Topic: How To Tap Fiber Optic Cables
|How To Tap Fiber Optic Cables
The question often arises about how to tap optical fiber, especially in the last few years as top-secret documents detailing NSA's surveillance exploits have become public. One of the top selling points to the security-conscious user is that fiber is hard to tap. But is it?
First, we start with a true story. In the mid-1980s, I (JH) submitted a paper to a military fiber optics conference that covered how to tap fiber, how to detect it was being tapped and how to secure communications in fiber in case it was tapped. the paper was classified and until it was declassified around 2005, was not discussed. Here is what I said in the paper.
How To Tap Fiber
First of all, tapping fiber is easy. You can buy optical splitters that plug into the network like a cable and divert a small amount of the light to a separate receiver. A typical tap passes 90-95% of the light and diverts 5-10%, often enough to run a separate receiver, certainly at the transmitter end.
But there is another way, using a simple trick that uses the property of an optical fiber that stressing it causes loss. Just put a bend in a fiber and aim a detector at the light that leaks out due to the stress. This is the same technology used for the test instrument called a fiber identifier. This will not work with bend-insensitive fiber, by the way, so if you want to prevent this type of tap or at least make it more difficult, use BI fiber.
These techniques are the ones most often used with fiber when there is easy access such as in central offices or regen huts. But it can be done with any cable as long as you can access it and work carefully. The US even has a submarine, the Jimmy Carter, equipped to tap undersea cables.
Needless to say, it is easier to tap fiber if the owner of the cable cooperates, ans as we have learned for the documents released, that can happen.
If you know fiber can be tapped, how do you detect it? Put in your own coupler tap at the receiver end and monitor the power in the fiber continuously. If someone puts a tap on the fiber, you will see a drop in power, if only a few tenths of a dB, which is easy to detect.
So how do you prevent eavesdropping? That's very difficult. But you can make it hard to read your messages. In my original paper, I suggested three things that should be done.
1. Encrypt everything - that's obvious!
2. Use a technique borrowed from "spread spectrum" radio. Fiber optic networks generally use time-division multiplexing where multiple signals are carried in sequential time slots. Except to make it more difficult to tap, move your signals from time slot to time slot in an encoded fashion so the recipient must know which time slot to look in for the proper message.
3. In all those other time slots, do not leave them blank, but instead fill them with randon text, preferably pulled from some legitimate writings such as an encyclopedia. Have fun and vary the languages too!
While I believe all this information is still relevant, I'll bet new tricks are being used. Probably to tap your downloading this page!
Warning - this page may be bugged!
(C)1999-2013, The Fiber Optic Association, Inc.