100 Gb/s dynamically programmable SDN-enabled hardware encryptor for optical networks

We have successfully demonstrated an on-demand programmable hardware encryptor for optical networks enabled by the software-defined network (SDN) and tested its application in a quantum key distribution (QKD) use case. We believe our proposed encryptor is unique in the way that it combines on-demand programmable encryption algorithms with a 100G Ethernet network interface to provide a high-transmission capacity with flexible security. We have successfully formed an on-demand encryption library consisting of AES-256, AES-192, AES-128, Camellia-256, XOR, and no-encryption configurations. Our system has shown a network throughput of 91.3 Gb/s for AES variations and 90.2 Gb/s for Camellia-256, while theoretical encryption throughputs were 160 Gb/s. In addition, the goodputs of all the encryption schemes were measured as at least 90.4 Gb/s. For a faster reconfiguration of the field-programmable gate array (FPGA), partial reconfiguration technology has been used, and reconfiguration times of 2.6 s for encryption and 2 s for decryption have been achieved. The FPGA configuration rate was 3.35 MB/s. When our proposed design was tested in a QKD use case with 256-bit keys, the highest achieved key consumption rate was 27 keys/s, which corresponded to the minimum granularity of 474 MB per key. Thus, with a 256-bit key, up to a 6912 b/s key consumption rate was achieved. In addition, the encryptor’s end-to-end network latency has been tested using 300k standard Internet Control Message Protocol (ICMP) pings. For all encryption schemes, the latency was measured as 0.093ms±0.028ms on average, but the encryption/decryption processes did not have a meaningful latency impact with microsecond precision.