**3. Security and performance tradeoffs**

In security environments, it is believed that an inherent tradeoffs between networks performance and security are existed which lead many network designers to seek a balance between both of them . Depending on the confidentiality measurement required between communicating networks, different sets of optimizations can be considered (Jin-Hee & Ing-Ray 2005). In (Wolter & Reinecke 2010), the relationship of performance and security has been investigated in model-based evaluation. Their approach is illustrated based on the premise that there are significant similarities between security and reliability.

The combination of security and performance poses interesting tradeoffs that have high relevance especially in modem systems that are subject to requirements in areas, performance and security. In this chapter, ensuring confidentiality against eavesdropper interception strategies for optical CDMA is conducted to investigate limitations and tradeoffs between security and performance.

Using the modeling approximations of (Shake 2005b), per signature chip SNR of the eavesdropper is related to the per data bit signal-to-noise ratio (SNR) of the user by the following relationship :

$$\frac{E\_{col}}{N\_{0cd}} = \sigma \left(\frac{1}{\mathcal{W}}\right) \left(\frac{1}{1 - \frac{M\_A}{M\_T}}\right) \left(\frac{E\_u}{N\_{0u}}\right)\_{sp\infty} \tag{1}$$

W is the code weight of the code being used, *MT* is the maximum theoretical number of simultaneous users at a specified maximum BER, *Eu* / *N ou* is the required user SNR (per data bit) to maintain the specified BER, *MT* is the actual number of simultaneous users supported, and *Eea* / *Noed* is the eavesdropper's effective SNR per code chip. Where *a*  represents several system design parameters as following:

$$
\sigma = \left(\frac{e\_t n\_\mu}{\alpha\_{cd} e\_\mu}\right) \tag{2}
$$

In this equation, *et* is the eavesdropper's fiber tapping efficiency, *nu* is the number of taps in the broadcast star coupler that distributes user signals, *a ed* is the ratio of the eavesdropper's receiver noise density to the authorized user's receiver noise density, *eu* is the authorized user receiver's multichip energy combining efficiency. Figure (5) shows the effect of combining multiple code pulses for both coherent and incoherent detection schemes. The eavesdropper is assumed to use a receiver that is equal in sensitivity to the authorized user's receiver ( *a ed* = 1). It is assumed that the total number of taps in the star coupler, shown in figure (4), is *nu=* 100 with a tapping efficiency of *et=* 0.01. Since, *eu* is equal to one and between zero and one for coherent and incoherent detection respectively (Mahafza & Elsherbeni 2003 ), coherent detection with combining signals shows better confidentiality than the incoherent one.

Fig. 5. Effect of combining multiple code pulses for both coherent and incoherent detection schemes

#### **4. Performance analysis**

Spectral amplitude coding optical CDMA systems using codes, which have code properties with low in-phase cross correlation, can eliminate the interference signals such as Msequence (Peterson et al. 1995), Hadamard (Zou,Ghafouri-Shiraz et al. 2001), modified double weight (MOW) (Aljunid et al. 2004), and modified quadratic congruence (MQC) (Zou,Shalaby et al. 2001) codes. However, as broad -band thermal sources are used in such system, the phase-induced intensity noise (PIIN) that is due to the intensity fluctuation of thermal source severely affects the system performance (Smith et al. 1998). Commonly, these codes are represented by (N, w, >.) notation where N, w, and A are code length, code weight, and in-phase cross correlation, respectively.

The establishment of MQC codes was proposed in (Zou,Shalaby et al. 2001). The proposed code families with the odd prime number p > 1 and represented by (p2+p, p+l, 1), have the following properties:


According to (Zou,Shalaby et al. 2001), MQC code families can be constructed in two steps as following:

Step 1: Let GF (p) represents a finite field of p elements. A number sequence y (k) is assembled with elements of GF (p) over an odd prime by using the following expre;Jon:

$$y\_{\alpha,\beta}(k) = \begin{cases} d[(k+\alpha)^2 + \beta] \pmod{p}, k = 0, 1, \dots, p-1\\ [\alpha+b] \pmod{p}, k = p \end{cases} \tag{3}$$

where d E {O, 1, 2, ... , p-1} and b, a,~ E {O, 1, 2, ... , p-1}.

Step 2: a sequence of binary numbers *s* (i) is constructed based on each generated number *a,p*  sequence y (k) by using the following mapping method: *a.p* 

$$\mathbf{s}\_{\boldsymbol{\alpha}\_{\boldsymbol{\alpha},\boldsymbol{\beta}}}(\mathbf{i}) = \begin{cases} 1, \text{if} = k\boldsymbol{p} + \boldsymbol{y}\_{\boldsymbol{\alpha},\boldsymbol{\beta}}(\mathbf{k})\\ 0, \text{otherwise} \end{cases} \tag{4}$$

where i = 0, 1, 2, ... , p2+p-1, k = Li/ pJ. Here, LxJ defines the floor function of x.

Table 2 shows MQC basic code matrix for p = 3. Thus, the code length N = 12, code weight w = 4, and in-phase cross correlation is 1. The upper bound of the number of codes that can be produced is p2 = 9 code sequences.

In the analysis of spectral-amplitude coding system, PIIN, shot noise and thermal noise are three main noises that should be taken into consideration. To simplify the analysis, the distribution of intensity noise and shot noise are approximated as Gaussian for calculating the bit-error-rate (BER). The analysis performance of optical CDMA system based on MQC codes in the existence of PUN, the photodiode shot noise and the thermal noise are presented in (Zou,Shalaby et al. 2001). Based on the complementary detection scheme the average signal to noise ratio has been expressed as:

$$\text{SNR} = \frac{I^2\_{\text{Data}}}{\left\{I^2\_{\text{Total noise}}\right\}} \tag{5}$$

$$\left.I\right|\_{Data}^2 = \frac{\Re^2 P\_{\text{gr}}^2}{p^2} \tag{6}$$

P5, is the effective power of a broadband source at the receiver and \R is the photodiode responsivity.

And


Table 2. MQC basic code matrix for p = 3

Then,

$$SNR = \frac{\frac{n^2 p\_{\rm IF}^2}{p^2}}{\frac{p\_{\rm IF} \times 9 \text{ N}}{N} \left[p - 1 + 2K\right] + \frac{p\_{\rm IF}^2 \cdot 90^2 K}{2 \cdot 4 \cdot \nu p^2} \left[\frac{(K - 1)}{p} + p + K\right] + \frac{4K\_0 T\_R B}{k\_L}} \tag{8}$$

Where e is the electron's charge, B is the noise-equivalent electrical bandwidth of the receiver, 6v = 3.75 THz is the optical source bandwidth in Hertz, *Kb* is the Boltzmann's constant, Tn = 300K is the absolute receiver noise temperature, and RL = 1030 Q is the receiver load resistor.

Using Gaussian approximation, BER can be expressed as:

$$BER = P\_{c\_{\parallel}} = \frac{1}{2} \operatorname{erfc} \left( \sqrt{\frac{SNR}{8}}^{}{}\right) \tag{9}$$

The system performance is shown in figure (6) for different MQC code size for two data rates. Data rate of 155 Mb/s shows good performance compared to 622 Mb/s. In communication systems, there is a trade-off between data bit rate and the provided system number of channels. Data bit rate x sequence code length = encoded chip rate. Generally, in optical CDMA analysis, in order to reduce the MAI limitations the data bit rate should be reduced . Increasing the bit rate will decrease the required average SNRs to maintain low BERs values, making the signal to be more sensitive to fiber dispersion and receiver circuitry noise.

The per code chip eavesdropper's SNRs as a function of the theoretical system capacity are shown in figure (7). If the authorized users transmit sufficient power so that 50%, 75%, 82%, and 85% of the theoretical system capacity is attained for MQC codes that have prime number p of 3, 7, 11, and 13 respectively, the eavesdropper has SNR of 15 dB. An optical matched filter receiver followed by envelope detection theoretically requires a peak SNR of approximately 15 dB to produce the required raw detector BER of lQ-4. Error correction codes used in commercial high-rate optical telecommunication equipment can produce the maximum acceptable system BER 10-9.

Fig. 6. BER versus number of simultaneous users. P5, = - 10 dBm.

The figure above shows a contradiction between network system performance and security . Increasing the network system capacity will lead the eavesdropper to detect high SNRs. Another limitation can be shown in figure (8), where high specified SNRs will increase the eavesdropper possibility of attacks.

Thus, for secure firms, a network designer should take these limitations under consideration . If 50% of the system capacity is provided, specified authorized SNRs between 10 dB to 15 dB are suitable for eavesdropper to get encoded pulse SNRs between 10 dB and 15 dB, respecti vely. Their corresponding bit error rates BERs are nearl y 10-5 and 10-2, respectively as shown in figure (9).

Fig. 7. Per chip code SNR as a function of theoretical system capacity

Fig. 8. Per chip code SNR as a function of theoretical system capacity for different specified authorized SNRs

Fig. 9. BERs as a function of theoretical system capacity for different specified authorized SNRs

The eavesdropper performance of detecting spectral encoding chip bandwidth pulses form spectral amplitude optical CDMA code word that has been investigated in (Bakarman et al. 2009). The basic MQC code denoted by (12, 4, 1), has been considered to demonstrate the performance for both authorized user and eavesdropper .

Wide bandwidth enhances SNRs for both authorized user and eavesdropper, which increases the possibility of eavesdropping . Therefore, from the security viewpoint, one should minimize the eavesdropper ability to detect code word pulses by controlling the authorized performance to reasonable throughput. This leads to security impact over system performance as shown in figure (10). The solid and dashed lines represent theoretical results for authorized user and eavesdropper, respectively using MQC (12, 4, 1). Whereas, triangle and rectangle symbols represent results for authorized user and eavesdropper, respectively using M. sequence code (7, 4, 2).

Fig. 10. Security impact over system performance for MQC code system

Thus, to improve the degree of security, we have to reduce the bandwidth of the encoding chip bandwidth pulses. This reduction should not affect the system performance. For example, if a spectral chip is reduced from 50 GHz to 25 GHz, the authorized user and eavesdropper could obtain SNRs of 23 dB and 12 dB respectively . These values correspond to bit error rate BERs of nearly 10-12 and 104 respectively. The maximum acceptable system BER is assumed to be 10-9. Decreasing spectral chip, below than 25 GHz, will affect the authorized user performance forcing him to use error correction codes techniques used in commercial optical communications.

The results show that using unipolar optical CDMA codes schemes based on MQC and modified double weight MDW (Aljunid et al. 2004) code system enhance the security with a low cost implementation in comparison to the bipolar ones based on modified pseudorandom noise (PN) code (Chung et al. 2008), see also figure (10). MQC (12, 4, 1) code has 5 dB security preferences over PN (7, 4, 2) code. For the authorized users, bipolar codes would show high performance in comparison to unipolar codes because the bipolar signaling has a 3-dB signal-to-noise ratio (SNR) advantage over the on-off keying system with high cost implementation because each transmitter sends energy for both "0" and "1" bit (Nguyen et al. 1995). From the security viewpoint, one should minimize the eavesdropper ability to detect code word pulses by controlling the authorized performance to reasonable throughput.

Further security enhancement can be obtained by increasing the code dimension as shown in figure (11). With large value of prime number p, the main parameter to construct MQC codes, the eavesdropper ability to detect single encoded pulses becomes difficult even with wideband spectral chip. The eavesdropper BER will be higher than 10-3•

Fig. 11. Code dimension effects on eavesdropper performance

In communication systems, there is a tradeoff between data bit rate and the provided system number of channels . Data bit rate x sequence code length = encoded chip rate . Generally, in optical CDMA analysis, in order to reduce the MAI limitations , the data bit rate should be reduced . Figure (12) shows the impact of data bit rates on the eavesdropper performance . Increasing the bit rate will decrease the eavesdropper SNR, making the signal to be more sensitive to fiber dispers ion and receiver circuitry noise.

Fig. 12. Eavesdropper SNR vs bit rates
