using

: We propose a novel security enhancement technique for a physical layer secure orthogonal frequency division multiplexed passive optical network (OFDM-PON) based on three-dimensional Brownian motion and chaos in cell (3DBCC). This method confuses an OFDM symbol via transforming it into a 3D symbol matrix and a 3D cell matrix with different size lengths. Different dividing-confusion rules then generate different complementary cumulative distribution functions (CCDFs) of peak-to-average power ratio (PAPR). And we can pre-estimate bit error rate (BER) performance by calculating the CCDF values. We also find that the processing time decreases with the matrix’s side length decreasing simultaneously. A new weighted comprehensive value (Q w ) is further used to evaluate the overall performance between the processing time and the BER. Finally, an experiment successfully demonstrates a physical layer secure OFDM signal transmission with 22.06-Gb/s data rate over a 25.4-km standard single mode fiber (SSMF). These results indicate that cell (5 3 ) has the weighted optimum overall performance, which verifies that the proposed encryption technique is promising for building a physical layer security enhanced OFDM-PON system with a low processing time delay and a good BER for future access network systems.


Introduction
Passive optical network (PON) is regarded as an advanced "future-proof" way to solve big demand for next-generation multiuser access networks, and orthogonal frequency division multiplexing (OFDM) has been widely used in wired and wireless systems due to its strong ability to resist multipath interference. Therefore, OFDM-based PON (OFDM-PON) is considered as a promising candidate for next generation access networks with many advantages such as high spectral efficiency, robustness against dispersion, low electrical bandwidth requirements, and reduced multipath interference [1,2]. Various applications based on OFDM-PON also focus on information security [3,4]. The traditional encryption methods of OFDM-PON usually aim at the upper layer, which causes the weakness of unprotected headers and controlling frames. Physical layer encryption has attracted fiercely research interests since it can provide transparent encryption, which is envisioned as an efficient approach to solve the security problem of optical access networks.
Due to the advantages of chaos including high randomness and sensitivity to the initial values, various approaches based on chaotic encryption have been employed in the physical layer communication systems. We can divide them into two categories. One is the chaos security technique in the optical domain such as chaotic laser communication [5], exclusive or (XOR) scrambling [6], and laser-based security for military operations [7]. However, the optical domain chaotic encryption suffers from high sensitivity and limitations of key distribution, and small space of encryption key as well as difficulty to control complex key management and protect data or headers. The other is then the chaos security technique in the electric domain such as wireless chaos-based communication systems [8], hybrid chaos encryption [9], chaos and fractional Fourier transform [10] and piecewise chaotic permutation [11]. In these schemes, a high randomness chaotic sequence is limited by the finite accuracy of computer, because the transmission data is confused by directly using chaotic confusion techniques. In order to improve the ability of encryption, we have studied some methods based on chaotic techniques in the electric domain including chaos coding-based QAM IQencryption [12], joint peak-to-average power ratio (PAPR) reduction and chaos encryption [13], chaotic constellation transformation and pilot-aided secure key agreement [14], chaos and deoxyribonucleic acid encoding [15], chaotic pseudorandom radio frequency (RF) subcarriers [16], and hybrid chaotic confusion and diffusion [17]. Moreover, chaotic discrete Hartley transform [18], optical DFT-S-OFDM data encrypted by digital chaos [19], chosen plaintext attack resistance and PAPR reduction [20], chaotic nonlinear encryption [21], phase masking and time-frequency chaotic method [22] have been proposed. In addition, a method based on two-dimensional Brownian motion and chaotic (2DBC) encryption for physical layer security in coherent optical OFDM-PON [23] has been studied, and Brownian motion has also been applied to image encryption [24], but three-dimensional Brownian motion has not yet been applied in physical layer secure OFDM-PON systems. Therefore, a security enhancement approach using three-dimensional Brownian motion and chaos (3DBC) combined with chaos in cell (3DBCC) encryption scheme for OFDM-PON is proposed to further reduce processing time delay and improve bit error rate (BER) performance.
In this paper, to the best of our knowledge, we first propose 3DBC and 3DBCC for physical layer security enhanced OFDM-PON systems. For an OFDM signal, we arrange symbols of each subcarrier into a plane and combine all subcarriers into a 3D symbol matrix, and then use 3DBC to confuse each symbol of 3D symbol matrix. In order to reduce processing time delay and improve BER performance, we divide the 3D symbol matrix into 3D cell matrix by applying a suitable common divisor of three sides, so this 3DBCC can confuse each cell. An experiment successfully demonstrates a physical layer secure OFDM signal transmission with 22.06-Gb/s data rate over a 25.4-km standard single mode fiber (SSMF), and the obtained results verify the effectiveness of the proposed scheme for security enhanced OFDM-PON systems.

Principles
For one point in the 3D space, it can be written as sin cos sin sin , cos where δ (0≤δ ≤∞) is the length of step movement, and a (0≤a≤2π) and b (0≤b≤2π) denote the movement directions. u, v, and δ are derived from the logistic sine system (LSS), the logistic tent system (LTS) and the tent sine system (TSS), respectively [25].
where p u , p v , p δ are the iteration parameters. When p u , p v , p δ ∈ (0, 4], the LSS, LTS and TSS chaotic systems have good chaotic behaviors. One point in a space can be considered as a Brownian particle in the 3D space. Adding one movement direction and a step length can generate a new 3D Brownian motion trajectory. Figure 1 shows a normalized motivation path with 200-step length of 3DBC. The motion path has good randomness and unpredictability based on 2DBC [23]. But compared with Fig. 1, the movement path of 3DBC has a more complicated trajectory, because 3DBC adds one more extra dimension scrambling. 3DBC can well confuse the symbols via scrambling the positions of these symbols. where ceil (.) is the upper bound operation, and dx x,y,z , dy x,y,z , dz x,y,z are the elements of the matrices dx, dy and dz, as shown in Fig. 1, which are determined by Eqs. (1)-(5) and the original parameters (u 0 , v 0 , δ 0 , p u , p v , p δ ) of LSS, LTS, TSS. These parameters (u 0 , v 0 , δ 0 , p u , p v , p δ ) can be saved as a key of 3DBC. Figure 2 where exchange (.) stands for an exchange between the original symbol position and the confused symbol position. Due to the static security key allocation technique by using preshared security key, the decryption processing can be shown as , , Here, F de represents the decrypted signal, which is the original signal. Based on the symbol scrambling in a 3D matrix using 3DBC, we then propose a modified encryption algorithm to reduce the processing time delay and the BER performance loss. In this method, it divides M 3D into different cells, where we choose a suitable common divisor (R) of L, W and H to divide M 3D into a cube matrix (M cell ). The length of M cell is R and each cell has N = L × W × H/R 3 red symbols, as shown in Fig. 3. Regarding each cell as a unit in a 3D matrix, when we apply 3DBCC to confuse the cells, the number of iterations would turn into 1/N, so the iteration time delay can be greatly reduced. And the security key is also the original parameters of (u 0 , v 0 , δ 0 , p u , p v , p δ ). For an OFDM frame, the symbols can be arranged as M 3D in 3D space and M cell in 3D cell, as shown in Figs. 2 and 3, respectively, where H represents the frequency of subcarriers with different colors and each carrier has L × W QAM symbols. The method can apply 3DBC and 3DBCC to confuse the symbols and cells respectively.
Since different coding rules can generate different CCDF curves of PAPR, the PAPR influences the BER performance [26]. We then define the value (V PAPR ) of multiplying by CCDF and PAPR as where p(.) is the probability of CCDF and i(.) is the corresponding PAPR. In order to reduce time delay and BER performance loss, different R is used to divide M 3D. Assuming that k 1 is the weighted ratio of processing time (T) and k 2 is the weighted ratio of V PAPR , then the weighted optimum coefficient Q w of the comprehensive performance in the system can be defined as 1 2 . We conduct an experiment as illustrated in Fig. 4  We calculate the bifurcation diagrams of LSS, LTS and TSS as illustrated in Fig. 5. It shows that these maps have wider chaotic ranges. Due to the characteristic of chaos, these maps have high randomness, unpredictability and sensitivity to the initial values. This indicates that the proposed encryption approach has a good security.  Table 1 shows the Lyapunov exponent (LE) and the permutation entropy (PE) of each parameter (u, v, δ, dx, dy, dz) based on the mixed chaotic system of LSS, LTS and TSS.

IM
Compared with 2DBC, one extra-dimensional substitution dz added in the system, 3DBC can improve the complexity of trajectory. When the transmitted information is fixed, the bit stream of the information is unchanged. Figure 6 shows the CCDF curves of PAPR for each dividing rule of the generated confusion signal. These results indicate that with the PAPR increasing such as more than 9 dB, the performances of cell (20 3 ) and cell (4 3 ) are the best and the worst, respectively. A personal computer (PC) with 8-GB memory, Intel core TM i3-8100 and Windows 10 system is used to calculate the processing time of different dividing rules. The encryption and decryption time for 3DBC and 3DBCC is shown in Table 2, in which we can find that the encryption and decryption time of 3DBC are 0.0298 and 0.0281. Compared with the time of 3DBC, only 3DBCC with cell (20 3 ) simplified by cell (20 3 ) is longer than 3DBC. This may be caused by transforming the symbols from point into cell. However, when R<10, all the encryption and decryption time is less than that of 3DBC. The processing time decreases with the M cell 's side length decreasing. When R is equal to 4, the processing time is 0.0029 and 0.0011, respectively. In order to compare the comprehensive performance of each dividing rule, k 1 and k 2 are set to 100 and 0.05 with the reason that their products have same range order magnitude. The comprehensive values as shown in Table 3, which indicates that cell (5 3 ) is the optimum dividing rule (Q w = 4.830) combining good time delay and BER performance. In this case, it is obvious that the weighted comprehensive performance order is cell (5 3 )> cell (4 3 )> cell (10 3 )> 3DBC > cell (20 3 ).  Figure 7 illustrates the measured BER performances of 3DBC, cell (20 3 ), cell (10 3 ), cell (5 3 ), cell (4 3 ) based legal optical network unit (ONU) and an illegal ONU for encryption signals. From the FEC limit, it is easy to conclude that cell (20 3 ) has the best BER performance. It approximately improves 1dB compared with that of cell (4 3 ). These results indicate that V PAPR can directly pre-estimate the BER performance for an OFDM-PON system, which meets theory very well. And for an illegal ONU, no matter what encryption dividing rule is employed, the BER of the received signal is almost 0.5. This shows these encryption rules have a high security. Transforming these symbols into the cube cells is conveniently confused by a 3DBCCbased method and the other encryption methods such as 3D cat mapping. If any of 3 dimensions is very short, it is rapidly turned by randomly scrambling. It then causes that the confusion is not optimum. However, our method has a good confusion performance using the normalized 3DBC compared with the other methods such as 3D cat mapping. In the experiment, the bit stream is randomly generated and different bit streams generate different CCDF curves of PAPR. No matter what bit stream is generated, a weighted optimum value Q w can be then obtained via this method.

Summary
In order to reduce processing time delay, improve BER and enhance physical layer security of OFDM-PON, we have proposed and experimentally demonstrated a chaos encryption method using 3DBC and 3DBCC. In this experiment, 4.8 × 10 4 16-QAM symbols have been transformed into the matrixes with 120 × 20 × 20 symbols and different side length-based cells. A physical layer secure OFDM-PON system with 22.06-Gb/s signal has been successfully demonstrated over a 25.4-km SSMF. From the experimental results, we can find: a) Owing to the addition of one more extra degree of freedom, 3DBC has a more complicated trajectory than that of 2DBC.
b) The V PAPR of CCDF curves can pre-estimate the BER for different CCDF curves of PAPR.
c) The processing time decreases with the matrix side length decreasing. And 3DBCC can reduce the encryption and decryption processing time delay and improve the BER. d) A new defined value (Q w ) can estimate the weighted overall system performance.