Thirty years ago, mathematician Peter Shor’s theoretical work on quantum computing sent ripples through the scientific community, promising a revolutionary shift in computational power. What was once a niche physics project, exploring the counterintuitive principles of quantum mechanics to build a new kind of computer, has now evolved into a tangible and imminent threat to the digital security infrastructure that underpins global communication, finance, and personal privacy. At the heart of this concern lies Shor’s algorithm, a groundbreaking mathematical tool capable of solving problems that would take even the most powerful classical supercomputers billions of years to decipher. These specific mathematical challenges are precisely what secure the vast majority of our online interactions, from secure websites and email inboxes to banking transactions. Shor’s algorithm demonstrated, in theory, that this foundational security assumption was fundamentally flawed.
For decades, the realization of this threat remained confined to theoretical discussions. The initial estimates for building a quantum computer capable of executing Shor’s algorithm were staggering, requiring billions of qubits – the fundamental units of quantum information. While these estimates have progressively decreased over the years, with recent projections settling around a million qubits, the sheer scale of such a machine has consistently placed it far beyond the reach of existing quantum computers, which typically boast only hundreds of qubits. However, this landscape is rapidly changing. Two independent research groups have recently unveiled advancements that significantly narrow the gap between theoretical requirements and current technological capabilities, signaling that powerful quantum computers capable of breaking current encryption might be years, rather than decades, away.
Collision of Quantum Trends: Neutral Atoms and Advanced Error Correction
The vanguard of this accelerated progress is represented by two distinct, yet converging, research efforts. The first, spearheaded by a distinguished team of quantum physicists at the California Institute of Technology (Caltech), has publicly detailed a design for a quantum computer that could potentially break encryption using a remarkably reduced qubit count – in the tens of thousands. This ambitious project has already led to the formation of a new company, Oratomic, dedicated to building this next-generation machine. Concurrently, researchers at Google have announced a significant leap forward in the efficiency of Shor’s algorithm implementation, developing a method that is ten times more effective than previous approaches.
"If you care about privacy or you have secrets, then you better start looking for alternatives," stated Nikolas Breuckmann, a mathematical physicist at the University of Bristol, who was not involved in either of the new studies. This sentiment underscores the urgency of the situation. While neither Google nor the Caltech-affiliated team currently possesses the hardware to break encryption today, their findings collectively suggest a paradigm shift. They indicate that the era of fault-tolerant quantum computing, once considered a distant prospect, is drawing nearer, necessitating a proactive response from policymakers, corporations, and individuals concerned with digital security.
The Caltech team’s breakthrough hinges on the convergence of two pivotal trends in quantum computing development. The first is the burgeoning advancement of neutral atom qubits. Unlike other qubit modalities, such as the superconducting circuits favored by companies like Google and IBM, which are fast but fixed in place, neutral atoms offer unprecedented flexibility. Over the past decade, physicists have honed their ability to trap and manipulate hundreds, and even thousands, of neutral atoms using precisely controlled laser beams, arranging them into custom configurations. This flexibility is crucial for implementing advanced quantum error correction codes.
In 2023, researchers working in the lab of Harvard physicist Mikhail Lukin, including Caltech physicists Dolev Bluvstein and Madelyn Cain, demonstrated sophisticated quantum algorithms running on 280 neutral atoms. Shortly thereafter, a group led by Manuel Endres at Caltech set a new benchmark by demonstrating the manipulation of an impressive 6,100 neutral atoms simultaneously, although no computations were performed with this setup.
The second critical trend is the dramatic improvement in the potency of quantum error correction codes. Qubits, regardless of their physical implementation, are inherently fragile and prone to errors. Quantum computation necessitates constant vigilance to mitigate these errors. The long-standing gold standard for error correction is the "surface code." This method involves arranging qubits in a grid, where each qubit is linked to its neighbors. This collective arrangement forms a single "virtual qubit," offering a degree of protection against errors that might affect individual physical qubits. When some qubits falter, the virtual qubit remains stable long enough to identify and correct the faulty ones. While the surface code is robust and well-understood, it is exceptionally resource-intensive, requiring thousands of physical qubits to create just one reliable virtual qubit.
Revolutionary Codes and AI-Assisted Design
However, recent years have seen the emergence of quantum "low-density parity-check" (qLDPC) codes, which drastically reduce the number of physical qubits needed for each virtual qubit. These codes are more complex, requiring physical qubits to be linked to others that are not necessarily their immediate neighbors, but they offer significantly higher qubit density within a given array. Neutral atoms are particularly well-suited to qLDPC codes due to the ability to precisely move atoms across an array to establish these long-range connections.
Bluvstein and Cain, driven by the question of the smallest quantum computer capable of cracking cryptocurrency wallets, collaborated with experts in qLDPC codes and quantum theory. Their efforts involved Qian Xu, a specialist in qLDPC codes; Robert Huang, an expert in quantum theory and machine learning; and Manuel Endres for experimental guidance. John Preskill, a renowned theoretical physicist at Caltech with extensive experience in quantum error correction, provided advisory support.
The development of effective qLDPC codes involves navigating a complex landscape of trade-offs between efficiency (the number of physical qubits per virtual qubit) and effectiveness (the ability to withstand errors). Small modifications can lead to substantial performance gains. Nikolas Breuckmann has likened this process to cooking, where a precisely added ingredient can transform a dish. The Caltech team sought a code that balanced both efficiency and robustness. Qian Xu identified a promising code structure, and Robert Huang and his students refined it.
In a notable development, Huang and his team enlisted the aid of a large language model (LLM) designed by mathematicians. This AI was fed a mathematical description of qLDPC codes and tasked with generating novel solutions. The LLM produced a code capable of forming a virtual qubit from just four neutral atoms, while also demonstrating resilience against 20 to 24 catastrophic errors. This represents a significant improvement over previous high-performing qLDPC codes, which required 12 physical qubits per virtual qubit and could only withstand up to 12 errors. The LLM also generated an efficient decoder algorithm, essential for identifying and rectifying errors.
With this advanced code and decoder in hand, the Caltech researchers devised intricate protocols for manipulating physical qubits while maintaining their protected state. They then estimated the execution speed of these protocols and simulated the performance of their proposed quantum computer when running Shor’s algorithm. "We put together a lot of things," remarked John Preskill. "When you do it right, the answer turns out to be surprisingly encouraging."
The simulations explored various atomic array configurations to estimate the time required to break two primary encryption schemes: RSA (Rivest-Shamir-Adleman) and ECC (elliptic curve cryptography). Their findings suggest that breaking common RSA in about a century would require 10,000 atoms, while 100,000 atoms could achieve the same feat in approximately three months. For the more readily breakable ECC, 10,000 atoms could crack it in about three years, and 26,000 atoms in a matter of days.
Google’s Algorithmic Efficiency and the Imminent Shift
Simultaneously, Google’s quantum AI team, under the leadership of Craig Gidney, has been relentlessly optimizing the implementation of Shor’s algorithm. Their prior work in 2019 outlined a quantum program capable of breaking RSA encryption in eight hours using 20 million qubits. By last year, Gidney had devised a method requiring fewer than a million qubits.
In a white paper released on the same day as the Caltech announcement, Gidney and his collaborators revealed a new quantum procedure specifically tailored for breaking ECC. This procedure is at least ten times more efficient than prior methods. They estimate that most cryptocurrencies could be compromised in minutes by a machine with fewer than 500,000 qubits.
"That tenfold reduction in the actual space-time cost of elliptic curve code breaking is hugely significant," commented Jeff Thompson, a physicist at Princeton University and CEO of neutral atom startup Logiqal. The combined advances from Google’s algorithmic efficiency and Caltech’s refined hardware design indicate that smaller quantum computers may soon achieve feats previously thought to require much larger machines. These developments also mark a critical juncture where researchers are beginning to employ advanced techniques, such as zero-knowledge proofs, to safeguard proprietary details of their work, a sign of increasing competition and strategic importance in the field.
The implications of these breakthroughs are profound and necessitate immediate action. The National Institute of Standards and Technology (NIST) has already published new cryptographic standards designed to be resistant to both classical and quantum attacks. The U.S. government has outlined a plan to fully transition to these post-quantum cryptography (PQC) standards by 2035. However, some experts believe this timeline may be too extended. Google, for instance, has announced its intention to phase out its reliance on RSA and ECC by 2029, signaling a corporate commitment to proactive migration.
"If you were thinking about when you were going to do a post-quantum crypto transition, you should not be waiting any longer," urged Thompson. "This is the time to do it."
Quantum Dreams vs. Engineering Realities
While the theoretical blueprints for these powerful quantum computers are becoming clearer, the practical challenges of their construction remain substantial. Opinions vary on the plausibility of Oratomic successfully building a quantum computer as formidable as the one described on paper. Mikhail Lukin, a founder of the neutral atom startup QuEra Computing, noted that the Caltech team’s projections are "broadly in line with what we and others have estimated," but stressed that "in these resource estimates details matter and it is important to work them out carefully."
Key details, particularly concerning the intricate error correction steps that underpin Caltech’s most optimistic projections, remain somewhat vague, making independent evaluation challenging. Other researchers have raised questions about some of the team’s mechanical assumptions, such as their "aggressive assumptions about the speed of operations they can do." The Caltech group claims their machine could eventually complete the entire error correction cycle – including error detection, interpretation, correction, and atom replacement – every millisecond.
Maintaining such a rapid cadence of error correction for the extended periods required for complex computations, potentially days or weeks, represents a significant engineering hurdle that no group has yet overcome. "I’d like to see a demonstration on a smaller scale, say, 100 or 1,000 qubits," suggested Mark Saffman, a physicist at the University of Wisconsin-Madison and chief scientist for quantum information at Infleqtion. "Show me that you can do a million rounds or something."
The Caltech team acknowledges the ambitious nature of their plan and the considerable engineering effort required for integration. However, they do not foresee insurmountable obstacles. "We just have to build these machines and see if they work," stated Preskill.
The Dawn of the Fault-Tolerant Era
The successful construction of a quantum computer capable of executing Shor’s algorithm would mark the definitive end of the "Noisy Intermediate-Scale Quantum" (NISQ) era, a term coined by Preskill in 2018 to describe the pre-error-correction period. It would usher in the age of "fault-tolerant" quantum computing. Researchers are already envisioning the applications that will define this new era.
Robert Huang plans to initially run Shor’s algorithm to validate the machine’s functionality, followed by exploring its potential to accelerate machine learning tasks. For many physicists at the forefront of quantum computing development, the primary motivation is not cryptography but a deeper exploration of fundamental physics. They are eager to leverage quantum computers to uncover new phenomena, such as the mechanisms behind high-temperature superconductivity, or to simulate complex quantum systems like the fabric of space-time.
The Caltech group recognizes that realizing their ambitious vision will require years of dedicated work. Yet, the prospect of building the world’s first fault-tolerant quantum computer is a powerful driving force. As Dolev Bluvstein jubilantly expressed before their paper’s release, "Pick a cooler life quest than building the world’s first quantum computer with your friends!" The rapid advancements announced by both Google and the Caltech team underscore that this quest, once a distant dream, is now on a trajectory towards tangible reality, with profound implications for the future of digital security and scientific discovery.
Related posts:
