中央研究院 資訊科學研究所

【線上會議】

ID：170 703 3895

Password：A2PnSPkD52E

*This Series of talks are mainly open to staffs of IIS & CITI at Academia Sinica
**IIS reserves the right to determine the attendee's eligibilty for quality control purposes (applies for both actual and virtual meeting)

密碼學很少是系統中最薄弱的環節。因為它通常是被繞過而不是被打穿。但是物理學的最新發展將改變這一狀況。具有數百萬個穩定量子位元的量子電腦用秀爾（Peter Shor）演算法可以破壞所有當前部署的公鑰密碼學。基於RSA，Diffie-Hellman，或橢圓曲線離散對數的密碼系統將不再安全。更糟糕的，今天加密傳送的資訊可能正被某些國家級敵人記錄下來。一旦獲得大型量子電腦，他們就可以解密之前的所有通訊。

後量子密碼學是假設攻擊者擁有大型量子電腦下的密碼學。後量子密碼系統需要在此攻擊模型下研究其安全性。好消息是一些系統保持安全。壞消息是那些系統離完成部署準備還相距甚遠。
本演講將解釋量子電腦對資訊安全和密碼學構成的威脅安全性，並簡介幾類可以抵抗此等攻擊的系統，以及說明美國國家標準技術局(NIST) 為建立新一代的後量子密碼標準正在進行的比賽現況。

Yang Bo-Yin graduated from the Department of Physics, National Taiwan University. He received his Ph.D. in mathematics from the Massachusetts Institute of Technology in 1991 and started teaching in the Department of Mathematics at Tamkang University the following year. Since 2002, he has devoted himself to the research of applied cryptography, especially post-quantum cryptography. In 2006, he transferred to the Institute of Information of the Academia Sinica. Currently, he is a research fellow of the Institute of Information and holds joint appointment with the Center for Information Technology Innovation. During this time, he won the Sinica Career Advancement award (2010) and Investigator Awards (2015, 2020).  He has served the cryptographic community on many conference organizations, including as the Program Chair of PKC 2016 and the General Chair of CHES 2017.  Currently he serves as an Associate Editor for the IACR Transactions on Cryptographic Hardware and Embedded Systems, and will be running Asiacrypt 2022 as a General Chair.  He is the co-inventor of the Ed25519 digital signature scheme, currently a standard on the internet, and joint proposer to two 3rd-round candidates of the U.S. National Institute of Standards and Technology Postquantum competition: the Rainbow digital signature scheme and the NTRU Prime key establishment mechanism.