CyberWire Daily - If you can't detect it, you can't steal it. [Research Saturday]
Episode Date: February 15, 2020BGN Technologies, the technology transfer company of Ben-Gurion University (BGU) of the Negev, Israel, is introducing the first all-optical “stealth” encryption technology that will be significant...ly more secure and private for highly-sensitive cloud computing and data center network transmission. Joining us in this special Research Saturday is BGN's Dan Sadot who helped pioneer this technology. The Research can be found here: Ben-Gurion University Researchers Introduce the FirstAll-Optical, Stealth Data Encryption Technology Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K. of you, I was concerned about my data being sold by data brokers. So I decided to try Delete.me.
I have to say, Delete.me is a game changer. Within days of signing up, they started removing my
personal information from hundreds of data brokers. I finally have peace of mind knowing
my data privacy is protected. Delete.me's team does all the work for you with detailed reports
so you know exactly what's been done. Take control of your data and keep your private life Thank you. JoinDeleteMe.com slash N2K and use promo code N2K at checkout.
The only way to get 20% off is to go to JoinDeleteMe.com slash N2K and enter code N2K at checkout.
That's JoinDeleteMe.com slash N2K, code N2K.
Hello, everyone, and welcome to the CyberWire's Research Saturday.
I'm Dave Bittner, and this is our weekly conversation with researchers and analysts tracking down threats and vulnerabilities and solving some of the hard problems of
protecting ourselves in a rapidly evolving cyberspace.
Thanks for joining us.
And now, a message from our sponsor, Zscaler, the leader in cloud security.
Enterprises have spent billions of dollars on firewalls and VPNs,
yet breaches continue to rise by an 18% year-over-year increase
in ransomware attacks and a $75 million record payout in 2024.
These traditional security tools expand your attack surface
with public-facing IPs that are exploited by bad actors
more easily than ever with AI tools. It's time to rethink your
security. Zscaler Zero Trust plus AI stops attackers by hiding your attack surface, making apps and IPs
invisible, eliminating lateral movement, connecting users only to specific apps, not the entire
network, continuously verifying every request based on identity and context, simplifying security Thank you. your organization with Zscaler Zero Trust and AI. Learn more at zscaler.com slash security.
Okay, so basically my personal background, I'm an expert in optical communications.
That's Dan Sedot. He's a professor in the ECE department of Ben-Gurion
University. The research we're discussing today is titled Photonic Layer Encryption and Steganography
over IMDD Communication System. The way it sounds is really an interdisciplinary discipline. It is
combining classical communications like communication theory and optics which is
basically around lasers fiber optics and so on these two disciplines are
basically now taking a lead in the I'd say all modern high-speed communications
like anything running at high speed the above 10 gigabit per second, 100 gig, 400 gig, just name it.
So these are all running over optical fibers.
The thing is that all the encryption and security that is taken care of today
is being done on the bits level, on the digital level.
And we came out with the idea that why not to take advantage of the fact that anyway,
the physical layer, which carries the information,
it can also help here in terms of encryption, steganography, and stuff like that.
So that's the background for that.
Well, so let's dig in a little bit more for some understanding here.
So, I mean, can you give us a little bit of background
when we're sending signals optically? What exactly is going on? Is this inherently an analog process
or how does it work from a high level point of view? Okay, so basically in any communication
system, there is the transmit side and receive side where in the transmit side you begin with any kind of an application could be either
human voice all the way to mega files but eventually it turns out to be a
digital stream of information and this stream of information should be carried over some kind of physical media.
So it could be either a wireline or wireless like Wi-Fi or Bluetooth or so on.
The major difference while moving to optical communications
is that you take the same basic stream of data,
which is again this stream of bits,
and you just put it on top of an optical carrier. The optical carrier is basically an optical wave. It could be represented
as a color or the laser beam or as any sort of light that goes into an optical fiber.
And so the advantages of an optical system is that it's capable of carrying much more
information than, say, over copper? Yeah, basically there are two, I would say, large-scale advantages.
One is that the bandwidth of the optical technology is roughly, I would say, two to three
orders of magnitude wider. So anything beyond like 10 gigabit per second
hardly can be carried on non-optically.
But if you do it optically,
so you can go all the way to hundreds of gigabit per second
per today, it's fully commercial.
So that's one great advantage.
The other, I would say, not less important advantage
is the fact that once the light is being manipulated into an optical fiber, itenuated, I would say, very, very little as compared to attenuation in other media,
like in wireline or wireless or whatever.
So I would say every 100 kilometers, you can keep the optical signal without any handling,
can keep the optical signal without any handling, as opposed to, I would say, a few meters or maybe a few centimeters, depending on the bitrate, for other types of media.
So these are the great two advantages.
Well, so let's dig into the specific techniques that you all have developed here.
Take us through what you're doing.
Okay, so basically, once we have in mind the fact that we're going to take the stream of data
and turn it from electrons to photons, so to speak,
we can take the highest level of existing encryption as is
and just add on top of it a new level.
And this new level basically boils down to two main new concepts.
One is that in order to transmit information, as already mentioned, you take the stream of bits over an optical carrier.
Why not to do it over many carriers, namely many colors?
namely many colors.
So you take this stream of data and you break it to,
I would say,
instead of a single wavelength
or a single color,
to 1,000 wavelengths.
Now, what is the benefit of that?
You can now attenuate
each of those colors by 1,000.
So eventually,
you take 1,000 pieces,
each of them becomes now
very, very weak,
and you transmit all those carriers or colors in a very weak manner in the fiber.
On top of that, you design the transmission scenario to be that those very weak signals
will be even below the background noise.
In any existing media, there is some background noise.
It could be background light or some kind of spontaneous emission
coming from other lasers in the network or from other amplifiers,
which is very similar to an analog case on free space
where always there is some kind of acoustic noise or light
background in any media. So it happens also in optical fiber. So now if you take those
two effects together, you can design like a configuration where the signal is effectively below the noise level. So what happens is that every color is invisible
and you're transmitting instantaneously like 1,000 of those colors,
but you cannot see any of them.
So this is what configures this kind of stealthy transmission scheme.
So now this is one part of the scheme.
So you take the signal, break it to
many, many colors, transmit it below the noise level so it's invisible. Now of course it sounds
very attractive, but you must make sure that on the other hand the eligible receiver will be able to
reconstruct or rebuild this information. So that's the other part of the challenge.
So while you are stealthily sending this information
below the noise floor, are you simultaneously
sending regular information over
the fiber that's intended to be seen?
It could be. I mean, it's not restricted to this scenario.
I mean, it could be part of a network
where there are many other channels running
and you're just below the noise,
so naturally you'll be also below those other channels
and they will not interfere in any way.
I see.
That's one.
That's actually even making the stillness stronger
because then you see many channels
and your stillness channel is not only below those channels
but also below the noise, so totally invisible.
Right.
But there is another challenge on the receive side.
You need to rebuild this signal
and you need also to make sure
that the intruder will not be able to rebuild the
signal. So I'm going to explain in a moment how you rebuild the signal. But just before that,
in order to complete the encryption scheme on the transmit side, we're doing another,
I would say, aggressive manipulation, which is taking every color and adding a kind of a random phase to this
color. The random phase is basically changing the situation between the different colors in a way
that on the receive side, if you do not remove this kind of phase manipulation, you'll never be able to rebuild the signal again.
So that's kind of adding an encryption key
on top of the stealthiness manipulation.
And this is a physical element of the light itself.
Right, right.
We call it a phase mask,
which basically is an off-the-shelf kind of component.
Maybe it's a good point to mention that all our scheme is based on off-the-shelf components,
so it may be implemented and commercialized with existing technology and existing equipment.
So it's not requiring any development of new components that are not being commercialized yet.
Is it useful to think, I'm imagining sort of the way that polarized sunglasses react to light,
how you can block out things by the polarization of the light.
Is it along those sorts of lines?
It is a good analogy.
Polarization is an additional or a different feature of light.
So light has an amplitude, it has the phase, and it has also the polarization.
So these are independent features of light.
So it's a good example, but it's different.
I see. Okay.
So anyway, once we've done those two steps,
like spreading the light and hiding it below the noise,
that's the first step,
and then adding deliberately kind of what is supposed to seem random,
but it is not random.
It's a deterministic phase manipulation.
So then, on the other hand, we need to kind of cancel those actions.
That's the rebuilding of the signal by the eligible receiver.
So I'll try to explain what's going on there on the receive side.
Yeah, please.
So on the receive side, only being seen at this point is just noise,
because the signal is below the noise and it's just hidden there.
But if the eligible receiver knows that it's supposed to receive some useful information,
so he will apply the opposite of the phase mask that was applied on the transmit side,
basically removing all those random phase manipulations
that have been applied to each of those colors.
So that's the first step.
Once done, so now the eligible receiver has the chance, so to speak, to rebuild the signal.
And the way he may rebuild the signal is by collecting all those, I would say,
thousands of independent colors and adding them together in what is called in optics a coherent addition.
So the coherent addition is basically taking all the ingredients of lights
in this special coherent way that they will add coherently
and then the original strong signal will be rebuilt on top of the noise.
So again, just to emphasize, this cannot be done
if the phase mask effect was not removed
because then this coherence feature will be lost.
Now, in terms of informing the receiver
as to what's going on with the phase mask,
in other words, letting them know the information they need
to do this decoding
is that information being sent on on a side channel is that under under separate cover or is
that is that included in in the main signal yeah that's a great question so basically you can look
at the phase mask bow in both sides as the the key of the encryption. So once you follow this kind of paradigm,
so basically you can follow
all the existing
protocols or how to
exchange keys between the
eligible transmitter and
receivers. We have no additional
invention here, we're just following
well-known protocols how to
distribute the key between
the eligible users.
Okay, another point, I'll say probably the most important one that I didn't emphasize yet,
is the fact that this kind of optical rebuilding of the signal is being done on the optical domain.
And all this kind of destruction and reconstruction of the signal is all optical.
And why is it so important?
Because what happens usually is that once a signal is being encrypted and trying to
be decoded by an intruder, so what is happening is the signal is being recorded. And then you can try to break the code offline,
so to speak, by using high-power computers.
Or in a few years, there will be optical quantum computers and so on.
So the fact is that if you rely on the strength of the code,
you are in risk because the stronger the computing power becomes,
the higher the chances that your code can be broken. That's what's happening today.
And that's the concern of all those, I would say, encryption entities.
So what is happening with our scheme is that recording is off the table.
You cannot record the signal.
That's probably the most important message of this scheme.
And the reason you cannot record it is because the recording is going through an optical to electrical transformation.
And this optical to electrical transformation is involving by losing the phase information.
So if you did not remove the key, which is the phase mass that I explained earlier about,
what will happen is that the phase is being lost once the recording process happening.
And basically the information is being destroyed.
happening. And basically the information is being destroyed. So now there is no meaning by recording the information and trying to break it because it's not there anymore. So that's the great benefit.
No high power computing will help here in this scheme. And the only way to break the code is to
do it all optically by trying many, many optical masks and so on. But this is impractical because you cannot keep the light,
like store the light in hand and try to manipulate it
with the potential many, many phase masks.
So once the light is traveling, it's being detected and lost.
That's it.
Yeah, that's fascinating.
So in other words, if you
didn't know to look for the phase manipulation
that you're doing here, there would be no
reason to even attempt to record it. And so
in the recording and digitization process, I suppose,
that information would be lost. Yeah, that's exactly right.
So you must break the code and decode the
information on the fly as opposed to offline.
How practical is it to use this thing you've developed here?
Is it going to be relatively easy to apply in the real world?
Yes, as I was trying to emphasize earlier,
all the components that we are using in this end-to-end solution
are based on existing technologies, mostly off-the-shelf, commercial.
Maybe some should go through some modifications, but it is like, I would say, adding less than a factor of two on the cost of such kind of an existing optical communication system.
So that's, I would say, a very good message.
As compared, for example, to, I would say,
more futuristic schemes based on quantum encryption and so on,
which would require future development,
and they're much more, I would say, futuristic in this means.
Suppose someone were looking out for this method that you've developed.
Would they be able to look at the signal and take a look at the noise floor and say to themselves, aha, I see there's some phase manipulation going on here.
This needs a closer look.
No.
This needs a closer look.
No.
So basically, the good thing is that once you design the constellation here to be that the signal is significantly below the noise level, and we already have demonstrated some kind of field trials showing that we are being able to transmit signal at what is called negative SNR,
like negative signal-to-noise ratio, meaning signal is maybe 20, 30 times weaker than the noise.
So it's practically invisible.
And once it's invisible, you don't know what you need to manipulate there.
And anyway, phase is not something that you can record or try to extract.
try to extract.
You can record the entire light,
which includes also the phase
as part of the features of the light,
but you cannot extract
what's going on with the phase,
what is the manipulation here,
and how can you do the
decapsulation of this phase manipulation.
It's not possible.
I see.
One of the challenges, which is not a technological challenge, is that usually when you go with It's not possible. I see. all those most popular communication links that consume, say, 90-95% of entire communication worldwide.
One of the major challenges is how to change the standards that are around those transmission schemes.
This one, obviously, is not part of any standard because usually when you standardize transmission,
Because usually when you standardize transmission, you want to make it clear, you want to make it visible, you want to make it as simple as possible so any commercial entity can use it.
But here it's actually the opposite.
Here you are going to transmit something as complicated in terms of observing the signal.
In fact, you are going to transmit in a way that is non-observable.
So there's kind of, I would say, a mental barrier to convince those entities to transmit.
It's kind of a paradigm shift, so to speak.
It's as opposed to transmitting something that looks high quality and clear and so on.
The opposite. You need to transmit something that looks for an uneligible user like
an intruder.
It looks very unclear
or like noise.
It's an opposite concept.
Just transmitting noise is not something
that has been done
ever.
I have to say my own
perception of this is that there's something kind of, I don't know,
delightfully analog about this in our digital world.
Correct.
The way that this works, yes?
Certainly, yeah.
Actually light is an analog entity.
I mean, unless you really go to the photon level, which are again becoming like quantum entities. But in general,
light is kind of an analog entity. Our thanks to Dan Sadat from Ben-Gurion University for joining
us. The research is titled Photonic Layer Encryption and Steganography over IMDD
Communication System. We'll have a link in the show notes.
Cyber threats are evolving every second, and staying ahead is more than just a challenge.
It's a necessity. That's why we're thrilled to partner with ThreatLocker,
a cybersecurity solution trusted by businesses worldwide. ThreatLocker, a cybersecurity solution trusted by businesses worldwide.
ThreatLocker is a full suite of solutions designed to give you total control, stopping unauthorized applications, securing sensitive data, and ensuring your organization runs smoothly and securely.
Visit ThreatLocker.com today to see how a default-deny approach can keep your company safe and compliant.
The CyberWire Research Saturday is proudly produced in Maryland out of the startup studios of DataTribe,
where they're co-building the next generation of cybersecurity teams and technologies. Our amazing CyberWire team is Elliot Peltzman,
Puru Prakash, Stefan Vaziri, Kelsey Bond, Tim Nodar, Joe Kerrigan, Carol Terrio, Ben Yellen,
Nick Valecki, Gina Johnson, Bennett Moe, Chris Russell, John Petrick, Jennifer Iben, Rick Howard, Peter Kilpie, and I'm Dave Bittner. Thanks for listening.