Preparing for the Quantum Age – U.S. Congressional Hearing Recap and Analysis
Introduction
On June 24, 2025, a House Oversight Subcommittee held a hearing titled “Preparing for the Quantum Age: When Cryptography Breaks.” This hearing convened government, industry, and academic experts to discuss the looming threat quantum computing poses to our current cryptographic systems and what the United States should do to prepare. Witnesses included (in my opinion a great selection) Dr. Scott Crowder of IBM, Marisol Cruz Cain of the Government Accountability Office (GAO), Denis Mandich of Qrypt, and Professor Brenda Rubenstein of Brown University. The session was prompted in part by recent GAO reports warning that quantum computers could eventually break widely used encryption.
Lawmakers and experts largely agreed on the urgency of “quantum readiness” – modernizing encryption and systems before a powerful quantum computer arrives – but they differed on timelines and approaches. Below I tried to summarize key themes from the hearing and offer personal perspective on these issues.
Broad Consensus: Invest in Quantum Science and Workforce
I appreciated the point of agreement and the persistance with which some experts were stressing that America’s leadership in the quantum era will depend on robust investments in foundational science and in training a quantum-proficient workforce. Dr. Brenda Rubenstein repeatedly warned that this quantum talent pipeline is in jeopardy due to proposed severe cuts to basic research funding. Her and Mr. Mandich were doing a great job highlighting how the planed cuts to the National Science Foundation’s science budget by 57% (and 85% for Physics) would impact the national quantum preparedness and competitiveness”.
Other panelists echoed the need for sustained support of R&D and education. GAO’s Marisol Cruz Cain testified that “the United States needs to develop a strong quantum workforce to maintain its leadership… leveraging programs, training, and hiring are key.” She added that “sustained investment is particularly important to advance these technologies. To do so, basic funding for research and early development activities is essential.” In plain terms, without funding the science itself and educating the next generation of quantum engineers, any hope of long-term security or technological edge is dim.
Encouragingly, the witnesses praised initiatives to boost quantum R&D. They also highlighted the role of national labs and public-private partnerships. Denis Mandich underscored that U.S. national laboratories (like Los Alamos and Livermore, where Rubenstein once worked) have historically driven breakthroughs in cryptography and quantum science – resources the U.S. must not neglect or defund. Both Mandich and Rubenstein stressed that cutting research budgets now would be counterproductive just as other nations are doubling down. In short, the panel sent a clear bipartisan message: Invest in the fundamental science and talent today to secure America’s quantum future.
Debating the Quantum Threat Timeline: 10–20 Years or Much Sooner?
While everyone agreed a large cryptography-breaking quantum computer – often called a CRQC (cryptographically relevant quantum computer) – poses a serious threat, opinions diverged on how imminent that threat is. Several witnesses and lawmakers repeated a now-familiar estimate: that such a quantum machine “may be developed in the next 10 to 20 years.” This figure, cited in GAO’s reports and echoed by others, suggests we might have a decade (or more) of runway to upgrade our encryption. I was struck by how often this 10–20 year timeframe was mentioned – at least four times by different speakers – almost as a comforting refrain. In my view, this complacent timeline is misguided.
As Denis Mandich compellingly argued, the quantum threat is better seen as a “White Swan” certainty than a distant long-shot. “The timeline is shrinking. The threshold is roughly four thousand logical qubits, and leading programs are racing toward that mark already,” he testified. In other words, at the current pace of global research, reaching the capability to break encryption is not some far-off hypothetical – it’s a when, not if, and progress may unfold nonlinearly. “Delay is not just risky, it’s irrational,” Mandich warned. “Progress in quantum computing is nonlinear and prone to sudden breakthroughs, and our adversaries have every incentive to conceal milestones until it’s too late.” The industry should take those words seriously. History is full of technological surprises, and the opaque nature of quantum research (especially in strategic programs) makes it risky to assume we have 20 years.
IBM’s Dr. Scott Crowder also urged urgent action despite the uncertainty. He noted that even if a CRQC is a decade away, the migration to quantum-safe encryption will itself take many years. Citing the slow pace of past crypto transitions, Crowder pointed out that “broad adoption of new cryptography can take more than a decade. Thus, we must act now… [We] must ensure our nation’s most critical systems are safe from the threat.” In fact, the National Institute of Standards and Technology (NIST) has recommended that vulnerable encryption (like RSA and ECC) be phased out by 2035. That date might sound distant, but achieving it means starting migrations today. If we wait until a quantum breakthrough is confirmed, it will likely be too late to avoid chaos.
My take: Policymakers and experts should treat the quantum decryption threat with the urgency of a present danger, not a future conjecture. The expert consensus has shifted forward from the previous 10-20 years. I recently predicted 2030 as the Q-Day. I might be a bit too bullish, but it’s safer to err on my side than on the opposite.
Mixed Messages on China and the Quantum Race
Another prominent theme was the strategic competition in quantum technology, particularly the U.S. vs. China narrative. Throughout the hearing, there was an interesting dual message: on one hand, optimism that the U.S. currently leads in quantum R&D; on the other, alarm that China is catching up or even ahead in secret. Chairwoman Nancy Mace set the tone by emphasizing that America “must update cybersecurity protocols to protect… from hostile nations like China.” Witnesses agreed that China is investing heavily in quantum. Marisol Cruz Cain noted foreign competitors are pouring “tens of billions” into research. Dr. Crowder acknowledged that based on public data, the U.S. likely still holds a lead in building advanced quantum computers – “we think we have a lead… today, but that’s only based on public data,” he said . The worry is what “we” don’t see. As Crowder added, other governments are funding more applied quantum research than the U.S. at the moment.
Mandich, a former U.S. intelligence veteran, delivered some of the more sobering comments about China. He asserted that “China is quietly making quantum computing advances” and is “being very secretive about what they’re doing.” He even suggested the U.S. might face a sudden leap by China that catches America off-guard, akin to how the rapid progress in AI surprised many. “We’re likely going to experience a DeepSeek moment in quantum computing… that came up very quickly and didn’t happen from fundamental research. It came from data theft and IP monetization,” Mandich said. In his view, China’s strategy includes exploiting stolen intellectual property and leveraging any and all access to Western know-how to leapfrog in the quantum race.
However, this is where the messaging felt contradictory. In nearly the same breath that some experts downplayed the immediacy of a CRQC (the “10-20 years away” refrain) and claimed current US supremacy in the field, they raised the specter that perhaps China could spring a quantum decryption capability on us much sooner. It can’t be both ways. If we truly believe a CRQC is decades out and the U.S. leads the way, then why suggest China might have one already or imminently? Conversely, if the experts and lawmakers fear a surprise from China, then they shouldn’t be saying the threat is 20 years off.
At the same time, it’s important not to lapse into unproductive panic or xenophobia. Yes, China (and others) will continue to push hard on quantum. Yes, they likely aim to exploit any complacency among their geopolitical adversaries, including the “harvest now, decrypt later” tactics already underway (As the U.S. would too if they happen to develop CRQC first). But responding to this challenge requires level-headed urgency – investing in own innovation and resilience – rather than fear-mongering. The hearing made clear that the U.S. has significant strengths: world-class companies, research institutions, and talent. The task is to mobilize those strengths with sufficient priority and funding.
Political Sideshows
Unfortunately, parts of the hearing veered into political grandstanding that did little to solve the quantum puzzle. Not that I expected anything better from such a hearing. In particular, some questioning focused on casting suspicion on foreign students in U.S. universities. One representative suggested that Chinese nationals come to American schools under false pretenses (like enrolling in English programs) only to switch into technical fields and “end up competing with the United States.” The implication was that academic researchers (even a professor from Brown University, sitting right there) might be unwittingly training America’s adversaries. In response, Denis Mandich agreed that “China floods the United States with students. That’s their frontline collection platform… we’ve effectively trained their entire quantum industry here in the United States.” He advocated limiting that flow and lamented that not enough Americans pursue these fields, saying the U.S. need their own students to become the majority in STEM programs.
(Some of these statements are just wrong. Dr. Pan Jianwei – now often hailed as the “father of Chinese quantum science” – completed his PhD under quantum pioneer Anton Zeilinger in Vienna (who also didn’t obtain his education in the US). Many other prominent Chinese quantum experts did not train in the US. Just the usual fear-mongering about China and unfounded claims of the U.S. superiority.)
As someone in the tech industry, I found this line of discussion disappointing. Yes, security screening and counterintelligence are important, and everyone should be eyes-open about espionage. But painting all foreign students and scientists with a broad brush as potential spies is counterproductive. The U.S. has led in science and tech precisely because it used to attract the best minds from around the world and uphold an open, innovative research environment. Many of those “foreign” students stay in America, start companies, make discoveries, and bolster American economy and defense. If the US suddenly “limit” international scientific exchange across the board, it risks shooting itself in the foot. By all means, protect truly sensitive research and punish IP theft – but let’s not demonize an entire pipeline of talent. Rather than politicizing classroom demographics, Congress would do better to fund more scholarships and fellowships to grow that workforce (something Rubenstein noted has been cut back, to the U.S. detriment).
Another politicized moment was when some members heaped praise on President Trump for his cybersecurity efforts. Credit where it’s due: the Trump Administration did continue funding quantum research and established the National Quantum Initiative. However, it was hard to ignore the irony that just weeks before this hearing, President Trump signed an executive order that undermines some of the very quantum-readiness goals the panel championed. Specifically, the June 6, 2025 order “strikes or revises many specific mandates – particularly those related to post-quantum cryptography.” It rolled back the prior policy that agencies “begin adopting post-quantum cryptography (PQC) ‘as quickly as feasible’” – “removing those urgent PQC adoption requirements” that had been in place. In essence, the new order pressed “pause” on the transition to quantum-safe encryption, pushing out federal PQC implementation toward the end of the decade. Gone were the deadlines for agencies to start using quantum-resistant solutions, replaced by a far more relaxed timeline. This dramatic policy reversal directly conflicts with the hearing’s message that the preparation must accelerate, not delay, quantum security upgrades.
It was therefore jarring to hear a lawmaker thank the President for his (purported) leadership on this issue. If anything, the current administration’s actions have created a strategic incoherence: on one hand talking up quantum threats, on the other hand loosening mandates to respond. As a cybersecurity professional, I share the concern voiced by many experts that this rollback of urgent PQC requirements is a “risky gamble.” It sends precisely the wrong signal and could leave the U.S. less prepared should the quantum timeline accelerate. True leadership in quantum preparedness will require aligning words with deeds – Congress and the White House working together to provide consistent direction, funding, and urgency to the effort.
Conclusion
The House subcommittee hearing was an important public airing of the challenges we face in the quantum age. On the positive side, it highlighted a growing, bipartisan understanding of the issue: post-quantum cryptography migration, workforce development, and R&D investment are now on Washington’s radar. There is broad agreement that America must “maintain its lead” and not be caught flat-footed as quantum technology advances. The witnesses’ testimonies – from IBM’s emphasis on acting now, to GAO’s call for national strategy leadership, to industry’s warning against complacency – provide a solid blueprint for action. The fact that Congress is holding such hearings at all is a good sign. We have moved beyond whether quantum is a threat to how to address it.
Yet, as with many such sessions, the real test is what happens after the hearing. Talk is cheap if not followed by concrete support. The hearing made clear that time is of the essence, even if some official estimates still put a CRQC a decade or more away.
In my view, the hearing underscored both my alignment with many experts and my areas of concern. I wholeheartedly support the calls to invest in education and research – after all, quantum resilience will rely on both brilliant people and breakthrough innovations that come from sustained research. I also agree on the importance of quantum readiness legislation and standards (e.g., encouraging rapid adoption of NIST’s new PQC algorithms). But I caution against any narrative that downplays the urgency. The oft-repeated “10-20 years” timeline for quantum threats was an optimistic guess at best, and at worst it risks lulling organizations into procrastination.
