Academician Zhou Zhongyi of the Chinese Academy of Engineering: Blockchain application must first distinguish user-centric classification

On October 12th, the 2019CCF Blockchain Technology Conference – Blockchain Technology Topic Report was held in Chengdu, and the Interlink Pulse was invited as a partner media to participate in the conference. At the meeting, Zhou Zhongyi, an academician of the Chinese Academy of Engineering, delivered a keynote speech on "Several Issues to Be Paid Attention in the Application of Blockchain Technology", pointing out four specific development issues.

First, it must be clear whether the users in the application environment are centerless, centered, or multi-centered.

The degree of centralization of the user community may determine the extent of the technology's role. As in the bitcoin user environment, the user community is uncentered. In this kind of environment, when the user completes each transaction, the workload and distributed ledger storage content are also very large. Therefore, when the number of users is large, as the number of transactions increases, the network supply is insufficient, which inevitably reduces the running speed. Our current banking system is central and bank-centric. Every time a user completes a transaction, the amount of work is basically constant, and the distributed account book stores very little content. Therefore, the number of users increases, and the increase in transactions does not become too much for the network. Zhou Zhongyi believes that, in the coffee retail store application scenario, the use of multi-center systems is better than the non-central system. In addition, the canteens and supermarkets of similar schools are central, so the blockchain technology that can be used is limited. Therefore, before the application of the technology, it is necessary to distinguish between the center and the center.

Second, there is no center, and the digital authentication password technology used by the center can be different.

Transactions between users without a center must be authenticated using a public key password. A user sends information to user B. A must first encrypt his message with his private key, encrypt the encrypted message with the public key of user B, and send the password after two encryptions to Party B. Party B can decrypt the message. Other users can't get the information sent by A to B. Public-chain can also be used for transactions between users in the center. Zhou Zhongyi believes that it is okay to use symmetric passwords for encryption when designing a central environment. It is not necessary to use a public key system.

Third, the public key crypto SM2 introduced by the Office of Business Password of the National Cryptographic Authority is suitable for a centerless application environment, while the SM9 is suitable for a central application environment.

Zhou Zhongyi pointed out that SM2 can be applied to third-party certification, and SM9 is more suitable for a central environment because the public key management of the two is different. The SMA2's public letter pair is generated by the CA center and generates the user's own (certificate). The SM9's public letter pair is generated by the key management center, and the key management center also has centralized management. This centralized management is central. So the use of the two is not exactly the same. SM2 is known earlier because of the earlier time, and from the perspective of key management, SM9 is more suitable for a central environment.

Fourth, the use of digital authentication should focus on whether the application requires one-way authentication or two-way authentication.

One-way authentication is faster than two-way authentication because two-way authentication requires two authentications. According to Zhou Zhongyi, some ETCs that were introduced from Japan have had a longer transit time, which is also because of the adoption of the two-way authentication mechanism in Japan. Although one-way authentication can be adopted in terms of technical principle, since the traffic control department of China must use two-way authentication, the technology needs to comply with the regulations. If you want to apply the one-way authentication mechanism, you must first modify the standard. Therefore, when applying authentication technology, it is necessary to pay attention to two-way authentication and one-way authentication.