{{Short description|Extraction of a signal from an optical fiber}} {{Use American English|date=March 2021}} {{Use mdy dates|date=March 2021}} {{Refimprove|date=April 2008}} right|thumb|A passive fiber optic tap

'''Fiber tapping''' is a network tap method that extracts signal from an optical fiber without breaking the connection. Tapping of optical fiber entails diverting some of the signal being transmitted in the core of the fiber into another fiber or a detector. Fiber to the home (FTTH) systems use beam splitters to allow many users to share one backbone fiber connecting to a central office, cutting the cost of each connection to the home. Test equipment can simply put a bend in the fiber and extract sufficient light to identify a fiber or determine if a signal is present.

== Use == Surreptitious fiber tapping may be used for surveillance, particularly in jurisdictions where specific authorities are legally granted access (usually limited or conditional) to electronic equipment used in telecommunication (e.g., phone lines) for tapping. Tapping the fiber means that all signals from every communications source being routed through the fiber are presented and must be sorted for relevant data, an immense task when thousands of sources of data or voice may be present.

According to intelligence experts interviewed by the Associated Press, the USS ''Jimmy Carter'' (a nuclear submarine) was modified to allow tapping undersea communication cables, possibly including fiber optic cables. <ref>{{Cite news|title=New Nuclear Sub Is Said to Have Special Eavesdropping Ability (Published 2005)|url=https://www.nytimes.com/2005/02/20/politics/new-nuclear-sub-is-said-to-have-special-eavesdropping-ability.html|date=2005-02-20|access-date=2025-12-01|language=en}}</ref>

== Detecting fiber taps ==

One way to detect fiber tapping is by noting increased attenuation added at the point of tapping. Some systems can detect sudden attenuation on a fiber link and will automatically raise an alarm.<ref>{{Citation |mode=cs1 |title=Allied Telesis Introduces Innovation in Fiber Security to Prevent Eavesdropping |url=https://www.alliedtelesis.com/press/allied-telesis-introduces-innovation-fiber-security-prevent-eavesdropping |website=alliedtelesis.com |publisher=Allied Telesis |date=20 January 2016 |location=San Jose, CA |archive-url=https://web.archive.org/web/20160123030432/https://www.alliedtelesis.com/pressreleases/2016/fibersecurity |archive-date=23 January 2016 |url-status=live}}</ref> There are, however, tappers which allow tapping without significant added attenuation.

In either case, there should be a change of scattering pattern in that point in line, which potentially can be detectable. However, once the tapper has been detected, it may be too late since a part of the information has already been eavesdropped on.<ref>{{Citation |mode=cs1 |title=Technical Information Bulletin 00-7: All-Optical Networks |url=https://www.hsdl.org/?abstract&did=440833 |via=Homeland Security Digital Library |series=NCS Technical Information Bulletin |number=7 |date=August 2000 |publisher=National Communications System}}</ref>

== Countermeasures == One countermeasure of fiber tapping is encryption, to make the intercepted data unintelligible to the thief.<ref>{{Cite web |url=http://www.convergedigest.com/bp-me/bp1.asp?ID=365&ctgy= |title=Blueprint: Metro Ethernet<!-- Bot generated title --> |access-date=2007-02-15 |archive-url=https://web.archive.org/web/20070927001511/http://www.convergedigest.com/bp-me/bp1.asp?ID=365&ctgy= |archive-date=2007-09-27 |url-status=dead }}</ref> Another is to deploy a fiber-optic sensor into the existing raceway, conduit, or armored cable. In this scenario, it can be detected if someone attempts to physically access the data (copper or fiber infrastructure). A small number{{how many?|date=September 2019}} of alarm systems manufacturers provide a simple way to monitor the optical fiber for physical intrusion. There is also a proven solution that utilizes existing unused fiber (dark fiber) in a multi-strand cable for the purpose of creating an alarm system.

In the alarmed cable scenario, the sensing mechanism uses optical interferometry in which modally dispersive coherent light traveling through the multi-mode fiber mixes at the fiber's terminus, resulting in a characteristic pattern of light and dark splotches called a speckle pattern. The laser speckle is stable as long as the fiber remains immobile, but flickers when the fiber is vibrated. A fiber-optic sensor works by measuring the time dependence of this speckle pattern and applying digital signal processing to the fast Fourier transform (FFT) of the temporal data. <ref>{{cite news |last1=Herry |first1=Mike |title=Galaxus |url=https://www.galaxus.de/ |access-date=24 May 2024}}</ref>

While standard encryption protects the digital information, the raw optical signal can still be recorded via a tap and potentially decrypted later. Newer physical-layer countermeasures, known as photonic layer security (PLS) or optical steganography, are designed to prevent the recording of the signal entirely.

These systems disperse the data signal across the optical spectrum or mask it as background noise (low probability of intercept).<ref>{{cite journal |author1-link=Dan Sadot |last1=Sadot |first1=Dan |title=Photonic Layer Security in High-Speed Optical Communications |journal=Journal of Lightwave Technology |volume=43 |issue=4 |pages=1671–1677 |year=2025 |publisher=IEEE |doi=10.1109/JLT.2024.3522110 |url=https://ieeexplore.ieee.org/abstract/document/10812060}}</ref><ref>{{cite journal |last1=Wohlgemuth |first1=Eyal |display-authors=et al |title=Stealth and secured optical coherent transmission using a gain switched frequency comb and multi-homodyne coherent detection |journal=Optics Express |volume=29 |issue=24 |pages=40462-40475 |year=2021 |url=https://opg.optica.org/oe/fulltext.cfm?uri=oe-29-24-40462}}</ref> Without the matching optical key to reconstruct the waveform in real-time, a tap detects only static, rendering the harvested data useless. Because no valid signal can be stored, these systems provide resilience against future decryption threats, including attacks by quantum computers.<ref>{{cite journal |title=Cryptanalysis of Practical Optical Layer Security Based on Phase Masking of Mode-Locked Lasers and Multi-Homodyne Coherent Detection |journal=Journal of Lightwave Technology |volume=42 |issue=19 |year=2024 |pages=6712-6730 |publisher=IEEE |url=https://ieeexplore.ieee.org/document/10551430}}</ref> Recent implementations have demonstrated this protection on high-speed (100 Gbit/s) links over legacy networks.<ref>{{cite conference |title=Photonic Layer Security Transmission of 100 Gbit/sec Over 200 km of Populated Legacy WDM Network |book-title=2025 International Conference on Optical Network Design and Modeling (ONDM) |year=2025 |publisher=IEEE |url=https://ieeexplore.ieee.org/abstract/document/11029372}}</ref>

The U.S. government has been concerned about the tapping threat for many years. In the context of classified information on United States Department of Defense (DOD) networks, protective distribution system (PDS) is a set of military instructions and guidelines for network physical protection. PDS is defined as a system of carriers (e.g. raceways, conduits, or ducts) used to distribute military and national security information between two or more controlled areas, or from a controlled area through an area of lesser classification, i.e., outside the sensitive compartmented information facility (SCIF) or other similar area. PDS provides guidance for the protection of SIPRNet wire line and optical fiber to transmit unencrypted classified information.

== See also == * NSA fiber-optic tapping

==References== {{reflist}}

Category:Fiber optics Category:Espionage techniques Category:Telecommunications equipment

==External links== * [http://www.hisutton.com/Undersea_Cables.html HI Sutton article on undersea cable tapping] * [https://www.gpon.com/how-gpon-works Passive Optical Network Security]