听力|精读|翻译|词组 

Prime factors

质数因子

英文部分选自经济学人Science and technology版块

Future-proofing the internet

面向未来的互联网

Prime factors

质数因子

Quantum computers will break the encryption that protects the internet. Fixing will be tricky.

量子计算机将会破坏保护因特网的加密技术，修复将会是个难题

注：
Quantum computers 量子计算机是一类遵循量子力学规律进行高速数学和逻辑运算、存储及处理量子信息的物理装置。当某个装置处理和计算的是量子信息，运行的是量子算法时，它就是量子计算机。量子计算机的概念源于对可逆计算机的研究。研究可逆计算机的目的是为了解决计算机中的能耗问题。

As every schoolchild knows, some sorts of mathematics are harder than others. In the classroom, that is annoying. Outside, it can be useful. For instance, given two prime numbers, however large, multiplying them together to find their product is easy. But the reverse—factorising that product back into its constituent primes without knowing in advance what those primes are—is hard, and becomes rapidly harder as the number to be factorised gets bigger.

每个学生都清楚，某些数学问题要比其他的难。在课堂上，这是件烦心事；但在课外，这却大有益处。比如说，给定两个质数，不论多大，求它们的乘积都很简单；但反过来，即在提前不知道这些质数是多少的情况下，将乘积因式分解并找出构成它们的质数，这一问题就有相当难度；并且随着质数因子的增大，难度系数也会快速上升。

注：
1.factorise vi.讲…分解成因子

2.本段提到的“将两个大素数相乘十分容易,但那时想要对其乘积进行因式分解却极其困难”是RSA算法的基本思想。RSA加密算法是一种非对称加密算法。在公开密钥加密和电子商业中RSA被广泛使用。RSA是1977年由罗纳德·李维斯特（Ron Rivest）、阿迪·萨莫尔（Adi Shamir）和伦纳德·阿德曼（Leonard Adleman）一起提出的。当时他们三人都在麻省理工学院工作。RSA就是他们三人姓氏开头字母拼在一起组成的。对极大整数做因数分解的难度决定了RSA算法的可靠性。

Factorising numbers into their constituent primes may sound esoteric, but the one-way nature of the problem—and of some other, closely related mathematical tasks—is the foundation on which much modern encryption rests. Such encryption has plenty of uses. It defends state secrets, and the corporate sort. It protects financial flows and medical records. And it makes the $2trn e-commerce industry possible. Without it, credit-card details, bank transfers, emails and the like would zip around the internet unprotected, for anyone so minded to see or steal.

将数字因式分解成构成它们的质数听起来也许很深奥，但是，这一问题以及其它密切相关的数学问题的单向性，构成了很多现代加密技术的基础。这种加密技术用处颇多，包括保护国家和企业的机密，保护现金流和药物记录，并使价值两万亿美元的电子商务产业的产生成为可能。若没有加密技术，信用卡的详细信息、银行汇款、电子邮件和类似的信息将不受任何保护，在互联网上传播，使任何想要获取或窃取信息的人有机可乘。

Nobody, however, is certain that the foundation of all this is sound. Though mathematicians have found no quick way to solve the prime-factors problem, neither have they proved that there isn’t one. In theory, any of the world’s millions of professional or amateur mathematicians could have a stroke of inspiration tomorrow and publish a formula that unravels internet cryptography and most internet commerce with it.

然而，没有人可以确定这一切都建立在坚实的基础上。虽然数学家并没有找出快速解决质数因子问题的办法，但是，他们也未能证明并无捷径。理论上来说，世界上数百万专业或业余的数学家中的任何一个都有可能在将来的某一天灵光一闪，继而发表一个方程式，进而揭穿互联网密码学和多数互联网商务的奥秘。

Send in the qubits

提出量子位

In fact, something like this has already happened. In 1994 Peter Shor, a mathematician then working at Bell Laboratories, in America, came up with a quick and efficient way to find a number's prime factors. The only catch was that for large numbers his method—dubbed Shor’s algorithm—needs a quantum computer to work.

实际上，已经有人做到了类似的事情。1994年，当时在贝尔实验室工作的美国数学家皮特·肖尔(Peter Shor)，想到能够快速高效地找出一个数字的质数因子的方法。唯一的问题是，当数字趋于庞大时，用他的方法(又称"肖尔算法")计算需要使用量子计算机。

Quantum computers rely on the famous weirdness of quantum mechanics to perform certain sorts of calculation far faster than any conceivable classical machine. Their fundamental unit is the “qubit”, a quantum analogue of the ones and zeros that classical machines manipulate. By exploiting the quantum-mechanical phenomena of superposition and entanglement, quantum computers can perform some forms of mathematics—though only some—far faster than any conceivable classical machine, no matter how beefy.

量子计算机依赖于著名的量子力学原理进行某些类型的计算，其速度远远超过任何可能的传统计算机。它的基本单位是“量子位”，“量子位”是传统计算机计算单位“1”和“0”的量子类似物。通过利用叠加和偏振的量子力学现象，量子计算机对特定类型的数学运算的计算速度可以远超任何传统计算机，无论其精密程度如何。

When Dr Shor made his discovery such computers were the stuff of science fiction. But in 2001 researchers at ibm announced that they had built one, programmed it with Shor’s algorithm, and used it to work out that the prime factors of 15 are three and five. This machine was about the most primitive quantum computer imaginable. But there has been steady progress since. Alibaba, Alphabet (Google’s parent), ibm, Microsoft and the like are vying to build commercial versions, and the governments of America and China, in particular, are sponsoring research into the matter.

当肖尔博士致力于在此领域的研究的时候，这种量子计算机还只是科幻小说里的东西。但在2001年IBM的研究人员宣布他们已经制造了一台量子计算机，用肖尔算法对其进行编程，并利用它计算出15的质因子是3和5。这台机器是你能想象到的最原始的量子计算机。但自那以来，这一领域的进展一直在稳步推进。阿里巴巴、Alphabet(谷歌的母公司)、ibm、微软等公司都在争相开发其商业化版本，特别是美国和中国政府正在投资此领域的研究。

Big quantum computers will have applications in fields such as artificial intelligence and chemistry. But it is the threat posed by Shor’s algorithm that draws most public attention. Large organisations may be able to get around the problem using so-called quantum cryptography. This detects eavesdroppers in a way that cannot be countered. But it is expensive, experimental and unsuitable for the internet because it must run on a special, dedicated network. For most people, therefore, the best hope of circumventing Shor’s algorithm is to find a bit of one-way maths that does not give quantum computers an advantage.

大型量子计算机将在人工智能和化学等领域得到应用，但肖尔算法带来的威胁也引起了公众的广泛关注。大型组织也许能够利用所谓的量子密码学来解决这个问题，此方法可以探测窃听者，且对方毫无反制措施。但这一方法价格昂贵，尚处在实验阶段，而且不适合应用于互联网，因为它必须在一个特殊的专用网络上运行。因此，对于大多数人来说，回避肖尔算法（风险）的最大希望是找到一种不会给量子计算机带来优势的单向算法。

There are candidates for this. Cryptographers are debating the relative merits of such mathematical curiosities as supersingular isogenies, structured and unstructured lattices, and multivariate polynomials as foundations for quantum-proof cryptography. But translating a piece of maths into usable computer code and then delivering it to the zillions of machines that will need updating will not be easy.

目前有一些备选方案。密码学家们正在讨论超奇异等元、结构化和非结构化点阵、以及多元多项式等数学原理作为免量子密码学基础的的相对优点。但是，将一段数学算法转换成可用的计算机代码，然后将其编入进大量需要更新的计算机中并不容易。

One question is, when is the deadline? When will an internet-breaking computer actually be available? Today’s best machines can manipulate a few dozen qubits. Brian LaMacchia, who runs the security and cryptography team at Microsoft Research, thinks a “cryptographically interesting” quantum computer might be able to handle somewhere between about 1,000 and 10,000 of them. Predicting progress is hard. But Dr LaMacchia reckons such a machine might be ready some time between 2030 and 2040.

一个问题是，什么时候可以实现? 什么时候会出现一台打破网络加密的量子计算机?当今最好的计算机可以操作几十个量子位。微软研究院(Microsoft Research)安全与密码学团队负责人布莱恩·拉玛基亚(Brian LaMacchia)认为，一台“具有密码解锁能力”的量子计算机，可能能够处理大约1000到10000个量子位。虽然很难预测进展，但拉玛基亚博士认为，这种机器可能在21世纪30年代左右诞生。

That sounds reassuringly far away. But several researchers argue that things have already been left too late. Though many communications are ephemeral, some people encrypt messages that they hope will remain secret for a long time. Spies and policemen around the world already store reams of online data in the hope that, even if they cannot decrypt them now, they may be able to do so in future. As Peter Schwabe, a cryptographer at Radboud University in the Netherlands, observes: “If someone ten or 20 years from now can decrypt my present-day communications with my bank, well, I probably don’t care too much about that. But if I’m a dissident in some repressive country, talking to other dissidents? That might be a different story.”

令人欣慰的是，这听起来仍很遥远。可有些研究者辩称，有些事还是耽搁太久了。尽管许多通讯信息转瞬即逝，许多人将信息编成密码，以此希望秘密能够长时间保存。世界上的间谍和警察已经保存了大量当下无法解读的网络数据，以期在未来能将其破译。正如荷兰Radbound大学的密码学学家Peter Schwabe写道：“如果某个人在十到二十年之后破译了我现在和银行账户的数据传输，好吧，我或许也没那么担心。但如果我是一个在某些专制国家的政治异见者，和别的异见者谈到一些政治上的不同见解呢？事情可能就完全不同了。”

The second problem is how long a fix will take. The National Institute of Standards and Technology (nist), an American standards organisation whose decisions are often followed around the world, is running a competition to kick the tyres on various quantum-resistant proposals. But its conclusions are not due until 2024. And as Nick Sullivan, who is in charge of cryptography at Cloudflare, an internet-infrastructure firm, observes, history suggests that, even once a new standard is agreed, the upgrade will be slow and messy. Despite—or perhaps because of—the information-technology industry’s obsession with novelty, the internet resembles ancient cities like Rome and Istanbul, with modern structures built atop forgotten layers of old, unmaintained code.

第二个问题是要多久才能解决这个问题。作为一家经常被全世界参考的美国标准制定组织，NIST（国立标准与技术研究所）正在举办比赛，以此激发各种对抗量子计算的对策，但是在2024年之前结论仍不明朗。在网络基础设施公司Cloud Flare负责加密协议的Nick Sullivan认为，历史表明，就算新标准建成了，这个升级还是会缓慢且混乱的。尽管，或者说是由于IT行业对更新迭代的痴迷，造成整个网络就像罗马或者伊斯坦布尔的古城一样，在一些老旧的、未维护的代码层之上建立现代的结构。

For example, in 1996 researchers reported the first weaknesses in md5, a type of widely used cryptographic algorithm called a hash function. A drop-in replacement was readily available in the form of another algorithm called sha-1. After more than two decades of exhortations to upgrade, though—not to mention high-profile cyber-attacks exploiting md5’s weaknesses—the older algorithm is often still used. Similarly, a vulnerability called freak, discovered in 2015, relied on the fact that many modern applications, including the default browser in Google’s Android operating system and the White House’s website, could be persuaded to revert to old, easily breakable cryptography installed in order to comply with long abandoned American export regulations.

举个例子，在1996年，研究人员发表了md5的第一个弱点，它是一种被称为哈希函数的加密算法。那么另一种被称为sha-1的算法自然而然的成为了可行的取代物。但是二十多年过去了，即便利用md5的弱点进行网络攻击的事件数次被高调报导，也不论多年来鼓励升级的号召，老的算法仍旧还经常在使用。同样的，在2015年发现了一个被称为freak的安全隐患，就是为了满足美国已经长期废置的出口规定，许多现代应用软件（包括谷歌的安卓操作系统的默认浏览器以及白宫网站）遭强迫使用易损的老版本加密协议的结果。

注：
1.MD5消息摘要算法（英语：MD5 Message-Digest Algorithm），一种被广泛使用的密码散列函数，可以产生出一个128位（16字节）的散列值（hash value），用于确保信息传输完整一致。MD5由美国密码学家罗纳德·李维斯特（Ronald Linn Rivest）设计，于1992年公开，用以取代MD4算法。

2.The weaknesses of MD5 have been exploited in the field, most infamously by the Flame malware in 2012. The CMU Software Engineering Institute considers MD5 essentially "cryptographically broken and unsuitable for further use".
MD5的弱点已经在这个领域被利用，最臭名昭著的是2012年的火焰恶意软件。CMU软件工程研究所认为MD5本质上是“密码破解的，不适合进一步使用”。

3.SHA-1（英语：Secure Hash Algorithm 1，中文名：安全散列算法1）是一种密码散列函数，美国国家安全局设计，并由美国国家标准技术研究所（NIST）发布为联邦数据处理标准（FIPS）。SHA-1可以生成一个被称为消息摘要的160位（20字节）散列值，散列值通常的呈现形式为40个十六进制数。

Testing, testing

Those with the most power to chivvy things along are the big companies that control much of the internet’s pipework. Even while nist deliberates, they are beginning to run tests of their own. At Microsoft, Dr LaMacchia plans to test quantum-resistant encryption on the links that connect the firm’s data centres. Google has already tried integrating different kinds of quantum-resistant cryptography into experimental versions of Chrome, its web browser, and has worked with Cloud flare to test the impacts in the real world.

那些能动用高权限推进以上计划的都是手握大把网络通道资源的大公司。就算国立标准技术研究所在研究这件事的时候，都开始自己动手做测试。微软的LaMacchia博士正计划连接该公司的数据中心以测试一个抗量子计算的加密编码。谷歌也已尝试整合了几种抗量子计算的加密方式进入谷歌Chrome浏览器的测试版里，并和Cloud Flare一起完成了现实网络中的性能测试。

注：
1.Chivvy: 催促某人做某事 To chivvy sb into Sth/doing sth

2.NIST: National Institution of Standards and Technology 国立准标技术研究所

The results have been mostly encouraging, but not wholly so. Changing the encryption changes the way browsers negotiate connections with websites. In Google’s tests of the 2,500 most popular websites, some 21of them—including LinkedIn, a social network, and Godaddy.com, a domain registrar—could not cope with the extra data involved, and refused to connect. And all of the proposed quantum-resistant schemes imposed noticeable delays compared with conventional cryptography.

目前来看，结果大多鼓舞人心，但也不完全都是。加密方式的调整改变了浏览器访问网页的链接协议。在谷歌测试的2500个最热门的网站里，包括社交网站领英、域名注册网站Godaddy在内的21个网站因无法处理多出来的数据而拒绝连接。相比于传统的加密方式，所有的抗量子计算算法都有显著的延迟。

注：

Godaddy.com(GoDaddy),世界知名互联网域名注册商GoDaddy，业务遍布全球，致力于为中国企业和个人用户提供卓越的网站服务，业务涵盖：域名注册，专业级网站构建，定制化建站服务，SSL证书，多种类海外主机，Windows和Linux托管主机（一键安装WordPress，Drupal，Joomla等），Web安全方案等。

Big firms will have power in other ways, too. Vadim Lyubashevsky, a quantum-computing researcher at ibm, points out that quantum computers need lots of coddling. Most must be cooled to a temperature close to absolute zero. This means that, for the foreseeable future, access to them will be sold as a cloud-computing service in which users rent time from the machines’ owners. That gives companies the power to review code before it is run, says Dr Lyubashevsky, which could help limit nefarious uses. (Governments, though, will be able to shell out for their own machines.)

大公司依然有其他方面的能力。IBM公司的量子计算研究员Vadim Lyubashevsky指出量子计算机需要很苛刻的工作条件，大部分必须在接近绝对零度的温度下冷却。这意味着，在可预见的未来，用户使用量子计算机的途径都将是通过向运营商租用使用时间的云计算服务。Lyubashevsky博士认为，这给了大公司在运行程序之前审查代码的能力，将有助于控制对量子计算机的恶意使用。（政府也因此有必要采购自己的量子计算机。）

注：
1.Preparing for the Next Era of Computing With Quantum-Safe Cryptography

https://securityintelligence.com/preparing-next-era-computing-quantum-safe-cryptography/

2.The WIRED Guide to Quantum Computing

Everything you ever wanted to know about qubits, superpositioning, and spooky action at a distance.

https://www.wired.com/story/wired-guide-to-quantum-computing/

There are other wrinkles. The new cryptographic schemes generally require more computational grunt than the old sort, says Dr Sullivan. For desktop machines and smartphones, that is unlikely to be a problem. But smaller chips, embedded in gizmos from industrial-control systems to sensors, may struggle. Another worry is that the new algorithms may come with unforeseen weaknesses of their own. Mathematicians have had decades to attack the prime-factor problem, says Graham Steel, the boss of Cryptosense, a cryptography-focused security firm. The maths that underlie post-quantum schemes have not been similarly battle-tested. For that reason, the first implementations may hedge their bets by using both old and new sorts of cryptography at once.

另外还有些其他小问题。Sulliva博士表示，一般来说，这种新的量子加密方式比老方法对计算能力的要求更高。就台式机和智能手机来说，这不是个问题，可对于诸如工业控制装置和传感器这种微小器件来说就非常棘手了。另一个担忧是新算法自身可能存在一些无法预料的弱点。专注于密码安全的公司Cryptosense的老板Graham Steel认为：数学家们花费了数十年试图攻克质数因子问题，这一问题的解决方法构成了后量子密码的数学基础，但无论是数学方法和加密方式，都没有经过实际检验。由于这一原因，首次相关应用实例将同时使用老式加密方式和量子加密方式来避免损失。

注：
从量子计算到量子安全：什么是“抗量子密码”？

The big companies are unlikely to commit themselves fully to an upgrade until the nist has decided on the new standards. And even when that happens, the sheer size of the task is daunting. Mr Steel says one of his clients has thousands of apps that need updating. As chips migrate into everything from cars and children’s toys to lighting systems and smart electricity meters, the amount of work will only grow.

在NIST确定使用这一新的加密标准之前，大公司们可能并不会全面更新加密方式。即便是在新标准确立之后，完成整个更新过程所需的工作量也令人却步。Steel先生表示他的一个客户需要更新的软件数量高达上千种。随着越来越多芯片被植入到汽车、儿童玩具、照明系统甚至智能电子仪表中，这一工作量会越来越大。

All this means that quantum-proofing the internet is shaping up to be an expensive, protracted and probably incomplete job. Dr Steel compares it to dealing with the millennium bug, when a quirk in how a lot of programs handled dates meant they had to be retrofitted, at great expense, to cope with the transition from the year1999 to the year 2000. In the event, thanks to the efforts of thousands of programmers, the millennium bug was mostly dodged. These days, the stakes are higher. The world is now considerably more computerised than it was then. Either way, it means plenty of steady work for cryptographers.

所有这些问题都意味着对互联网进行量子加密升级是一项昂贵、旷日持久、甚至可能无法100%完成的工作。Steel博士将这一工作与当年处理千年虫相提并论，当时由于一个计算机上许多程序沿用来表示日期的算法bug导致人们不得不花费巨大代价重装系统来处理1999年到2000年的日期过渡问题。在这一事件中，幸亏有成千上万的程序员不懈努力，绝大多数千年虫bug得以顺利避开。由于当今世界计算机化的程度更高，风险也因此比以前更大。无论如何，这都意味着密码学家们还有许多坚实的工作要去完成。

注：
1.Protracted adj.lasting for a long time or made to last longer持久的，延长的

2.Quirk n.something that is strange and unexpected 怪癖，古怪之处

3.Retrofit v.to put new parts or new equipment翻新

翻译组：

Xingyi，男，小硕，经济学人爱好者

Yuki, 非英专准大三,自学通过CATTI二笔

May,男，法律专业正经的经济学人拥护者

校核组：

Nikolai，男，小硕, science追随者

Helga，女，笔译民工，经济学人爱好者

知识点收集组：

Sigrid 非英专 学习英语 经济学人爱好者

Elena，英专，备考CATTI，外刊爱好者

Echo，MTI备考中，死磕英语，经济学人的小小粉丝一枚