Industrial Ethernet is a technology widely spread in factory floors and critical infrastructures where a high amount of data need to be collected and transported. Fiber optic networks at gigabit rates fit well with that type of environments where speed, system performance and reliability are critical. In this work a new encryption method for high speed optical communications suitable for such kind of networks is proposed. This new encryption method consists of a symmetric streaming encryption of the 8b/10b data flow at PCS (Physical Coding Sublayer) level. It is carried out thanks to an FPE (Format Preserving Encryption) blockcipher working in CTR (Counter) mode. The overall system has been simulated and implemented in an FPGA (Field Programmable Gate Array). Thanks to experimental results it can be concluded that it is possible to cipher traffic at this physical level in a secure way. In addition, no overhead is introduced during encryption, getting minimum latency and maximum throughput.

翻译：工业以太网是一种广泛应用于工厂车间和关键基础设施的技术，这些场景需要收集和传输大量数据。千兆速率的光纤网络非常适合对速度、系统性能和可靠性有严苛要求的此类环境。本文提出了一种适用于这类网络的高速光通信新加密方法。该加密方法在PCS（物理编码子层）层对8b/10b数据流实施对称流加密，通过采用CTR（计数器）模式工作的FPE（格式保留加密）分组密码实现。整个系统已在FPGA（现场可编程门阵列）上完成仿真与实现。实验结果表明，在该物理层实现安全流量加密具备可行性，且加密过程不引入额外开销，实现了极低的延迟和最高的吞吐量。