Key Distribution Scheme for Optical Fiber Channel Based on SNR Feature Measurement

: With the increase in the popularity of cloud computing and big data applications, the amount of sensitive data transmitted through optical networks has increased dramatically. Further-more, optical transmission systems face various security risks at the physical level. We propose a novel key distribution scheme based on signal-to-noise ratio (SNR) measurements to extract the ﬁngerprint of the ﬁber channel and improve the physical level of security. The SNR varies with time because the ﬁber channel is affected by many physical characteristics, such as dispersion, polarization, scattering, and ampliﬁer noise. The extracted SNR of the optical ﬁber channel can be used as the basis of key generation. Alice and Bob can obtain channel characteristics by measuring the SNR of the optical ﬁber channel and generate the consistent key by quantization coding. The security and consistency of the key are guaranteed by the randomness and reciprocity of the channel. The simulation results show that the key generation rate (KGR) can reach 25 kbps, the key consistency rate (KCR) can reach 98% after key post-processing, and the error probability of Eve’s key is ~50%. In the proposed scheme, the equipment used is simple and compatible with existing optic ﬁber links.


Introduction
With the sharp increase in the speed and distance of optical communications, optical networks have become more accessible; accordingly, more threats and higher risks may be posed. A reliable key distribution system is required to solve this problem and ensure communication security. Traditional public key-based key distribution security primarily depends on the complexity of an algorithm, such as the RSA algorithm [1,2]. However, traditional cryptography is susceptible to the rapid progress of hardware and algorithms. The robustness of these algorithms faces severe challenges with the development of computer systems, especially quantum computers [3,4]. Quantum key distribution (QKD) is theoretically considered as the only solution to guarantee absolute security at the physical level [5][6][7][8]. However, QKD requires highly sensitive optical detection equipment instead of optical amplifiers. Therefore, it is still challenging to realize QKD at longer distances and higher key rates.
A promising and cost-effective approach is to take advantage of the unpredictable and random characteristics of the transmission channel to convert the random characteristics of the environment into a secure key. In this approach, the key is only highly correlated to the legitimate users (Alice and Bob), but not to the signal being eavesdropped on by Eve. This idea has already been put into practice in wireless and fiber-optic communications systems. In a wireless communication system, for key generation, the random fading effects of the wireless channel are utilized [9,10], such as received signal strength, channel impulse response, and frequency phase in key distribution schemes [11,12].
Unlike wireless communication, the optic fiber links have stronger resistance to environmental disturbance. The proposed method achieves the implementation of a classical physical layer secure key distribution (SKGD) with unique fiber characteristics, which extracts the key from the fiber channel characteristics. For the key distribution scheme based on chaotic synchronization, the security has been improved [13,14], but it is incompatible with the existing optic fiber link configuration, and the key distribution distance is short. The SKGD scheme based on the unique characteristics of the physical layer has the advantages of high security, low cost, and a simple structure. The polarization mode dispersion (PMD) depends on the birefringence distribution in instantaneous space [15][16][17][18] and fluctuates randomly in the link, providing a random source for key generation. Eve close to the legitimate party can easily cause information disclosure because the PMD can only produce a favorable effect when the distance is long enough. Based on the key distribution scheme of the optical fiber interferometer [19,20], the interferometer is exposed to the public and vulnerable to active intrusion attacks. As a result, other solutions that can guarantee high security and easy implementation have not been fully explored.
Recently, researchers have proposed a key generation scheme based on the bit error rate (BER) measurement of physical channel characteristics [21,22]. The scheme takes advantage of the physical channel's randomness to ensure the security of the key and does not change the structure of the existing optic fiber link. However, this scheme requires a high BER in order for the normal transmission to be affected. We propose a key distribution measurement scheme based on the SNR characteristics of the physical layer of the optical fiber channel without affecting the normal transmission. The combination of key distribution and encryption transmission is realized by simulation. The final KGR can reach 25 kbps, and the KCR can reach 98%. Fingerprint SNR is used as the random source of key extraction in the system, and the uniqueness of the fiber channel ensures the high security of the generated key.

Channel Model
As shown in Figure 1, the signal sent by the legitimate client Alice is A n , while the legitimate receiver Bob receives the signal sequence B n . The eavesdropping signal obtained by Eve is E n . The legitimate receiver obtains the SNR by comparing the signal from the receiver with that from the transmitter. According to information theory, the mutual information between Eve and Alice as Equation (1) should be as small as possible for reliable transmission. Eve cannot correctly obtain Alice's key information, indicating that the key of communication negotiation is secure when I(A n ; E n ) → 0 .
The keys generated by Alice, Bob, and Eve are , respectively, to achieve the security of the physical layer. Assuming that the coefficient of key consistency ε is large enough for n to satisfy the following relation, the system is secure [9,23].
In the best case, the key consistency rate approached in Equation (2) indicates that the completion of the key generated by Alice and Bob is consistent. Equation (3) indicates that Eve receives the information irrespective of the key generated by the legitimate. The maximum security key capacity is shown in Equation (4). The key capacity is C AB when the communication between legitimate parties is normal, and the generated key capacity is C AE when Eve eavesdrops. The maximum value C K is obtained by subtracting C AE from C AB .
The security capacity C K > 0 under the Gaussian Tap channel is shown in Equation (5), where p is the power of the signal, and σ i (i = 1, 2) are, respectively, the noise variance of Bob and Eve stealing channels in the normal transmission main channel. maximum security key capacity is shown in Equation (4). The key capacity is A B C when the communication between legitimate parties is normal, and the generated key capacity is when Eve eavesdrops. The maximum value K C is obtained by subtracting [ ] m a x [ I ( ; ) I ( ; ) ] The security capacity 0 K C > under the Gaussian Tap channel is shown in Equation    Figure 2 shows the proposed key generation scheme based on the SNR measurement in the optical fiber loop. Due to the changes in temperature, external stress, and physical parameters, the measured SNR fluctuates randomly. Specific physical layer channel features are extracted as follows: Alice and Bob simultaneously measure the SNR parameter changes in the fiber loop. Data from Alice and Bob are transmitted in the fiber loop link through time-division multiplexing. Alice and Bob occupy different time slots, i.e., even and odd symmetric time slots, respectively. First, Alice generates random data and random ground state C A through a PRNG. Afterwards, the DSP module of the transmitter generates the signal D AB from the signal D A and the ground state C A . The signal D AB reaches the Bob terminal after transmission in the optical fiber. Bob's DSP module processes the received signal with a random ground state C B to generate the data D AB . After the data D AB signal is transmitted in the optical fiber, the signal N AB with channel noise reaches Alice. The receiver's DSP module generates data D ABA based on the received signal D AB and random ground state C A . The SNR performance of the fiber loop can be obtained by comparing the data D A with D ABA . Similarly, Bob can measure the fiber loop simultaneously to acquire the SNR change rate of the fiber loop backlink.

Key Evaluation Index
In this paper, the SNR as the channel physical layer feature is introduced to evaluate the system performance. The calculation of the SNR is shown as follows: The bit resolution of signal quantization is N, the quantization noise variance is

Key Evaluation Index
In this paper, the SNR as the channel physical layer feature is introduced to evaluate the system performance. The calculation of the SNR is shown as follows: The bit resolution of signal quantization is N, the quantization noise variance is σ 2 e , and the signal's power is σ 2 s . The expression of SNR is shown in Equation (6) [24]. SNR = 10 log 10 σ 2 s σ 2 e = 6.02N + 10.79 + 10 log 10 σ 2 s (dB) Alice and Bob obtain the SNR through the loopback measurement and then quantize it to generate the key. As presented in Equation (7), ave is the average value of the SNR, and α q is the quantization coefficient.
KGR is the number of keys generated in a period divided by the test time. The details are shown in Equation (8).
R is the signal transmission rate of 10 Gb/s, and N is the segment length of the received signal. Moreover, α q denotes the outliers during quantization corresponding to the number of key bits generated after each symbol is quantized as 0.3, and ξ is the discarding rate of privacy amplification (i.e., bit rate discarded in privacy amplification).
The KCR is the consistency rate of the key generated by Alice and Bob, and the partition length of the key is N , as shown in Equation (9).
The key error rate (KER) is the error rate of the key generated by Alice and Eve, as shown in Equation (10).

Key Generation Process
The key quantization optimization process is shown in Figure 3. Alice and Bob extract channel characteristics of the SNR, quantify and code to generate the key, and generate the key with excellent consistency and security after post-processing. The specific steps are as follows: Step 1: Bob calculates the channel's SNR through loopback measurements; Step 2: The characteristic information SNR is quantized to generate a consistency key by encoding. The specific steps are shown in Equation (2); Step 3: The key's consistency is judged, and the consistency factor is set as ε = 0.95. If KCR > ε, it will proceed to the next step; otherwise, the quantization factor α q will be updated and it will go back to the beginning; Step 4: After the key is post-processed, Bob transmits the quantization coefficient α q and consistency factor ε to Alice through the public channel; Step 5: To increase the security of the generated key, data with length 0 or length 1 are discarded, and the key sequence KB with good randomness and consistency is obtained; Step 6: Bob shares the optimized parameters α q and ε with Alice, and Alice generates the key sequence KA in the same way.
Step 4: After the key is post-processed, Bob transmits the quantization coefficient q and consistency factor ε to Alice through the public channel; Step 5: To increase the security of the generated key, data with length 0 or length 1 are discarded, and the key sequence KB with good randomness and consistency is obtained; Step 6: Bob shares the optimized parameters q α and ε with Alice, and Alice generates the key sequence KA in the same way.

Key Distribution Simulation Platform Setup
As shown in Figure 4, the data transmission rate of the scheme is 10 Gbps, the optic fiber link is 200 km, the laser transmitting power is 1 mW, and the wavelength is 1550 nm. The sending process of the scheme is as follows: Firstly, Alice obtains the orthogonal frequency division multiplexing signal encrypted by quantum noise stream through DSP processing. Next, the signal is converted from digital to analogue through the arbitrary

Key Distribution Simulation Platform Setup
As shown in Figure 4, the data transmission rate of the scheme is 10 Gbps, the optic fiber link is 200 km, the laser transmitting power is 1 mW, and the wavelength is 1550 nm. The sending process of the scheme is as follows: Firstly, Alice obtains the orthogonal frequency division multiplexing signal encrypted by quantum noise stream through DSP processing. Next, the signal is converted from digital to analogue through the arbitrary waveform generator (AWG), and the electrical signal is modulated onto an optical carrier using an I/Q modulator. The signal amplified by erbium-doped fiber amplifier (EDFA) enters the optic fiber link to Bob's terminal. It is demodulated by the coherent receiver and sampled by a 20 GSa/s oscilloscope (OSC). Bob converts the signal to analogue through AWG and then modulates it to the optical carrier using the I/Q modulator. After passing through the amplifier and optic fiber link, Alice's coherent receiver carries out coherent demodulation on the signal. The demodulated data are sent to an OSC for sampling (sampling rate = 20 GSa/s). Finally, Alice performs DSP processing on the sampled signal. There are simulation-specific parameters, as listed in Table 1. waveform generator (AWG), and the electrical signal is modulated onto an optical carrier using an I/Q modulator. The signal amplified by erbium-doped fiber amplifier (EDFA) enters the optic fiber link to Bob's terminal. It is demodulated by the coherent receiver and sampled by a 20 GSa/s oscilloscope (OSC). Bob converts the signal to analogue through AWG and then modulates it to the optical carrier using the I/Q modulator. After passing through the amplifier and optic fiber link, Alice's coherent receiver carries out coherent demodulation on the signal. The demodulated data are sent to an OSC for sampling (sampling rate = 20 GSa/s). Finally, Alice performs DSP processing on the sampled signal.
There are simulation-specific parameters, as listed in Table 1.

Random Analysis
The National Institute of Standards and Technology (NIST) random test results of key sequences are illustrated in Figure 5a to evaluate the randomness of key bits. We randomly selected a set of keys from the key sequence as the key test sequence, and 10 NIST sub-tests [25]. The return threshold of all 10 of the NIST sub-tests is above 0.99, which indicates that the key sequence has true randomness. In addition, for some tests that return multiple thresholds, we only give the minimum value. Figure 5b describes the 0/1 ratio performance of Alice and Bob's key bits as a function of the SNR sampling interval. Alice quantifies the key to receive the 0, 1 key. The noise sources, such as laser, optical amplifier, and physical fiber parameters, determine the randomness of the fiber channel. Consequently, the probability of keys 0 and 1 fluctuates around 0.5, further verifying the key's randomness.

Consistency Analysis
Key consistency comes from precise channel reciprocity, so Alice and Bob share a highly related key source. According to the physical characteristics of the reciprocity of the channel, a consensus key is generated. The reciprocity of the channel mainly improves the consistency of the key. The metric characteristic of the channel generated by the key is the SNR. As shown in Figure 6a, the KGR of the system first increases and then decreases. With the increase in the SNR sampling interval, the calculation of BER requires more data bits, leading to the decrease in the KGR. When the sampling time is 2 μs, the maximum KGR is 25 kbps. The amount of data obtained at each sampling point is relatively insignificant when the sampling interval is very small, leading to a relatively severe miscalculation of SNR. Therefore, the SNR values calculated by Alice and Bob are inconsistent, which affects the KGR. When the sampling interval is large, the SNR value calculated within the same amount of time is relatively small, leading to a relatively low KGR rate. Therefore, it is necessary to set a reasonable sampling interval to obtain a relatively high KGR. It is obvious that faster fluctuation of channels corresponds to a smaller sampling interval, thus extracting more channel feature and generating more secret keys.
In Figure 6b, red represents the sampling value measured by Alice, and green characterizes the sampling value measured by Bob. It is evident that the change curves of Alice

Consistency Analysis
Key consistency comes from precise channel reciprocity, so Alice and Bob share a highly related key source. According to the physical characteristics of the reciprocity of the channel, a consensus key is generated. The reciprocity of the channel mainly improves the consistency of the key. The metric characteristic of the channel generated by the key is the SNR. As shown in Figure 6a, the KGR of the system first increases and then decreases. With the increase in the SNR sampling interval, the calculation of BER requires more data bits, leading to the decrease in the KGR. When the sampling time is 2 µs, the maximum KGR is 25 kbps. The amount of data obtained at each sampling point is relatively insignificant when the sampling interval is very small, leading to a relatively severe miscalculation of SNR. Therefore, the SNR values calculated by Alice and Bob are inconsistent, which affects the KGR. When the sampling interval is large, the SNR value calculated within the same amount of time is relatively small, leading to a relatively low KGR rate. Therefore, it is necessary to set a reasonable sampling interval to obtain a relatively high KGR. It is obvious that faster fluctuation of channels corresponds to a smaller sampling interval, thus extracting more channel feature and generating more secret keys. tion reduces, so the key consistency quantized by Alice and Bob is enhanced. The extracted keys can be subjected to off-line DSP to eliminate the influence of the inconsistency between the two key sequences of Alice and Bob.  More extensive data are needed to calculate the SNR required to increase the KCR at both ends, because the longer the data, the more stable the SNR and the higher the KCR. If the selected data are too long, the KGR for generating the key decreases, in that the calculated SNR drops for extensive data. Therefore, a reasonable SNR measurement interval should be selected to strike a balance between the KCR and the KGR.

Security Analysis
As shown in Figure 8a, the measured SNR value for Alice and Bob is approximately 10, while Eve's SNR is around −30. Alice and Bob loop back the measurement, and they know the initial key to decrypt the signal. Eve can only intercept information from the optical fiber without the initial key, so the SNR is low.
As shown in Figure 8b, Eve quantifies the key for SNR and Alice, then she obtains the key for comparison. The error rate of receiving the key is about 50%, so Eve cannot obtain the correct key. Moreover, the correlation coefficient between Alice and Eve is 0.02 cc = , indicating that the key generated by the system has superior security. Alice and Eve's SNR is not the same, since Eve measures the SNR through different equipment and In Figure 6b, red represents the sampling value measured by Alice, and green characterizes the sampling value measured by Bob. It is evident that the change curves of Alice and Bob almost coincide, and the curve consistency is significant since they simultaneously measure the same fiber. As a result, we quantize the sample value to one and zero when it is greater and less than the mean, respectively. In addition, if the sample value is near the mean, we discard the data.
Furthermore, the KGR changes when varying the transmission power, sampling interval, and system's laser power. The signal transmission rate is altered to extract more channel features, and the KGR increases when the transmission rate is relatively low. However, the KGR does not increase and tends to be stable when the transmission rate increases to a certain extent. The sampling interval is varied to find the maximum KGR from different sampling intervals. At this time, the change in the KGR should be non-linear to determine the suitable KGR.
As shown in Figure 7, the relationship between the length of the selected data and the consistency is direct. The smaller the data block length is, the worse the key consistency is. By quantifying the SNR, the consistency of the initial keys obtained by Alice and Bob is as above. The SNR interval gradually increases with key consistency, and the obtained key consistency rate reaches 98% when the SNR interval is greater than 1.4 µs. As the SNR measurement interval increases, the error curve is smoother, and the fluctuation reduces, so the key consistency quantized by Alice and Bob is enhanced. The extracted keys can be subjected to off-line DSP to eliminate the influence of the inconsistency between the two key sequences of Alice and Bob.
More extensive data are needed to calculate the SNR required to increase the KCR at both ends, because the longer the data, the more stable the SNR and the higher the KCR. If the selected data are too long, the KGR for generating the key decreases, in that the calculated SNR drops for extensive data. Therefore, a reasonable SNR measurement interval should be selected to strike a balance between the KCR and the KGR.  More extensive data are needed to calculate the SNR required to increase the KCR at both ends, because the longer the data, the more stable the SNR and the higher the KCR. If the selected data are too long, the KGR for generating the key decreases, in that the calculated SNR drops for extensive data. Therefore, a reasonable SNR measurement interval should be selected to strike a balance between the KCR and the KGR.

Security Analysis
As shown in Figure 8a, the measured SNR value for Alice and Bob is approximately 10, while Eve's SNR is around −30. Alice and Bob loop back the measurement, and they know the initial key to decrypt the signal. Eve can only intercept information from the optical fiber without the initial key, so the SNR is low.
As shown in Figure 8b, Eve quantifies the key for SNR and Alice, then she obtains the key for comparison. The error rate of receiving the key is about 50%, so Eve cannot obtain the correct key. Moreover, the correlation coefficient between Alice and Eve is 0.02 cc = , indicating that the key generated by the system has superior security. Alice and Eve's SNR is not the same, since Eve measures the SNR through different equipment and

Security Analysis
As shown in Figure 8a, the measured SNR value for Alice and Bob is approximately 10, while Eve's SNR is around −30. Alice and Bob loop back the measurement, and they know the initial key to decrypt the signal. Eve can only intercept information from the optical fiber without the initial key, so the SNR is low. lines from Alice and Bob. The SNR is a variable that can be used to negotiate keys to ensure the generated keys are unique.

Conclusions
In this paper, a key generation scheme based on the SNR characteristic of the optical fiber channel's physical layer is proposed. In the scheme, the rate of SNR change is obtained using loopback measurements, and the changed SNR is compared with the threshold system to judge whether the system is attacked and the legitimate equipment can be correctly authenticated. If Eve launches an active attack on the system, it impacts the security and reliability of the generated key. Therefore, we can use physical layer authentication for intrusion detection. The simulation results show that the KGR can reach 25 kbps, and the KCR can reach 98%. The correlation coefficient of BER measurement samples of Alice and Eve is relatively low. The correlation coefficient = 0.02 and the KER of Eve is only 50%, indicating that this system has high security. Due to the physical characteristics of using the SNR as a key distribution scheme, normal communication requirements can be guaranteed to set the SNR values. The scheme can be used together with other security methods in the higher network layer, to enhance communication security and withstand active intrusion attacks. It has excellent application value and is suitable for popularization. As shown in Figure 8b, Eve quantifies the key for SNR and Alice, then she obtains the key for comparison. The error rate of receiving the key is about 50%, so Eve cannot obtain the correct key. Moreover, the correlation coefficient between Alice and Eve is cc = 0.02, indicating that the key generated by the system has superior security. Alice and Eve's SNR is not the same, since Eve measures the SNR through different equipment and lines from Alice and Bob. The SNR is a variable that can be used to negotiate keys to ensure the generated keys are unique.

Conclusions
In this paper, a key generation scheme based on the SNR characteristic of the optical fiber channel's physical layer is proposed. In the scheme, the rate of SNR change is obtained using loopback measurements, and the changed SNR is compared with the threshold system to judge whether the system is attacked and the legitimate equipment can be correctly authenticated. If Eve launches an active attack on the system, it impacts the security and reliability of the generated key. Therefore, we can use physical layer Photonics 2021, 8, 208 9 of 10 authentication for intrusion detection. The simulation results show that the KGR can reach 25 kbps, and the KCR can reach 98%. The correlation coefficient of BER measurement samples of Alice and Eve is relatively low. The correlation coefficient cc = 0.02 and the KER of Eve is only 50%, indicating that this system has high security. Due to the physical characteristics of using the SNR as a key distribution scheme, normal communication requirements can be guaranteed to set the SNR values. The scheme can be used together with other security methods in the higher network layer, to enhance communication security and withstand active intrusion attacks. It has excellent application value and is suitable for popularization.