After receiving the SMS from the Password Administration, I opened a new world

A password, an algorithm used to perform encryption or decryption, may exist to protect a piece of information, protect precious property, or just to protect personal privacy.

Since ancient times, only intrusion can be protected. In order to achieve more stringent protection, the research and setting methods of passwords have been updated. In order to better manage the cryptographic system and gather cryptographic talents, many countries have set up specialized cryptographic management agencies, but their job is not to intercept nuclear weapons to save the world, as in movies.

What are the "cryptographic authorities" doing?

October 26 was an ordinary day, but the Cryptography Administration felt it was not ordinary. On this day, the password management bureaus in different regions of the country sent out promotional text messages to the public to let more people know that this day is also the first anniversary of the promulgation of the "People's Republic of China Password Law".

Of course, most people are expected to be attracted by the propaganda party of this short message, the "Password Administration." Do we still have such a bureau? What organization is this? What do they usually do?

Was it intercepting segments of code and deciphering information like "The Wind", "Bletchley Four" and "Imitation Game"? Or is it to crack the password through layers of interlocking digital information like today's "Internet Mystery Trail" and "Mission Impossible"? Or is it to deconstruct the language system from scratch with cryptography like "Arrival"?

▲ Picture from: "Imitation Game"

If you have more and more mysterious imaginations about the Password Administration, the greater the impact you will be exposed to when you open their official website. Because their official website is very "party and government agency style," although the organization itself is a state organization. But having an official website seems very unmysterious. It is no different from other official websites. Unlike the mysterious institutions in movies, they can only live in legends.

In fact, this organization is indeed mysterious, and they will even take the initiative to let more people know. Not only does it send text messages to promote cryptography that is highly relevant to the administration, but also take to the streets to promote cryptography, and organize forums to popularize more cryptography related content.

The most relevant part of their work and ordinary people is lower-level science popularization. It is their goal to allow people to correctly understand the password, understand the role of the password, use the password legally, and enhance the password security awareness. If the Password Administration makes you feel very grounded, it is probably that you have caught up with their popular science activities. They also have a dedicated account on the Qiangguo app, popular science content, and hold password knowledge and policy answering activities.

The Password Administration Bureau is also one of the processing windows for government services.

They will review password-related technologies and services. The import and export of equipment with encryption technology must go through this department; the State Cryptography Bureau also performs the functions of password administration management for encryption research, production, equipment, and sales; and for preventing important information systems On the issue of security risks, planning and managing the national cryptographic infrastructure is also part of the work of the Cryptography Administration.

▲Government services of Guangdong Provincial Password Administration

However, readers who have all kinds of fantasies about the Cryptography Administration should not be sad, because some of the operations of the Cryptography Administration still seem to be very narrative. For example, the Administration will receive the most advanced passwords. After the design of the new generation digital signature algorithm in China It was submitted to the Cryptography Administration, which makes people think of many twists and turns. And the sentence "investigating and punishing password breaches, development and use of passwords in violation of laws and regulations," written in the organization's responsibilities can also make the human brain fill a lot of spy dramas and detective dramas.

It’s just that no matter how exciting the story is, you may not know it.

The password you used is not "password"

On the first anniversary of the promulgation of the "Cryptography Law of the People's Republic of China", this is not the first time that the Cryptography Administration has entered the public eye. Prior to this, the Cryptography Administration had been involved in rumors due to the promulgation of the "Cryptography Law". This incident has made many people aware of this organization that manages passwords.

At that time, "Internet passwords will be managed by the state in order to protect information security." There was a lot of rumors on the Internet. This rumor was not small, but the facts may be quite different from what everyone thought.

First of all, the password you use daily is not actually a "password". If the password you use is "cold", then the password referred to by the Password Administration may be "flu". Although it sounds like one thing, it's actually very different.

Li Guohai, the spokesperson of the State Cryptography Administration, explained when he interpreted the cryptography:

The withdrawal password and website login password we entered are not actually the "password" stipulated in the password law. To be precise, the above-mentioned "passwords" should be called "passwords", which are just the simplest and most basic authentication method. The real "password" is hidden in the secure payment device and in the network system, silently guarding the security of national secret information and protecting the information security of each of us.

In other words, our usual passwords should be said to be passwords, and their essence is actually important information that needs to be protected by a password system. This is completely different from the passwords that the cryptography wants to manage uniformly. Therefore, there is no fear that your passwords will be managed uniformly by the state.

▲ Strictly speaking, the passwords of "Network Lost" are also password information

In the provisions of the Cryptography Law, passwords are divided into three categories: core passwords, ordinary passwords and commercial passwords.

Now we can come to a question for random investigation: Among the above three types of passwords, which one do you use the most? It is estimated that most people will guess the commercial passwords and common passwords most often, but this answer is wrong.

Because core passwords and ordinary passwords are used to protect state secret information, the highest level of the former to protect information is top-secret level, and the highest level of the latter to protect information is confidential level. Among these three types of passwords, only commercial passwords are not used to protect state secret information, but are widely used to protect corporate business secrets, citizens’ personal privacy, etc., electronic signature documents, financial chip cards, value-added tax anti-counterfeiting tax control systems, Resident ID cards, etc. are all commercial passwords, and its impact is not small.

▲ The second-generation resident ID card uses commercial cryptographic chips

Because commercial ciphers are closely related to every citizen, even if commercial ciphers are not used to protect state secret information, some of its related technologies are still state secrets, and the development and use still need to be managed by the State Cryptography Administration.

Quantum cryptography, future cryptography

Today, when information has become one of the most valuable commodities, passwords can be said to be closely related to the economic, political and military destiny of each country. So until now, most of the most cutting-edge cryptographic technology is still concentrated in the government’s confidential information, and even those cryptographers who have made great contributions to this are not known to the outside world, because cryptography is a tool for countries and countries to directly maintain a competitive advantage. .

The organization that manages passwords varies from country to country. The United States is the National Security Agency's cryptography center; the United Kingdom is responsible for this part of the GCHQ (Government Communications Headquarters), Russia is the Federal Special Communications and Information Service Security Agency, formerly FAPSI, and France is responsible for this part of ANSSI (French National Cyber ​​Security Bureau), China is responsible for password management is the Password Administration. Although the name and scope of responsibility of each management organization are different, they do have the responsibility of managing passwords.

One part of password management is to study passwords, and the other part is to ensure that advanced passwords will not be exported. Therefore, on August 28, 2020, the Ministry of Commerce and the Ministry of Science and Technology of China issued an amendment to the "Catalogue of Technologies Prohibited or Restricted from Exporting in China" ("Catalogue for Export Control in 2020"). In this revised version, crypto chip design, implementation technology, and quantum cryptography technology have all been added to the restricted list.

▲ The RSA password was once on the U.S. export ban list, so T-shirts with a few lines of RSA passwords are also on the export ban list. Americans printed constitutional provisions on the back of the T-shirt to protest this

In this restricted list, quantum cryptography is the new cryptography that cryptographers have high hopes for. This is also the code that has the same core principle as "Indeed, quantum mechanics."

In the past, cryptanalysts have been looking for a shortcut to factorize, hoping to innovate cryptography with theory. However, the research on factorization has been going on for centuries, and the progress has not been much. Therefore, many analysts are seeking technological innovation, a technology that can perform cryptanalysis faster-quantum computers.

This is a dimensionality reduction blow of the "one force, ten meetings" style, because the computing speed of quantum computers makes modern supercomputers like an old abacus, which can crack all difficult codes through the rapid advancement of computing power. The book "Code Book: The War of Encoding and Decoding" states:

Any country that wins this title (quantum computer) first will be able to monitor the communications of its people, read the minds of its commercial opponents, and eavesdrop on the strategies of its enemies. Although quantum computing is still in its infancy, it is a potential threat to individuals, international business, and global security.

▲ From then on there will be fewer scenes like "Mission Impossible"

Quantum computers are so terrible, and password decipherers are waiting for it to come, but there are also coders who have begun to prepare to build a wall of invisible enemies. They have begun to study quantum cryptography-a quantum computer that can also ensure privacy. Encryption system. In the conception, quantum cryptography is a future cryptography that can provide perfect privacy and absolute security, and is an encryption system that can never be cracked.

Because this "can never be cracked" is so tempting, the best cryptographers and mathematicians from all over the world have invested in the research of quantum cryptography. Even in the official information of various countries, the frequency of quantum cryptography is not low.

The State Cryptography Administration has publicized information on funding quantum key research; quantum cryptography is also the research direction of the State Key Laboratory of Cryptographic Science and Technology; it has never been absent in various academic sharing and cryptographic forums. The U.S. National Security Agency also demonstrated its national cybersecurity views on quantum cryptography on its official website. France also publicly announced its plan to deploy the first quantum key distribution solution by 2022.

▲ Public information published by the National Cryptography Bureau

▲ The official website of the US National Security Agency has content related to quantum cryptography

In other words, although quantum cryptography is still very far away from the lives of ordinary people, it is already a very important research direction in cryptography research institutions such as the State Cryptography Administration.

The SMS sent to you by the National Cryptography Administration is to popularize cryptography; their usual job is to formulate password-related laws and regulations, manage cryptographic research, production, import and export affairs, etc.; but at the same time, they are also paying attention The progress of advanced cryptographic research has made quantum cryptography that will not be cracked come this morning.

In this way, do you suddenly feel that the text message you received suddenly becomes more meaningful? At least you can brag with your grandson in the future: "Your grandfather, I also received the text messages sent to me by the State Cryptography Administration?"

Not too interesting, not too optimistic.

#Welcome to follow Aifaner's official WeChat account: Aifaner (WeChat ID: ifanr), more exciting content will be provided to you as soon as possible.

Ai Faner | Original link · View comments · Sina Weibo