Security Improvement for OFDM-PON via DNA Extension Code and Chaotic Systems

In the paper, a deoxyribonucleic acid (DNA) extension code with 3-bit binary streams is proposed to encrypt the downlink data for orthogonal frequency division multiplexing passive optical network (OFDM-PON). It has 8 bases to make up 4 pairs of complementary codes. And it can obtain 384 matching rules, which greatly improves the randomness of matching. Here, two DNA addition operation rules are also proposed to encrypt the data. DNA extension rules can reduce half coding operations. Three 1-dimensional (1-D) chaotic systems are used to encrypt the code and control the rules. The encryption method based on the uplink streams from optical network units (ONUs) makes the security of downlink signals not just depending on the security of chaotic systems. Finally, a 22.06 Gb/s DNA extension code encryption signal is transmitted through a back-to-back (BTB) system and a 25-km standard single-mode fiber (SSMF). The proposed method not only improves the security but also reduces the computational complexity. The experimental results show that the proposed method has the ability to resist optical channel response and fiber nonlinearity, which is a promising candidate for solving the security enhancement in access networks.


I. INTRODUCTION
With the development of information technology, the 5 th generation communication technology (5G) has begun to enter our lives. The main vision of 5G is the Internet of things (IoT) and a massive expansion of bandwidth. Orthogonal frequency division multiplexing (OFDM) is widely used in 5G communications. OFDM passive optical network (OFDM-PON) has the advantages including the resistance to chromatic dispersion, high spectral efficiency and anti-multipath interference [1]- [3], and it has been regarded as a promising candidate for the next generation communication. At the same time, people pay more attention to the information security. The conventional encryption and authentication operations are The associate editor coordinating the review of this manuscript and approving it for publication was Sun Junwei . carried out in the upper layer. But the header information can be easily eavesdropped by the statistical attacks [4]. On the contrary, encryption in the physical layer can essentially protect the security of data transmission, then it has become a research hotspot. In 1963, Lorenz proposed the butterfly effect [5]. In the early 1980s, Lang and Kobayashi had been extensively examined the feedback semiconductor lasers [6]. From then on, chaos becomes a hot topic, such as dynamical behaviors of autonomous memristor chaotic systems [7] and time delay in memristor based neural network circuits [8]. Chaos has been applied to the computer science and communications. After that, various studies focus on the security of physical layer based on the chaotic techniques. These methods can be divided into two categories. One is the chaotic feedback laser such as secure key distribution [9], laser exclusive or (XOR) operation [10] and delay signature-suppressed in semiconductor lasers [11], and the typical application in chaotic feedback laser and microwave photonic chaotic communication [12], [13]. These methods require two sets of chaos generation equipment to be as identical as possible, which are difficult to achieve chaos synchronization for all the modulation parameters. Meanwhile, Chen et. al deeply studied the chaotic system [14] and some digital chaotic image encryption methods have been proposed by many researchers [15]. The digital chaotic technique is the other way to encrypt the data transmission, because the digital chaos can be accurately controlled and easily operated by digital signal processing (DSP). Then it has been widely studied in OFDM-PON. In chaotic OFDM-PON communications, early typical studies are randomly transforming phase of constellation symbol [16] and 3-D constellation masking [17]. After that, various papers have emerged, such as constellation scrambling and permutation [18]- [20], phase masking and time-frequency confusion [21]- [23], short reference noncoherent system [24], pilot-aided secure key agreement [25], chaotic matrix transformation [26], [27], Brownian motion and chaos [28], [29], digital filter multiple access (DFMA)-PON [30], I/Q-encryption and constellation confusion [31], [32], joint peak to average power ratio (PAPR) reduction and encryption [33]- [35], differential chaos shift key [36], [37], multilevel separated encryption [38]. These methods have a common characteristic that the encryption algorithm depends on the pseudo-random numbers generated by the chaotic systems. When the chaotic system is cracked, the data is unsafe.
Meanwhile, Cao et al. proposed a method to encrypt the downlink stream by the uplink stream from an optical network unit (ONU) [39]. It encrypts the data by performing a simple XOR operation between the uplink stream and downlink stream. But the data encrypted by this method is vulnerable to illegal ONU attacks. Based on this case, Li et al. reported an improved scheme using the digital chaos algorithm and uplink stream with fixed-point implementation [40]. Compared with [39], it disturbs the chaotic bifurcation graph, which greatly raises the security for OFDM-PON.
Deoxyribonucleic acid (DNA) code has these advantages of huge storage, massive parallelism and ultra-low power consumption [41]. Chaotic DNA code can enhance the security of information science, so that it has been widely used in the image encryption [42], and its applications are also reported in OFDM-PON [43]. However, the extension of DNA code has not been studied yet.
In order to propose a high security and low computational complexity encryption algorithm for OFDM-PON, we propose a novel chaotic DNA extension code encryption algorithm. The conventional DNA code depends on 2-bit binary streams. Thus, our method uses 3-bit binary streams, which raises the randomness of coding. Besides, we also propose two addition operation rules corresponding to the DNA extension code. This encryption method uses the uplink streams from ONUs to improve the security of downlink streams. New coding rules can reduce half coding operations. Three 1-dimensional (1-D) chaotic systems are used to encrypt the code and control the rules. The proposed method not only improves the security but also reduces the computational complexity.

II. PRINCIPLES
We design a framework to transmit the uplink and downlink streams as shown in Fig. 1. If an ONU sends a series of bit streams, OLT receives the uplink streams and uses them to conduct the encryption process. In the field of biology, DNA has 4 kinds of bases, namely adenine (A), thymine (T), cytosine (C) and guanine (G), in which A-T and C-G are complementary pairs [44]. In the field of computer and information science, there are ''1'' and ''0'', which are also complementary. In addition, for computer science, A, T, C, and G only stand for the bit-sequence symbols rather than the biomolecules. Thus, 2 bits can be used to represent 4 bases, and A-T and C-G in the DNA coding are replaced by 00-11 and 01-10. On this basis, we propose a DNA extension code, which uses 3 bits and another 4 bases M, W, U and N to express them. Assuming that M-W and U-N are complementary pairs, similar to 2-bit DNA code, we set 000-111, For simplicity and convenience, we list some possible permutations of 3-bit DNA extension code as shown in the Fig. 2. Here, it is easy to figure out that the proposed 3-bit DNA extension code has C 1 8 ×C 1 6 ×C 1 4 ×C 1 2 = 384 matching rules, which is far more than that of 2-bit DNA coding (C 1 4 ×C 1 2 = 8). Obviously, the proposed method greatly raises the randomness of matching. If the uplink and downlink streams are identified by the chaotic DNA extension rules, the DNA addition operation will be conducted between two DNA extension codes. Hence, we design two DNA extension addition operation rules as listed in TABLE 1 and TABLE 2. The addition rules are symmetrical in structure and complementary to each other, which satisfies the Watson-Crick complementary regulation. We use another chaotic sequence to control the selection of addition rules for DNA extension code. Then the downlink signal is encrypted by the new chaotic DNA extension code with the uplink stream. The specific processes of encryption and decryption are based on chaotic DNA extension code, which can be illustrated in Fig. 3.
When receiving the uplink streams from ONUs, OLT begins to perform the encryption process. The operations are described step by step as follows: Step 1: Use the DNA extension rules to code the downlink and uplink streams as shown in the Fig. 2. Two chaotic sequences {x 1 , x 2 } are utilized to handle the downlink and uplink streams respectively. The processing of chaotic sequences is where mod (α, β) and floor (ϕ) stand for the remainder operation and lower bound operation respectively. The processing of Eq. (1) can improve the randomness of chaotic sequences.
Step 2: The chaotic sequence {x 3 } is applied to choose the addition operation rules as displayed in TABLE 1 and  TABLE 2. {x 3 } can be generated by {x 3 } = mod(floor(ẋ 3 × 10 14 ), 2). (2) Step 3: After Step 2, the downlink signal is encrypted by the uplink stream and chaotic DNA extension code. In this case, the encrypted signal is a DNA extension code, which cannot be directly transmitted. Therefore, a fixed conversion standard [A C M U N W G T] → [000 001 010 011 100 101 110 111] is used to convert a DNA extension code into bit streams. Of course, another chaotic sequence can also be used to encrypt this step.
From now on, various chaotic systems are proposed by scholars. For convenience, we need 3 chaotic sequences to encrypt the code. Therefore, the logistic sine system (LSS), logistic tent system (LTS) and tent sine system (TSS) [45] are chosen to generate the pseudo-random numbers respectively.
where r is the bifurcation coefficient. When r ∈ (0 4) and the initial values of w, y, z ∈ (0, 1), the LSS, TLS and TSS chaotic systems have good chaotic behaviors. For the decryption, the detailed processes are displayed in the below of Fig. 3. When the transmission signal is detected by a photodetector (PD), the ONU can obtain the encrypted signal after conducting the operations such as removing CP and QAM de-mapping. The detailed operations are as follows: Step 1: Convert the encrypted bit streams into a DNA extension code by the fixed conversion standard [A C M U N W G T] → [000 001 010 011 100 101 110 111].
Step 2: This method adopts the symmetric encryption technology. An ONU combines the pre-shared key with Eqs. (1)-(3) to generate chaotic sequences {x 2 } to encrypt the uplink stream sent by itself.
Step 3: Based on Step 2, {x 3 } can also be obtained to choose the same DNA extension addition rules as the Step 2 in encryption process. After that, we get the encrypted DNA extension code.
Step 4: Chaotic sequences {x 1 } are used to decrypt the encrypted DNA extension code and obtain the downlink stream based on Fig. 2.

III. RESULTS AND DISCUSSIONS
To test the performance of the chaotic systems, we first simulate the initial sensitivity performances of LSS, TSS, and TLS. The initial values of r is set to 0.5 and w, y, z are set to 0.7. When the initial values of w, y, z have a tiny difference of = 10 −15 , the chaotic sequences can be shown in the Fig. 4. From the results, it is easy to conclude that every two chaotic sequences are completely different after dozens of iterations. The detailed performance of LSS, TSS, and TLS are listed in the Fig. 4(a), Fig. 4(b) and Fig. 4(c). Additionally, we have tested the auto-correlation and crosscorrelation performance of the used 3 chaotic systems. When r is also set to 0.5 and w, y, z are set to 0.7, we iterate 1000 chaotic sequences and the results can be seen as Fig. 5. From Fig. 5(a), Fig. 5(c) and Fig. 5(e), only when the values are equal to 0, auto-correlation values are equal to 1, and other values are close to 0, which indicates that they have good auto-correlation performance. When we also give a tiny difference of = 10 −15 (the related sequences are in the Fig. 4), the cross-correlation performance of the chaotic system can be shown as Fig. 5  In order to further study the performance of the used chaotic system, some comparisons between it and other chaotic systems are shown in TABLE 3. One can find that our used chaotic systems have low computational complexity and high security. In fact, LSS, TSS and TLS are evolved from the Logistic map [46] and the three chaotic systems have a more secure performance than the logistic map. Of course, their computational complexities are tiny higher than logistic map. Compared with other chaotic systems, the used chaotic systems have low computational complexity, but its security is not low. Because the key space is bigger than Chen's attractor [47] and 4-D chaos [48]. These hyper-chaotic systems use the fourth-order Runge-Kutta method, which have the time complexity of O(N 3 ) as the order increasing. Therefore, 7-D IQ [49] has the highest computational complexity. The performance comparisons between the chaotic DNA extension code and conventional chaotic DNA code are listed in TABLE 4. The conventional DNA code uses 2 bits per unit, but the DNA extension code uses 3 bits. If the data is a fixed bit stream, using the DNA extension code can halve the operations. The conventional DNA code has 4 bases (A, T, C and G) and the DNA extension code adds another 4 bases (M, W, U, and N). From this case, DNA code and DNA extension code have 2 and 4 complementary pairs respectively. The conventional DNA code has 8 matching rules, while the DNA extension code has 384 matching rules. In addition, there are 8 2 = 64 kinds of addition/subtraction operations for the DNA extension code. More importantly, since this encoding method is a set of 3 bits, compared with the traditional method (2 bits), it will reduce the amount of calculation by half. Additionally, combined with [39], the DNA extension addition operations between the uplink data and downlink data have higher security than operations on itself.
In the experiment, we randomly generate two sets of bit flow with a length of 1.92 × 10 5 . One of them is regarded as the uplink stream, and the other is considered as the downlink stream, which is then encrypted via the uplink stream and DNA extension code. These processes are conducted offline by MATLAB. After that, the bit streams are transformed into 4.8 × 10 4 16-QAM symbols. Serial-to-parallel (S/P) conversion is used in OFDM modulation and the number of subcarriers is 120. IFFT converts these symbols from the frequency domain into the time domain and its size is 256. A cyclic prefix (CP) of 1/16 is inserted in each sequence. When the encryption process is over, the encrypted signal is loaded into an arbitrary waveform generator (AWG Tektronix 7102A) to complete the digital-to-analog conversion (DAC) with a sampling rate of 25 GSa/s. The electrical signal is then modulated to a Mach-Zehnder modulator (MZM). A tunable laser diode emits light with a wavelength of 1549nm and its output power is 14.48 dBm. Here, the initial values of w, y, VOLUME 8, 2020 z, r are set as 0.7 0.7 0.7, 0.5 respectively, which are saved as the key. The generated key space is (4 × 10 15 × 10 15 ) 3 = 6.4×10 91 , which is strong enough to resist exhaustive attacks from an illegal ONU.
Assuming that transmission the same length of bit sequences and comparing with some typical chaotic OFDM-PON encryption systems such as the hybrid chaotic confusion and diffusion (HCCD) [20], chaotic constellation transformation (CCT) scrambling [25], Brownian motion symbol substitution (BBS) [29], real and imaginary (IQ) parts encryption [31] and 7-D IQ encryption [49], some important parameters are listed in TABLE 5. Their comparisons mainly focus on the computational complexity of chaotic pseudo-random number generator (PRNG) and encryption. Our proposed DNA-E has almost the lowest computational complexity and the security performance is high. Compared with a conventional DNA encryption method, although our method uses a more complex and secure system, it is worth noting that its computational complexity is also lower than the traditional method. For example, [43] uses a simpler chaotic system, but its computational complexity of the system is greater and the key space is smaller. As a high-order hyperchaotic system, the complexity of [49] is high. This means that the computational complexity of [49] is much greater than other common chaotic encryption systems. Therefore, it is should be careful when we choose a high-order hyperchaotic system. Because we use the fourth-order Runge-Kutta method to calculate, the hyper-chaotic systems will rapidly increase the complexity of the systems.
PAPR is a significant parameter for an OFDM system. Hence, we calculate the complementary cumulative distribution functions (CCDFs) of PAPR for the encrypted and original signals. The results in Fig. 6 indicate that the PAPR performance of chaotic DNA extension code encryption signal is almost the same as the original signal. Thus, the proposed encryption method does not deteriorate the system performance.
When the encrypted downlink stream transmits over a back-to-back (BTB) system and a 25-km SSMF, it is detected by a photodetector (PD) with a bandwidth of 10 GHz. The data is recorded by a digital phosphor oscilloscope (DPO Tektronix TDS 7404B) with a sampling rate of 50 GSa/s. The decryption operations are also done offline by MATLAB with the pre-shared key and the corresponding uplink stream.    7 shows that the original OFDM signal and chaotic DNA extension code encryption signal have basically the same bit error rate (BER) performance in the BTB system. Owing to the fiber dispersion and loss, the BERs of the two signals transmitted through a 25-km SSMF are approximately 0.7 dBm received optical power (FEC limit) lower than that of BTB systems, which means that the proposed method has the ability to resist fiber nonlinearity.

IV. CONCLUSION
In this paper, a DNA extension code combing three 1-D chaotic systems to enhance the physical layer security for OFDM-PON has been proposed and experimentally demonstrated. It aims at improving the security and reducing the computational complexity. A 22.06 Ga/s encrypted OFDM signal has been transmitted through a BTB system and a 25-km SSMF. The following conclusions can be obtained: 1) The DNA extension code with 3-bit binary streams is evolved from the conventional DNA code. It meets the DNA coding rules in chaotic encryption for OFDM-PON, and it is also suitable for computer science and image encryption. Compared with the conventional DNA code, the DNA extension code needs another 4 bases to express 8 complementary codes. It is worth noting that the DNA extension code can generate 384 kinds of matching rules, which highly raises the randomness and unpredictability of matching. In addition, the proposed two DNA addition operation rules can decrypt the signals correctly. Furthermore, the DNA extension code can also be extended to 4-bits or more, which is similar to the 4-QAM, 8-QAM, 16-QAM etc. However, the extension requires a redesign of some rules like the addition operation rules. Compared with conventional DNA chaotic coding encryption techniques, it is worth noting that the DNA extension code can reduce the half computational complexity. 2) Adopting the method that using the uplink stream to encrypt the downlink stream can make the transmission security not completely dependent on the chaotic systems, which provides better security than the conventional encryption method. If a secure hash algorithm is applied to generate the secured keys from the uplink stream, the security can be further enhanced. It can be seen from the above conclusions that the proposed method is a promising candidate for the next generation security access network.