量子计算来袭,我们还有隐私可言么? | 经济学人社论
1
为了更好的保护我们的原创,从0603起我们做了以下改变:
1.公众号:一天一篇经济学人只放双语译文
2. 公众号:一天一篇外刊翻译放思维导图(审稿漫谈)、感想、译文用超链链接到此号
多有不便请各位多多包涵
请大家关注公众号:一天一篇外刊翻译
Leaders | Post-quantum solace
社论 | 后量子加密技术为未来数据安全注入一剂安慰药
What to do now about tomorrow’s code-cracking computers
对于未来的解码计算机,人们当下该何去何从?
A future-proof way to encrypt sensitive data is now available. Put it to use
面向未来的敏感数据加密方法应运而生,是时候将其投入使用了。
Hacking and data breaches are a cost of doing business. One defence is to use encryption, but in the fast-approaching era of quantum computers that defence will fail.
经商创业难免会遭到黑客攻击与数据泄露。防御措施之一是采用加密技术,但在即将到来的量子计算机时代中,这种措施将会失效。
When quantum computers reach their potential, decades of secret intelligence, credit-card details, intellectual property and military and medical data will become as easy to read as the words before your eyes. The world will suffer the broadest, deepest hack in history.
在量子计算机充分发挥潜能后,人们便可以易如反掌地浏览数十年累积的秘密情报、信用卡的详细信息、知识产权以及军事与医疗数据,就如同你阅读眼前的文字一般轻松。到那时,世界将会遭受史上波及范围最广、影响程度最深的黑客袭击。
Now researchers at the National Institute of Standards and Technology (NIST), America’s standards agency, have shown how to avert at least some of that catastrophe. Governments, business leaders and software vendors should pay heed.
美国国家标准与技术研究院(NIST)是一家标准化机构,其研究人员已经提出应对这一灾难的方法,至少可以避免一部分祸患。各国政府、商业领袖与软件厂商应对此予以关注。
Cryptography protocols involve calculations that are harder to undo than do. For instance, it is easy to multiply two big prime numbers together, but impossibly time-consuming to get back the primes from the answer. If both sender and receiver know one of the primes, they can decrypt a message that is uncrackable to everyone else.
对于密码协议涉及的计算,逆向计算比正向计算更加困难。举个例子,将两个大质数相乘非常简单,但如果从已知积倒推两个相乘的质数,就会极其耗时。如果数据发送端和接收端已知其中一个质数,那么两端就可以破译对其他人来说无法破译的信息。
Quantum computers turn some of the probabilistic, simultaneously here-and-there weirdness of quantum physics into number-crunching elegance. Their powers will be limited to a smallish class of problems; it is an unfortunate coincidence that one of them is unscrambling the calculations in the defence behind which the entire digital economy has been built.
量子计算机将量子力学中一些概率性的、同时出现在不同地方的怪异现象转化为数据处理的优雅艺术。量子计算机的算力能解决的问题类别非常有限;这其中刚好包括解开整个数字经济所依赖的防御计算,真是个不巧的巧合。
This coincidence could not be more consequential. Encrypted information is sent round the world with abandon. Be in no doubt that some is being warehoused for decryption tomorrow by malefactors awaiting a quantum-computing future. Progress towards that future is relentless, and not only because some people want to crack the internet. Pursuits ranging from machine-learning and logistics to portfolio management and drug development are ripe for a quantum boost.
这一巧合带来的影响无比深远。加密信息在全球范围内肆意传播,而且毫无疑问,部分信息正被不法分子储存起来,留待量子计算时代解密。迈向这一未来的脚步永不停歇,不单单是因为有些人想要破解互联网。从机器学习到物流产业,从投资组合管理到药物研发,这些领域发展获得量子计算机助力的时机已然成熟。
No surprise, then, that some of the world’s largest firms are in the race. Advances in both quantum machines and the error-correcting and number-crunching algorithms that run on them spill out regularly. The code-cracking threshold may be some years away, but it is rapidly drawing closer. Perhaps a university laboratory will cross the line, or one of the many startups now being launched, or spooks in China or America. A breakthrough may not even make the headlines: it confers a power worth more than good PR.
因此,一些世界大型公司也加入这场竞争就不足为奇了。每隔一段时间,量子计算机以及借助其运行的纠错和数字运算算法就会取得新的进步。要跨越密码破解的那道门槛也许还需要几年时间,但相关方面进展神速。也许某所大学的实验室,或者是众多即将成立的创业公司中的一家,又或者是中国或美国的情报机构会率先实现这一目标。突破性进展甚至可能不会成为新闻头条,毕竟它赋予的价值是再好的公关运作也难以体现的。
Computer-scientist types have therefore been hard at work conjuring “post-quantum cryptography” (PQC) protocols: new encryption mathematics that outpaces the capabilities even of quantum machines. None has yet become a trusted standard, but now NIST has picked a set of recipes that have survived years of tyre-kicking.
因此,计算机科学家们一直在努力创造“后量子密码学(PQC)”协议:采用全新加密数学方法,其解密难度甚至超出了量子计算机运算能力。目前还没有任何一项协议能够成为可信标准,但现在美国国家标准与技术研究院已经挑选出一套经过初步检验的指导方针。
The imprimatur of a world-renowned standards body should be enough to start a general shift to PQC. That should begin today, as it will take time for the new protocols to supplant the old techniques. Big software vendors will pick up the bulk of the task, building the protocols into the programs and platforms they offer, and behind-the-scenes gatekeepers such as the Internet Engineering Task Force will help the spread. But smaller operations that do not truck in commercial software, such as boutique data dealers, defence contractors and the like, will also have to get their spanners out. Eventually the new standards must percolate through every device and service that transmits encrypted data—every browser tab, every nuclear facility, every payment gizmo, every military digital radio.
世界知名标准组织的认可,应该能够为全面转向“后量子密码学”协议提供充分条件。而且转变应该从现在就开始,因为新协议要取代旧技术还需要时间。大型软件供应商将承担大部分任务,将协议构建到他们提供的程序和平台中,而互联网工程任务组等幕后把关者将助力推广协议。但那些不使用商业软件的小型企业,如精品数据经销商、防御承包商等,也将不得不加入其中。最终,新标准定会渗透到所有传输加密数据的设备和服务中——每一个浏览器标签,每一处核设施,每一种支付工具以及每一台军用数字收音机。
This is more than just a matter of bottom-covering and locking down data in danger of being hoovered up by tomorrow’s quantum-enabled hackers. Given how long the transition will take (and the certainty, acquired from bitter experience, that many will drag their feet), early adopters will enjoy an advantage. “PQC-ready” should become a selling-point.
面对未来数据被量子黑客大量窃取的威胁,上述转变的意义不仅在于安全兜底和数据锁定。鉴于转向“后量子密码学”需要很长一段时间的过渡(而且惨痛的教训告诉我们,必然会有许多参与者步履犹疑),早期这类协议的使用者将享有优势。“可使用PQC技术加密(PQC-ready)”应该成为一个卖点。
注释:
hoover sth up: If someone hoovers something up, they eat, receive, or use it in large amounts. [informal]
A bit of cryptographic agility will prove advantageous in the long run, too. NIST’s new standards are unlikely to be the last, as quantum computers’ strengths develop and protocols are tested to destruction in the white-hat hackers’ white-hot heat. Organisations should learn how to become nimble now so that they can slot in new equations later.
长远看来,加密灵活一点也是有益的。随着量子计算机的发展、加密协议在白帽黑客的白热化攻击测试中被瓦解,美国国家标准与技术研究院的新标准不太可能是最终协议标准。现在,各大机构应该学会如何灵活应对,以适应今后的新标准。
注释:白帽黑客指站在黑客的立场攻击自己的系统以进行安全漏洞排查的程序员。他们用的是黑客(一般指“黑帽黑客”)惯用的破坏攻击的方法,行的却是维护安全之事。
For decades the security-minded had little need to worry about cryptographic protocols, which were the best defence within the only existing computer architecture. Now that old architecture has a rival. Most who implement PQC will not see any difference, and have no need to fuss with the 600-digit numbers in use today. They should, however, sleep a little easier.
数十年来,密码协议曾是仅有的计算机架构内的最佳防御手段,有了它,防御人员几乎可以高枕无忧。现在,这一旧架构有了新对手。对大多数人来说,使用“后量子密码学”协议后不会看到任何变化,也不必为目前使用的600位数字协议寝食难安。但新协议兴许能让他们睡得更踏实一些。
注释:
fuss: If you fuss, you worry or behave in a nervous, anxious way about unimportant matters or rush around doing unnecessary things.
3
03 早起打卡营
第52期五点半早起打卡营
和
最新评论
推荐文章
作者最新文章
你可能感兴趣的文章
Copyright Disclaimer: The copyright of contents (including texts, images, videos and audios) posted above belong to the User who shared or the third-party website which the User shared from. If you found your copyright have been infringed, please send a DMCA takedown notice to [email protected]. For more detail of the source, please click on the button "Read Original Post" below. For other communications, please send to [email protected].
版权声明:以上内容为用户推荐收藏至CareerEngine平台,其内容(含文字、图片、视频、音频等)及知识版权均属用户或用户转发自的第三方网站,如涉嫌侵权,请通知[email protected]进行信息删除。如需查看信息来源,请点击“查看原文”。如需洽谈其它事宜,请联系[email protected]。
版权声明:以上内容为用户推荐收藏至CareerEngine平台,其内容(含文字、图片、视频、音频等)及知识版权均属用户或用户转发自的第三方网站,如涉嫌侵权,请通知[email protected]进行信息删除。如需查看信息来源,请点击“查看原文”。如需洽谈其它事宜,请联系[email protected]。