翻譯練習:Google is working to safeguard Chrome from quantum computers

本篇為翻譯練習,原文轉自:
http://www.theverge.com/2016/7/7/12120280/google-chrome-canary-quantum-computing-encryption-new-hope

Google is working to safeguard Chrome from quantum computers

Using software called the New Hope algorithm

Google 正試圖透過 New Hope 演算法保護 Chrome 不被量子電腦威脅

Google 今日公布他們正藉由在瀏覽器上執行實驗性質的後量子密碼學,來努力保護 Chrome 瀏覽器不受量子電腦帶來的潛藏威脅所影響。儘管存在能抵禦量子電腦極強大運算能力的硬體,Google 仍使用了所謂的「後量子金鑰交換演算法」,而這個被他們稱作「New Hope」的演算法,已在用以測試新型瀏覽器技術的 Google Canary 上啟用,然而僅應用於少部分瀏覽器與 Google 伺服器之間的通訊。

Although quantum computers of this variety are only small and experimental at this stage, Google is taking precautions for the worst case scenario. “While they will, no doubt, be of huge benefit in some areas of study, some of the problems that they [quantum computers] are effective at solving are the ones that we use to secure digital communications,” writes Matt Braithwaite, a Google software engineer, in a blog post. “Specifically, if large quantum computers can be built then they may be able to break the asymmetric cryptographic primitives that are currently used in TLS, the security protocol behind HTTPS.” In other words, quantum computers could undermine the security of the entire internet.

即便現階段這種量子電腦規模還很小且僅具實驗性質,但 Google 已開始在為可能發生的最糟情況作準備,「量子電腦雖無庸置疑地能為某些學術領域帶來巨大效益,但其中有些它能高效解決的運算,正是目前我們仰賴以確保數位通訊安全的根本。」一位 Google 軟體工程師 Matt Braithwaite 在他的部落格中寫到。「具體而言,倘若大型量子電腦真的被成功實作出來的話,將可能破壞非對稱密碼系統,並對現行 HTTPS 背後的安全協定 TLS 造成影響。」也就是說,量子電腦可能會重新定義整個網路世界的安全性。

QUANTUM COMPUTERS PUT ALL ENCRYPTED INTERNET COMMUNICATION AT RISK

量子電腦將令加密連線暴露在風險之中

Quantum computers promise computational power far exceeding today’s standards by taking advantage of the underpinning physics discipline. So the presence of a hypothetical future quantum computer, Braithwaite adds, puts at risk any and all encrypted internet communication past or present. It’s unclear how secure New Hope will prove to be for Chrome, and Braithwaite admits it could be less secure than its existing encryption. But Google says New Hope — developed by researchers Erdem Alkim, Léo Ducas, Thomas Pöppelmann and Peter Schwabe — was the most promising of all post-quantum key-exchange software it looked into last year.

由於採用了物理學科的優點,量子電腦擁有遠超出今日電腦標準的運算能力,故 Braithwaite 也補充道,如想像中的量子電腦真的出現,那麼無論是過去或現在的任何加密傳輸資訊,都將暴露在風險之中。目前尚未證實 New Hope 能為 Chorme 帶來多高的安全性,甚至 Braithwaite 亦承認 New Hope 有可能比原先的加密方式更不安全,然而 Google 表示,從去年到現在為止的資料看起來,由 Erdem Alkim、Léo Ducas、Thomas Pöppelmann 及 Peter Schwabe 這四位研究者所開發的這個演算法,已是前景最被看好的一種後量子金鑰交換軟體了。

GOOGLE PLANS TO DISCONTINUE THE PROJECT WITHIN TWO YEARS

Google 計畫於兩年內終止 New Hope 計畫

The plan is not to create a standard for others to adopt, but to gather information and experience on how to deploy post-quantum cryptography. So Google will discontinue the use of New Hope within two years, hopefully by replacing it with something better, the company says.

New Hope 計畫的目的並不在於創造一個新的標準,以供其他人使用,而是蒐集相關資料及增加使用後量子密碼的經驗。因此,Google 表示將在兩年之內停止使用 New Hope,並期待能提出一個更好的方案來取代它。

Canary users can check if the algorithm is being used on certain domains by opening up Google’s Security Panel developer tool and looking for “CECPQ1” under the key exchange row.

Canary 的使用者若想檢查與特定域名的連線是否有使用 New Hope,可以透過開啟 Google 的安全面板這個開發者工具,並於 Key Exchange 下查看「CEPQ1」的相關狀態。


Originally published at blog.pineapplekao.tw on February 24, 2017.