of users. That is, the single legitimate channel remains unchanged. However, BER of legitimate user with Gold code is related to the number of users. When the number of users increases, the BER of legitimate users becomes larger, and the legitimate channel capacity becomes smaller.

Fig. 3
figure 3

Secrecy capacity of LA code and Gold code at different extraction ratio (5 km). a Extraction ratio 0.1% and extraction location 5 km, b extraction ratio 1% and extraction location 5 km

Full size image
Fig. 4
figure 4

Secrecy capacity of LA code and Gold code at different extraction ratio (20 km). a Extraction ratio 0.1% and extraction location 20 km, b extraction ratio 1% and extraction location 20 km

Full size image
Fig. 5
figure 5

Secrecy capacity of LA code and Gold code at different extraction ratio (50 km). a Extraction ratio 0.1% and extraction location 50 km, b extraction ratio 1% and extraction location 50 km

Full size image

4.3 Security leakage factor

When the transmitter chooses to communicate at the main channel capacity, the secrecy capacity cannot be evaluated as a parameter for physical layer security. Here, we use security leakage factor to evaluate the physical-layer security of OCDMA system. Security leakage factor \(\eta\) is defined as the ratio of the Eve’s channel capacity to the source entropy \(H(X)\)

$$\eta = \frac{{\mathop C\nolimits_{XZ} }}{H(X)} \times 100\% .$$
(21)

According to the definition of security leakage factor, the smaller the security leakage factor is, the better the security performance of the system’s physical layer.

Figures 6, 7 and 8 are the security leakage factors for LA (156, 8, 16) code and 127 Gold code, when extraction ratios of the Eve are 0.1, 0.5 and 1% respectively, and extracts distances from 5 to 50 km respectively. The security leakage factor is reduced as the number of users increases. However, the security performance of LA code is always better than that of Gold code. For example, when the extraction ratio of Eve is 1%, the extraction distance is 5 km and the number of users is 3, the security leakage factor of the LA (156, 8, 16) code is 0.0083%, while the security leakage factor of 127 Gold code is 0.375%.

Fig. 6
figure 6

Security leakage factor of LA (156, 8, 16) code and 127 Gold code (extraction ratio 0.1%). a extraction location at 5 km, b extraction location at 50 km

Full size image
Fig. 7
figure 7

Security leakage factor of LA (156, 8, 16) code and 127 Gold code (extraction ratio 0.5%). a extraction location at 5 km, b extraction location at 50 km

Full size image
Fig. 8
figure 8

Security leakage factor of LA (156, 8, 16) code and 127 Gold code (extraction ratio 1%). a extraction location at 5 km, b extraction location at 50 km

Full size image

5 Conclusion

Because of the MAI and beat noise, the reliability, capacity and physical-layer security of asynchronous coherent time-spreading OCDMA system will degrade. To further enhance the physical-layer security and system capacity of coherent OCDMA systems, a quasi-synchronous coherent time-spreading OCDMA Wiretap Channel is proposed. The influences of the extraction location, the extraction ratio, the number of active users on the physical-layer security are investigated quantitatively.

For legitimate users employing LA (156, 8, 16) code and 127 Gold code, BER of LA code is lower than that of Gold code. However, for eavesdropping user, the BER of LA code is higher than that of Gold code. When the number of users is small, the secrecy capacity of LA code and the Gold code is almost identical. But when the number of users exceeds 4, the secrecy capacity of LA code is obviously higher than the secret capacity of Gold code. The security leakage factor decreases slowly with the increase of the number of users, with the security leakage factor of LA code lower than the security leakage factor of Gold code. Therefore, the proposed scheme can improve the physical-layer security and reliability simultaneously.