Quantum Computing Breakthroughs: Caltech and Google Shatter the Numbers on Cryptography

Quantum Computing Breakthroughs: Caltech and Google Shatter the Numbers on Cryptography

Two bombshell quantum computing results were announced this week — one from Caltech (with John Preskill) and one from Google — that dramatically reduce the number of physical qubits needed to break real-world encryption. The bottom line: Bitcoin and other cryptocurrencies may be vulnerable to quantum attacks sooner than anyone expected.

The Two Breakthroughs

1. Caltech: Lower-overhead quantum fault tolerance

• Published on arXiv (2603.28627)
• Uses high-rate error-correcting codes to reduce qubit overhead
• Works particularly well for neutral-atom architectures and trapped-ion systems
• Key result: Dramatically fewer physical qubits needed for reliable quantum computation
• Previously: Estimates of millions of physical qubits for useful quantum computing
• Now: Estimates dropped to as low as 25,000 physical qubits for breaking 256-bit elliptic curve cryptography

2. Google: Lower-overhead Shor's algorithm

• Published on arXiv (2603.28846) — via zero-knowledge proof
• Implemented Shor's algorithm for 256-bit elliptic curve cryptography with lower circuit overhead
• Unprecedented publishing method: Google published the result as a cryptographic zero-knowledge proof (proving the circuit exists without revealing its details)
• This is the first time a mathematical result has been announced this way
• The team chose not to reveal the actual circuit to prevent malicious actors from immediately exploiting it

Why This Matters

Bitcoin vulnerability:

• Bitcoin uses 256-bit elliptic curve cryptography (ECDSA) for signatures
• Previously estimated: Millions of qubits needed to break Bitcoin signatures
• New estimate: ~25,000 physical qubits may suffice
• Bitcoin's security model assumes quantum computers are decades away — this timeline may have just shortened
• If someone builds a 25,000-qubit quantum computer, they could forge Bitcoin transactions

Cascading impact:

• All cryptocurrencies using ECDSA (most of them) are potentially vulnerable
• TLS/SSL certificates (HTTPS) use similar cryptography
• Banking, government, military communications all rely on vulnerable encryption
• The entire digital security infrastructure is built on assumptions these results challenge

The Zero-Knowledge Proof Publishing

Google's decision to publish via zero-knowledge proof is historically unprecedented:

• Proves the circuit exists without revealing the details
• Analogous to mathematicians in the 1500s proving their ability by challenging rivals to duels
• Scott Aaronson compared it to Frisch and Peierls' 1940 calculation of U-235 chain reaction requirements
• The cybersecurity community pushed back on secrecy — consensus: publish everything so people upgrade faster

What This Does NOT Mean

• Quantum computers still don't exist at the scale needed (25,000 reliable qubits)
• Current largest quantum computers: ~1,000 physical qubits (IBM, Google, others)
• Error rates are still too high for useful quantum computation
• Timeline: Still years away, possibly a decade or more
• But: The numbers have changed dramatically, and the urgency for quantum-resistant cryptography has increased

The Urgency: Upgrade Now

Quantum-resistant cryptography (post-quantum cryptography):

• NIST standardized four post-quantum algorithms in 2024 (CRYSTALS-Kyber, CRYSTALS-Dilithium, FALCON, SPHINCS+)
• Migration has been slow — most systems still use vulnerable algorithms
• These breakthroughs should accelerate adoption
• Bitcoin has proposals for quantum-resistant upgrades but no timeline for implementation
• "They should really get on that!" — Scott Aaronson

Expert Reaction

Scott Aaronson (UT Austin, leading quantum computing theorist):

• "Neither of these results change the basic principles of QC that we've known for decades, but they do change the numbers"
• "When you put both of them together, Bitcoin signatures for example certainly look vulnerable to quantum attack earlier than was previously known"
• "How much time will this save — maybe a year? Subtracting, of course, off a number of years that no one knows"

What Happens Next

1. Research replication: Other teams will attempt to reproduce and extend the results
2. NIST updates: Post-quantum migration guidelines may be updated with new urgency
3. Industry response: Tech companies, banks, and governments will accelerate crypto upgrades
4. Quantum hardware race: Investment in quantum computing hardware will intensify
5. Policy debate: Whether to publish or suppress quantum breakthroughs will intensify