Shulou(Shulou.com)06/01 Report--

At present, our country has made great progress in the field of quantum informatics, and there have been a lot of media reports, but I have found that the description of quantum encryption in some press releases is incorrect, for example, quantum computers can crack all the encryption algorithms currently used.

Encryption algorithms are divided into symmetric encryption and asymmetric encryption. The working principle of quantum computer determines that it is easy to crack RSA (which belongs to asymmetric encryption algorithm), but symmetric encryption algorithm is still secure (such as one encryption at a time).

One of the several experiments carried by the Mozi satellite is "quantum key distribution", which, as can be seen from the name, uses the principles of quantum mechanics to ensure the security of the "symmetric key distribution" process (strictly speaking, quantum key agreement). After both sides of the communication get the same key, the encryption algorithm is still a symmetric encryption algorithm. So this is the process of combining quantum key distribution with classical cryptosystem.

Give an example.

Yu Zecheng lurks in Taiwan. Taiwan-Xiamen uses encrypted telegram communications, Xiamen encrypts with key 123, Yu Zecheng uses 123 to decrypt, and vice versa. This kind of encryption is called "symmetric encryption", in which both encryption and decryption use the same key.

But the question is, how do Xiamen and Taiwan agree on the same key 123? Call and tell Yu Zecheng? Write a letter? Network transmission? Neither, because symmetric passwords cannot be transmitted through public channels, otherwise they will be stolen.

So the password is transmitted in the secret channel established by the powerful organs of the state, and the password is written in a book, which is called the "password book". Pass the password book to Yu Zecheng (key distribution) through the security channel, and use the same password book while using the same password to encrypt / decrypt it.

But there is still a problem, this channel is maintained by manpower, and the factor of "people" is unreliable, otherwise there would be no stories about the codebook in spy movies.

Therefore, even if the symmetric encryption algorithm itself is impeccable (the one-secret algorithm at a time has been proved by Shannon to be absolutely secure), because the delivery channel of the symmetric key is not secure, so symmetric encryption still can not be called absolute security (but can achieve relative security, that is, "conditional" security).

Before the advent of the Internet, "encryption" was only applied to the government and security departments, and had nothing to do with the lives of ordinary people, so the secret channel maintained by manpower was still feasible, but after the emergence of the Internet, encryption technology began to be widely used and entered into people's production and life. For example, our payment behavior on the network involves identity authentication and data encryption.

In this case, the distribution of symmetrical passwords has become a big problem. Imagine that the two people chatting on Wangwang are doing business. Since it is a commercial activity, their information exchange is a trade secret and needs to be encrypted.

But how do these two people discuss the same encryption key? call? Text messages? Network transmission? Neither, these two people are far apart, do not know each other, and will never meet, and it is virtually impossible for them to negotiate the same key (based on the identity of ordinary people, it is impossible to use the secret channel established by the state to transfer the key).

In view of this, the Internet uses an ingenious algorithm proposed by Field Diffie and Martin Herman, which can securely pass symmetric passwords over insecure public channels (strictly speaking, not "pass", but "negotiate". Because the password is not generated in advance and transmitted to each other, but calculated independently by both sides, and perfectly identical) In the process of negotiation, two other keys are needed: the public key and the private key, which is the DH algorithm (Diffie-Herman key exchange), and then the RSA algorithm is derived from the DH algorithm (which belongs to the asymmetric encryption algorithm).

Thus it can be seen that the security of network encryption is guaranteed by both symmetric encryption and asymmetric encryption-the symmetric encryption algorithm is responsible for the data encryption itself, and the asymmetric encryption algorithm is responsible for transmitting the symmetric key.

Since these two kinds of algorithms are teammates to ensure the security of communications, if one side becomes a pig teammate, the other side will shout to cheat.

The party that may become a pig teammate has shown signs of failure, that is, the DH and RSA algorithms.

Just imagine, if the DH algorithm is compromised and the symmetric key is eavesdropped and restored to plaintext during transmission, then subsequent symmetric encryption is meaningless.

The next question is: is the DH algorithm secure? Is the asymmetric encryption algorithm secure?

In fact, the security of asymmetric encryption has never been proved mathematically, just because the amount of computation for factorization of large primes is too large to exceed the capacity of current computers (according to statistics in 1994, it takes 10 ^ 25 years for 1000-bit RSA to crack, that is, the age of the universe), so the security of asymmetric encryption algorithms such as DH,RSA is based on engineering rather than mathematics. (in other words, as mentioned above, the security of RSA is also "conditional" for secure channels maintained by manpower.)

But the engineering problems will be solved sooner or later with the progress of technology, and asymmetric encryption is one of the unlucky ones. After the practical application of quantum computer, its powerful parallel computing ability can enumerate the private keys of DH and RSA in a very short time, which leads to the collapse of the current PKI encryption system used on the Internet.

How to avoid this potential disaster? Attack your own shield with your own spear and win with your shield! Also use the principle of quantum mechanics to ensure the security of random key transmission (that is, quantum key distribution).

Therefore, the encryption algorithm is absolutely secure (one secret at a time) and the key transfer process is absolutely secure (quantum key distribution). The former is an old technology and the latter is a new technology. the combination of the two achieves the ultimate goal of cryptography: unconditional security. this is what the news headlines say: absolutely secure quantum communication.

Note that, in context, "quantum communication" here does not refer to communication using the principles of quantum mechanics, but to the distribution (negotiation) of symmetric keys using the principles of quantum mechanics.

In previous experiments, the physical layer of quantum key distribution was optical fiber, while Mozi was distributed directly through the atmosphere using satellites.

The quantum computer can crack the RSA, but it can't crack the unconditionally safe one-at-a-time secret in the algorithm. If you want to enumerate this algorithm, even the quantum computer will have to calculate to the end of the universe (and can't figure it out), so using one secret at a time can resist the quantum computer.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.