直面量子計算威脅 數字貨幣在對抗中成長

　　“這與‘矛’和‘盾’一樣，隻要有盾，就一定有矛……”日前，華為公司創始人、首席執行官任正非在談及信息安全時如是說。

“It's like a spear and a shield, but with a shield, there must be a spear...” Even before, China was the founder and chief executive of the company when it was talking about information security.

　　任正非口中的“矛”和“盾”，分別指的是基於區塊鏈加密技術的數字貨幣和基於量子計算機的破譯密碼技術。

The difference between a spear and a shield is a digital currency based on block-chain encryption techniques and a password based on a quantum calculator.

　　那麼，到底是“矛”更尖銳，還是“盾”更堅固呢？當兩者相遇，又會發生什麼？

So, is the spear sharper, or is the shield stronger? What happens when the two meet?

　　對此，中國科學技術大學中國科學院量子信息重點實驗室教授韓正甫近日對科技日報記者表示，區塊鏈主要是用非對稱加密算法來保護數字貨幣安全，而量子計算機以其無可比擬的計算能力，對上述加密算法形成威脅，使之可能被破解。

In response, the Chinese Academy of Science of the China University of Science and Technology, Professor Han Jong-il, recently stated to the science journal that the chain was primarily based on an asymmetric encryption algorithm to protect digital currency security, and that the quantum calculator, with its incomparable computing ability, threatened to decipher these encryption algorithms.

　　“通俗來說，為抵抗量子計算，加密算法需編制得更‘堅固’﹔為破解加密算法，量子計算機的性能需要更強勁。未來，構造數字貨幣的加密算法將與量子計算展開博弈，兩者間或有一戰。”韓正甫說。

“In general, encryption algorithms need to be made more `harder' to resist quantum calculations; in order to crack encryption algorithms, quantum calculators need to be more robust. In the future, encryption algorithms that construct digital currency will have a game with quantum calculations, and there may be a war between the two.” The Prime Minister said.

　　強大算力對加密算法構成威脅

Powerful algorithms pose a threat to encryption algorithms.

　　“到目前為止，業界對數字貨幣的定義尚未形成一個統一的標准。”從事區塊鏈平台開發、建設與運營工作的微觀（天津）科技發展有限公司首席運營官石卓對科技日報記者說，從廣義上來講，數字貨幣泛指一切以電子形式存在的貨幣，而狹義的數字貨幣一般特指以區塊鏈加密技術為基礎的密碼貨幣，即區塊鏈貨幣。如今，在“幣圈”比較流行的比特幣、以太幣、瑞波幣、萊特幣等，指的都是區塊鏈貨幣。

“To date, industry has not yet established a single standard for the definition of digit currencies.” The chief operator, Shizuru, of Micro-Tianjin Technology Development (Tianjin) Ltd., which operates from sector chain platforms, has said to the technology daily that, in general terms, digit currencies refer to all currency in electronic form, whereas the digitized currency is typically a code currency based on sector chain encryption techniques, i.e. a regional chain currency.

　　“可以說，比特幣是數字貨幣的鼻祖，目前市場上的數字貨幣種類不少，但通常都是基於區塊鏈技術，只是在技術細節上存在些許不同。”石卓介紹說，區塊鏈因具有去中心化、不可篡改的特性而被廣泛接受，它奠定了公眾對數字資產的信任。而量子計算技術，可能會威脅作為區塊鏈安全支柱的非對稱加密算法的完整性，業界對此頗為憂慮。

“It can be said that bitcoins are the nostalgia of digital currency, which is currently available in the market, but are usually based on block-link technology, which is somewhat different in technical detail.” Ishizu explained that the chain is widely accepted because of its decentralised and non-alterable character, which establishes public confidence in digital property. And quantum computing techniques may threaten the integrity of the non-reciprocal encryption algorithms that serve as the backbone of chain security, which is a source of concern for the industry.

　　這種威脅，主要來自量子計算機強大的計算能力。韓正甫介紹說，當前的密碼科學其本質就是數學，多數密碼其實就是由復雜模型轉化成的數學難題。比如，RSA密碼利用的就是簡單乘法。“舉例來說，127×733=93091，這是個簡單的乘法等式，如果有人能很快推算出93091是127和733的乘積，那這個密碼就被破解了。若乘積是一個100位的數字，那從這個乘積去倒推它是哪兩個數的乘積，就是一個非常復雜的問題。”韓正甫說。

For example, RSA passwords use simple multipliers. “As an example, 127 x 733 = 93091, this is a simple multiplier equation, and if someone can quickly calculate that 93091 is a factor of 127 and 733, the code is broken. If the combination is a 100-digit number, then the multiplying of the two numbers is a very complicated question.”

　　“區塊鏈加密技術，主要採用的是非對稱加密算法。在非對稱密碼中，加密和解密用的‘鑰匙’是不同的，通常一個是公開的，被稱為公鑰﹔另一個是保密的，被稱為私鑰。公鑰與私鑰是一對，它們都是用算法生成的，如果用公鑰對數據進行加密，那麼隻有用對應的私鑰才能解密。如果給出私鑰，很容易就能推導出其對應的公鑰，但私鑰一般都是保密的，用公鑰反向推導私鑰則十分困難，計算過程會特別復雜，這就是比特幣安全的原因。”韓正甫說。

The key for encryption and declassification is different in non-symmetrical passwords, usually one is public and is called a public key; the other is classified and private. The key and the private key are both generated by algorithms, and if encryption with public key logs is used, it is a private key that can be deciphered. If a private key is given, it is easy to deduce the key to its response, but the private key is usually classified, and it is very difficult to reverse the push of private keys with a public key, which is especially complicated to calculate the process, which is the reason for the special currency's security.

　　韓正甫介紹道，以前設計的密碼都是抗電子計算機破解的，傳統電子計算機需要一步步去求解，這種計算方式叫串行計算。有時為求解一個數值，電子計算機可能要算上萬年，這樣就在一定程度上保証了密碼的安全性。

He introduced the fact that the previously designed codes had been broken by an electron computer, which used to be a step-by-step solution called serial computing. Sometimes, to solve a value, an electron computer could count for thousands of years, thereby providing some assurance of the security of the password.

　　然而，這道計算難題，似乎能被量子計算機破解。量子計算機採用的是並行計算機制，即多步驟同時進行，這樣計算速度就比電子計算機的串行計算機制快很多，特別是在處理復雜問題上。

However, this calculation is difficult and seems to be decoded by the quantum calculator. The quantum calculator uses a parallel system, that is, multiple steps at the same time, so that the calculation is much faster than the serial calculator, especially in dealing with complications.

　　“借助量子計算機，從公鑰反向推導私鑰，計算難度有望被大大降低。以前，用傳統電子計算機需要經過上萬年才能破解的密碼，可能量子計算機3天就能將其破解，從理論上說，量子計算機是非對稱加密算法當前遇到的最大‘敵人’。”韓正甫說。

“Arithmetic difficulties are expected to be greatly reduced by using quantum calculators to push private keys backwards. Previously, using conventional electron calculators, which took thousands of years to decipher a password, the quantum calculator might be able to decipher it in three days. The quantum calculator is, theoretically speaking, the largest “enemy” encountered before it was called encryption algorithms.

　　量子計算軟件尚難攻破“幣門”

Quantum Calculator software is hard to break through.

　　“想要破解密碼，光有量子計算機這個硬件不行，還需要軟件，即解密算法，需‘軟硬兼施’，兩者缺一不可。目前一般認為，肖爾算法和格羅弗算法，這兩種解密算法，是公認的量子計算算法。”韓正甫說。

“To decipher the password, not just the hardware of the quantum calculator, but also the software, i.e., the decryption algorithm, which requires `soft and hard application', one less than the other. It is now generally believed that the Shawr and Grover algorithms are the accepted quantum algorithms.

　　為比特幣提供安全保障的，主要是兩類密碼：一個是在“挖幣”過程中使用的哈希算法密碼，另一個是在區塊鏈上提供數字簽名的算法密碼。在“挖幣”時，哈希算法會為每個區塊計算出一個隨機數，這個過程所得到的結果極易被驗証，但很難被破解者找到。

There are two main kinds of passwords that provide security for Bitcoins: the Hashi algorithm code used in the process of “digging” and the algorithm code that provides digital signatures on the chain. In the case of “digging”, the Hashi algorithm calculates a random number for each block, and the results of the process are very easy to prove, but it is difficult for the decipher to find.

　　“從理論上來說，量子計算機可破解目前正在使用的一些傳統密碼，但具體怎麼破解，目前還沒有成功的案例。不過，肖爾算法是最早被証明可在量子計算機上破解非對稱加密算法的解密算法。”韓正甫介紹道，早在1995年，肖爾算法的研制者——數學家彼得·肖爾就宣布，如果有量子計算機，他就可破解當時普遍使用的非對稱密碼——RSA密碼。

“Theoretically, quantum calculators can decipher some of the traditional passwords currently in use, but there are no successful cases of how. However, the Shaw algorithm was the first to prove that it was possible to decipher the non-reciprocal encryption algorithms on the quantum calculators.” As early as 1995, the developer of Schol algorithms, Peter Schole, announced that if there were quantum calculators, he could decipher the non-symmetric code that was commonly used at the time, RSA passwords.

　　不過，目前肖爾算法還難以“對抗”哈希算法，格羅弗算法也尚難對基於區塊鏈技術的密碼構成太大的威脅。可是，因為肖爾算法和格羅弗算法是公開的，所以數字貨幣的研發者，在設計時就會有意避開它們。“截至目前，雖然沒有人能破解哈希算法，但也不能說哈希算法是量子計算機不能破解的。”韓正甫補充道。

However, at this point it is difficult for Shaw's algorithms to “oppose” the Hashi algorithms, and for Grover's algorithms to create too much threat to codes based on block-link technology. But, because Shaw's algorithms and Grover's algorithms are publicly available, the developers of digital currency will deliberately avoid them when designing them. “To date, no one has been able to break the Hashi algorithms, but it cannot be said that the Hashi algorithms cannot be broken.”

　　“除了哈希算法和簽名算法，未來數字貨幣還可能會應用其他的密碼技術。如果數字貨幣設計得不好，不用量子計算機，傳統計算機也能將其瓦解。”韓正甫說，隨著計算方法和技術的進步，目前未被破解的密碼難題，未來也可能會被數學家攻克。

“In addition to Hashi algorithms and signature algorithms, future digital currencies may apply other password techniques. If the digital currency is poorly designed, and does not use a quantum calculator, the conventional calculator can break it.” According to Han, as computing methods and techniques progress, the password is currently difficult to solve, and the future may be overridden by the mathematicians.

　　雙方處於博弈狀態 互推彼此進步

Both sides are playing games, moving each other forward.

　　數學家們在積極尋找破譯密碼的“鑰匙”時，密碼學專家也在積極尋找對抗量子計算機的“武器”。

While mathematicians are actively looking for the key to deciphering the password, cryptography specialists are also actively looking for the weapon against the counter-calculator.

　　“目前，已有一些有望對抗量子計算的候選密碼。”韓正甫說，比如格密碼，它雖然已有幾十年的歷史，但是由於其在數學計算方面的難度較大，因此一直未被當作密碼進行開發、利用。不過，由於量子計算機實在強大，它對密碼的攻擊是釜底抽薪式的，各種密碼在它面前都很容易露出破綻。在這種情況下，格密碼又重新被科學家“挖掘”出來，目前正在被重新設計，希望用它來抵御量子計算機的威脅。

“To date, there are a number of candidate codes that are expected to be used for countermeasures.” He says, for example, the grid password, which has been “excavated” by scientists for decades, has not been developed and used as a password because of its greater difficulty in math calculations. But, because the quantum calculator is strong, it attacks the code in a pan bottom-drawn-up form, and all the passwords are easily exposed to it. In this case, the code has been “excavated” by scientists and is being redesigned in the hope that it will be used to counter the threat posed by the quantum calculator.

　　石卓表示，還有人認為，應用多種密碼聯合機制，是可以抵抗量子計算機攻擊的。例如，基於哈希算法的密碼、基於糾錯碼的密碼、基於格的密碼、多變量二次方程組密碼等，可將它們聯合起來進行使用。但這種方法，因其秘鑰長度過長、簽名信息十分冗長以及運算時間過長，並不適用於數字貨幣。但未來可通過技術迭代，補足這些技術短板，用多種密碼聯合機制研發可抵御量子計算機攻擊的數字貨幣。

Shizdra suggests that multiple combinations of passwords are considered to be resistant to a quantum computer attack. For example, codes based on Hashi algorithms, codes based on error codes, codes based on multiple grids, multivariate equations, etc. can be combined for use. But this method, which is not suitable for digital currency because of the length of the key, the redundancy of signature information, and the length of time spent on calculating it, is not suitable for digital currency.

　　除了運用技術手段，任正非表示，數字貨幣的安全，最終還要依靠法律來保障。“為什麼假幣不能流通？是因為一發現假幣，警察就要去抓你，抓住你就找到了源頭，處在源頭的人就可能要被判刑。在法律的威懾下，假幣不可能流通，貨幣安全就能夠得到保障。因此，信息安全首先是個技術問題，但最終解決還是要靠法律。”任正非說。

In addition to using technical means, let's say that the security of the digital currency is ultimately guaranteed by the law. “Why can't the counterfeit currency circulate? As soon as you find it, the police are going to arrest you, grab you and find the source, and the person at the source is likely to be sentenced. Under the authority of the law, the counterfeit currency cannot circulate, and its security can be guaranteed. Therefore, information security is a technical problem first, but ultimately the law is the way to solve it.”

　　“截至目前，量子計算機還未被真正研制出來，這些抗量子計算的密碼研究也都處在起步階段。”韓正甫說。

“To date, the quantum calculator has not been really developed, and these passphrase studies of the counterweight calculators are at the start stage.” The Prime Minister said.

　　石卓也表示，量子計算機距離真正成熟還需要一段較長的時間，在此期間，區塊鏈的加密算法也會不斷迭代、升級，雙方都處在博弈狀態中，共同推動彼此技術的進步和發展。（陳曦）

Shizuru also said that it would take a longer time for the quantum calculator to really mature, during which time the cryptography of the chain would be repeated and upgraded, and both sides would be in a game-like state, moving forward and developing each other’s technology together. (Chanting)