随着量子计算技术的持续进步,后量子密码迁移正在从学术讨论转变为产业界必须面对的现实课题。美国国家标准与技术研究院(NIST)于2024年正式发布了首批后量子密码标准,标志着这一领域从理论研究进入工程落地阶段。
对于数字科学领域的研究者和从业者而言,后量子密码迁移的影响远超密码学本身。在人工智能方向,联邦学习和安全多方计算等隐私保护技术的底层加密协议面临升级需求。当前广泛使用的RSA和椭圆曲线加密算法在大规模量子计算机面前将不再安全,这意味着所有依赖这些算法的AI安全基础设施都需要迁移到抗量子攻击的新标准上。
在数据科学方向,后量子迁移对数据全生命周期的安全保护提出了新要求。所谓"先存储后解密"的攻击模式意味着,即使当前加密的数据在短期内是安全的,但如果使用了非抗量子算法加密,这些数据在未来可能被量子计算机解密。对于金融、医疗和政务等存储大量敏感数据的行业,这一风险不容忽视。
网络安全领域首当其冲。从TLS协议到数字签名,从身份认证到密钥管理,整个互联网安全基础设施的底层密码原语都面临更替。这不是一个可以"一键升级"的过程,而是一场涉及协议设计、软件开发、硬件适配和合规标准更新的系统性工程。
ADSPR专家顾问委员会高级研究员陈毅恒指出,后量子密码迁移的核心挑战不在于密码算法本身——NIST标准化的算法已经过充分的安全性论证——而在于迁移过程的复杂性和漫长性。许多组织的IT系统中存在大量"密码债务",即硬编码的加密参数、未经记录的密码使用点和不兼容的遗留系统。全面的密码资产盘点和分阶段迁移策略是成功转型的关键。
ADSPR数智研究院近期收到的成果评审中,与后量子密码相关的提交量呈显著上升趋势。协会鼓励更多研究者关注这一方向,特别是在密码迁移工具开发、混合加密方案设计和行业迁移指南编制等实践导向的研究领域。
With the continued advancement of quantum computing technology, post-quantum cryptography migration is moving from academic discussion to a practical issue that industry must face. The U.S. National Institute of Standards and Technology (NIST) officially released the first batch of post-quantum cryptography standards in 2024, marking the field's transition from theoretical research to engineering implementation.
For researchers and practitioners in digital science, the impact of post-quantum cryptography migration extends far beyond cryptography itself. In artificial intelligence, the underlying encryption protocols of privacy-preserving technologies such as federated learning and secure multiparty computation face upgrade requirements. The currently widely used RSA and elliptic-curve encryption algorithms will no longer be secure in the face of large-scale quantum computers, which means that all AI security infrastructures relying on these algorithms will need to migrate to new standards resistant to quantum attacks.
In data science, post-quantum migration imposes new requirements for security protection throughout the full data life cycle. The so-called "store now, decrypt later" attack model means that even if currently encrypted data is safe in the short term, if it is encrypted with non-quantum-resistant algorithms, the data may be decrypted by quantum computers in the future. For industries such as finance, healthcare, and government affairs that store large amounts of sensitive data, this risk cannot be ignored.
The cybersecurity field is the first to bear the impact. From TLS protocols to digital signatures, and from identity authentication to key management, the underlying cryptographic primitives of the entire Internet security infrastructure face replacement. This is not a process that can be completed with a "one-click upgrade", but a systematic engineering effort involving protocol design, software development, hardware adaptation, and updates to compliance standards.
Chen Yiheng, Senior Researcher of the ADSPR Expert Advisory Committee, pointed out that the core challenge of post-quantum cryptography migration does not lie in the cryptographic algorithms themselves, since the algorithms standardized by NIST have undergone sufficient security validation. Rather, the challenge lies in the complexity and length of the migration process. Many organizations have a large amount of "cryptographic debt" in their IT systems, including hard-coded encryption parameters, undocumented points of cryptographic use, and incompatible legacy systems. A comprehensive inventory of cryptographic assets and a phased migration strategy are the keys to successful transformation.
Among the achievement reviews recently received by the ADSPR Digital Science Research Institute, submissions related to post-quantum cryptography have shown a significant upward trend. The Association encourages more researchers to focus on this direction, especially practice-oriented research areas such as the development of cryptographic migration tools, the design of hybrid encryption schemes, and the preparation of industry migration guidelines.