The threat to current internet security from quantum computers is no longer theoretical. Recent breakthroughs indicate that a machine capable of breaking widely used encryption could arrive within the next decade – far sooner than previously estimated. Two independent research teams have demonstrated how rapid advancements in quantum computing power are rapidly closing the gap toward cracking the cryptographic foundations of online transactions, cryptocurrency, and sensitive data.
The Vulnerability: Elliptic Curve Encryption
The core of the problem lies in elliptic curve discrete logarithm problem (ECDLP) encryption. This method is fundamental to securing modern digital systems. Banks, e-commerce, and virtually every major cryptocurrency, including Bitcoin, rely on ECDLP because conventional computers struggle to break it. However, quantum computers exploit different physics, making ECDLP solvable with sufficient processing power.
For decades, this was a distant concern. The sheer engineering complexity of building large-scale quantum computers kept the threat hypothetical. But that’s changing at an accelerating pace.
The Shrinking Threshold
Researchers have drastically reduced the estimated qubit requirements for breaking ECDLP. In 2019, cracking RSA-2048 (a related encryption method) was estimated to need 20 million qubits. By February 2024, that number had plummeted to just 100,000. This isn’t merely incremental progress; it’s an exponential shift in feasibility.
Current quantum computers already exceed 1,000 qubits, with the largest arrays reaching 6,100. Dolev Bluvstein at Oratomic estimates that a machine with 10,000 qubits could break ECDLP within years of operation. Google’s quantum research team, led by Ryan Babbush, suggests that 500,000 qubits could achieve the same result in under ten minutes.
The speed is critical: a powerful enough quantum computer could intercept cryptocurrency transactions and steal funds before they are permanently recorded.
The Race Against Time
While building a fully functional 10,000-qubit machine may take until the end of the decade, the underlying technology is progressing so rapidly that conservative estimates may prove too optimistic. Google’s team has even withheld full details of its decryption algorithm for security reasons, indicating the immediacy of the threat.
The decentralized nature of cryptocurrencies makes them particularly vulnerable. Unlike traditional banking systems, which can potentially adapt defenses after an attack, blockchain transactions are irreversible once confirmed.
The Shift to Post-Quantum Encryption
The National Institute of Standards and Technology (NIST) has already begun standardizing post-quantum encryption (PQC) algorithms designed to resist quantum attacks. The US federal government plans to migrate to PQC by 2035, but experts urge organizations to transition immediately. Google is pushing for PQC adoption by 2029, recognizing that the window for action is rapidly closing.
“These papers reinforce the idea that the window for migration is finite and the time to act is now.” – Dustin Moody, NIST
The arrival of quantum-resistant cryptography is inevitable, but the transition will be disruptive. The looming threat underscores the urgent need for proactive measures to safeguard the digital world before it’s too late.
