The advent of a quantum computer capable of shattering the encryption that currently safeguards the internet appears to be on the horizon. Two distinct research teams have presented compelling insights into how this capability might be realized. One group’s findings suggest that the most advanced quantum machine currently in operation is already significantly past the halfway mark in terms of the size required for such a feat.

Both studies focus on a specific encryption method rooted in the mathematical challenge known as the elliptic curve discrete logarithm problem (ECDLP). The inherent complexity of solving this problem made it an attractive choice for data encryption. Consequently, it has seen widespread adoption for securing a vast array of internet communications, including financial transactions and the vast majority of major cryptocurrencies like Bitcoin.

While conventional computers find it exceedingly difficult to break elliptic curve-based encryption, theoretical knowledge dating back to the 1990s indicated that quantum computers would not face the same obstacles. However, the sheer engineering challenge of constructing a quantum computer of sufficient scale rendered this a distant concern for many years.

Accelerated Timelines and Reduced Requirements

In recent times, advancements in both quantum computing theory and engineering have progressed at an astonishing pace, significantly shortening the anticipated timeline for such a breakthrough. On the theoretical front, researchers have successfully optimized quantum hacking algorithms. These optimizations substantially decrease the actual quantity of quantum computing power necessary for decryption.

For illustrative purposes, consider the RSA-2048 encryption method. In 2019, the estimated size of a quantum computer needed to crack it was 20 million qubits—a qubit being the quantum analogue of a traditional computer bit. By February of this year, that estimate had shrunk dramatically to just 100,000 qubits.

Simultaneously, the physical realization of quantum hardware has evolved. In 2019, state-of-the-art quantum computers had barely surpassed 50 qubits. Today, the largest operational quantum computers boast over 1000 qubits. Furthermore, a qubit array, though not yet utilized for computation, exists with 6100 qubits.

New Estimates for Breaking ECDLP

Dolev Bluvstein of Oratomic, along with his colleagues, has proposed that the ECDLP could be compromised by a machine equipped with as few as 10,000 qubits. While this decryption process would demand several years of continuous quantum computer operation, a separate team led by Ryan Babbush at Google’s quantum research division has outlined a scenario where 500,000 qubits could achieve the same outcome in a mere 9 minutes.

Justin Drake of the Ethereum Foundation, who collaborated with Google’s researchers, described the development as “a momentous day for quantum computing and cryptography” in a post on X.

The calculations by Bluvstein and his team are based on qubits constructed from extremely cold atoms manipulated by lasers. The advanced interconnectivity offered by these types of qubits plays a significant role in the reduced qubit requirement for their proposed decryption method.

Bluvstein suggests that assembling an array of 10,000 ultracold qubits might be feasible within the next year. The primary hurdles, however, will lie in achieving precise control over these qubits and ensuring their rapid and coordinated operation. Direct connections between existing, separate machines are not a viable shortcut, as the qubits require direct interaction among themselves to function effectively.

Bluvstein anticipates that a sufficiently capable quantum machine will not be ready until the end of the current decade. He notes that considerable progress is still needed, but building such a machine is beginning to feel like a tangible possibility.

Cryptocurrency Vulnerabilities and the Path Forward

The Google team’s findings were derived from an analysis of a different quantum computing architecture, one that utilizes superconducting circuits. This approach is generally considered a more mature technology and represents the primary focus of Google’s quantum research efforts.

While the researchers involved declined to comment publicly on their work, their published paper indicates that “resource estimates could be reduced substantially by making more aggressive assumptions about hardware capabilities.” This suggests that their 500,000 qubit estimate might be conservative.

Notably, the researchers opted to withhold certain details of their decryption algorithm, citing security concerns. They also highlighted the potential for such a quantum computer to intercept a cryptocurrency transaction. The brief window of time before a transaction is recorded on the blockchain could allow for funds to be redirected, effectively leading to theft.

Scott Aaronson of the University of Texas at Austin commented that the combined findings of these two studies indicate that Bitcoin may be vulnerable to quantum attacks sooner than previously understood.

Stefano Gogoioso from the University of Oxford in the UK points out that both quantum computing approaches face substantial engineering challenges before their theoretical results can be practically implemented. He specifically notes that the ultracold atom approach, being a less proven technology, presents greater obstacles.

Nevertheless, the security of our digital world certainly presents reasons for concern, according to Gogioso. Some internet browsers already offer encryption methods that are resistant to quantum attacks, known as post-quantum encryption (PQC). While conventional financial institutions might develop defenses against quantum threats after an attack, decentralized systems like those used in cryptocurrency are expected to be considerably more vulnerable.

Earlier this month, Google issued a recommendation for a migration to PQC by 2029, a target that Gogioso believes is becoming increasingly necessary.

Dustin Moody at the National Institute of Standards (NIST) in Maryland stated that the impetus for the PQC standardization project, initiated over a decade ago, was precisely this potential scenario. He acknowledged that as quantum hardware improves, so too will the algorithms designed to counter it.

NIST has identified several PQC algorithms that could establish the future security standard in an era of practical quantum computers. The United States federal government aims to transition to these standards by 2035. However, Moody emphasizes that organizations should commence their migration process as early as possible, noting that these recent papers reinforce the understanding that the window for such a transition is finite, making immediate action advisable.