Quantum Computing Hype and Fear: Same Song, New Verse

The Never-Ending Quantum Crypto Panic

Another year, another wave of “quantum computers are about to crack all our encryption” fear-mongering. It’s 2012, and I’m getting déjà vu reading headlines proclaiming the imminent doom of RSA and other cryptography. I’ve been writing about this for at least 10 years.

Ever since Peter Shor unveiled an algorithm for factoring large numbers on a quantum computer back in 1994, the tech world has periodically spiraled into panic about a coming cryptographic apocalypse. Every few years, like clockwork, some news story or paper triggers a fresh round of hyperbole – “Quantum breakthrough spells end of internet security!” – despite the fact that actual quantum computing progress has been slow and steady, not explosive.

This year’s scare seems to be fueled by a mix of genuine scientific advances and overzealous reporting. I’ve seen articles touting that quantum computing is “finally within reach” and could break encryption in as little as 10-15 years, citing IBM researchers’ optimism. One piece even breathlessly noted that a sufficiently large quantum computer could factor a 1000-digit (approximately 3300-bit) number in an hour – something that would take classical computers longer than the age of the universe. Taken out of context, quotes like that understandably make people jump: RSA-2048 encryption (which uses ~617-digit keys) underpins our digital security. It sounds like all our secrets will be laid bare any minute now.

Let’s just take a deep breath and separate the hype from reality. The truth is, we’ve been hearing these dire predictions for many years. And yet, RSA-2048 is still nowhere cloe to being broken, online banking hasn’t imploded, and quantum computers have not ushered in a new age of universal code-breaking.

The fear-mongering headlines gloss over just how far the technology remains from the capabilities needed to threaten modern cryptography. Let’s do a reality check on the state of quantum computing before we declare the sky is falling (again).

Reality Check: The State of Quantum Computing

To put it bluntly, today’s quantum computers are tiny prototypes. They are marvelous feats of engineering and physics, but their capabilities are extremely limited. Recent news of “quantum breakthroughs” needs to be viewed in context. Here are a few milestones and facts that paint the real picture of where the industry stands:

Record Factoring Achievement: The largest number ever factored on a quantum device is 143 (a mere three digits), and that just happened this year. Yes, 143 = 11 × 13 – hardly a number that keeps cryptographers up at night. (For comparison, RSA-2048 keys are 2048 bits long, which is about a 617-digit number) The previous record was factoring the number 21. These are cute laboratory demos and important proof-of-concept experiments, but they’re astronomically far from breaking 2048-bit RSA.

Qubit Fragility and Decoherence: Quantum bits (qubits) are notoriously fragile. Controlling even a handful of qubits for more than a blink is a major challenge. The physicists who factored 143 themselves emphasized that “environmental noises and other imperfections make the quantum system so fragile that decoherence could destroy everything stored in qubits in a short time”. In practice, today’s quantum processors lose their quantum state (i.e. “forget” their data) in microseconds unless heroic measures are taken. We haven’t yet mastered quantum error correction at any useful scale, which is essential for running long algorithms like Shor’s on big numbers.

Superconducting Qubits (IBM’s Breakthrough): On the bright side, there have been solid advances. IBM researchers recently found ways to extend the coherence time of superconducting qubits to around 100 microseconds. That sounds infinitesimal, but it crosses a crucial threshold: it’s just enough to start implementing rudimentary error correction. Off the back of this, IBMers like Mark Ketchen have become more optimistic about the timeline. “In the past, people said maybe it’s 50 years away… I used to think 50. Now I’m thinking 15 or a little more. It’s within reach. It’s within our lifetime. It’s going to happen,” Ketchen told the press. This is encouraging news, but note that even this optimist says on the order of 15 years to get a working, large-scale machine. And that’s not 15 years to break RSA; that’s 15 years to maybe build a general quantum computer at all.

Trapped Ion Qubits (Entanglement Record): Academia has also pushed the envelope with other modalities like trapped-ion computers. Just last year, a team in Innsbruck entangled 14 ions in a quantum state – the largest entangled quantum register achieved to date. Fourteen qubits entangled is an impressive scientific record, showing that ion trap systems are leading in terms of high-fidelity qubit control. But again, 14 qubits entangled together is a far cry from the thousands or millions of qubits we’d eventually need for factoring large keys. It’s a bit like bragging that we’ve built a 14-piece jigsaw puzzle when the “puzzle” of RSA-2048 would require assembling millions of pieces. Great progress, but we’re still at a very small scale.

Quantum Annealing and D-Wave: The private sector isn’t idle either. D-Wave Systems, for instance, has been selling an adiabatic quantum annealer – a very specialized type of quantum processor. In 2011, they sold the first-ever “commercial quantum computer,” a 128-qubit machine, to Lockheed Martin for a rumored $10 million. That certainly sounds futuristic – 128 qubits! – and it no doubt contributed to this wave of hype. However, it’s important to understand that D-Wave’s device is not a general-purpose quantum computer (it can’t run Shor’s algorithm to factor large numbers, for example). It’s designed to solve optimization problems via quantum annealing, and whether it provides any speedup over classical methods is hotly debated. In fact, many experts are skeptical: after the sale, one prominent computer scientist noted “there is an enormous gap between demonstrating some kind of quantum effect in eight qubits…and saying they have a 128‑qubit chip that can perform a computationally interesting task faster than a conventional computer”. In plain terms, just because D-Wave has a chip with 128 physical qubits doesn’t mean it can crack your passwords or even outperform your laptop for practical tasks. Quantum annealers like D-Wave’s are fascinating, but they don’t currently threaten RSA encryption at all.

In summary, the state of the industry in 2012 is that we have a handful of promising quantum technologies, each tackling the problem from different angles (superconducting circuits, trapped ions, photonics, adiabatic annealing, etc.), and all making steady progress at a research scale. But we’re still firmly in the era of prototypes. The “world’s best” quantum computations today can do things that classical computers can already do with ease – we’re just doing them quantumly to prove we can. There’s a long road ahead to go from these lab experiments to the kind of large-scale, fault-tolerant quantum computers needed to impact real-world cryptography.

The gap between where quantum tech is now and where it would need to be to break RSA-2048 is gargantuan. Actually executing Shor’s algorithm on a number that large requires a quantum computer of enormous size and accuracy, which we won’t have for decades (if ever) at the current pace.

Betting on the Future, Without the Hysteria

Here’s where I stand: I love quantum computing technology. I’m an optimist about its long-term potential, and I’m literally invested in it. I’ve put my money and time into this industry because I truly believe that over the next few decades, quantum computers will revolutionize fields from chemistry to optimization. The progress researchers are making, though gradual, is real and exciting. Each year we push the boundaries a little further: a few more qubits, a bit less error, a new technique to entangle or correct or scale. It’s the classic path of hard tech R&D: lots of baby steps, occasional leaps, and constant problem-solving. I remain bullish that in 20 or 30 years, we’ll have quantum machines that make today’s classical supercomputers look as quaint as an abacus for certain tasks.

But – and this is a big “but” – I’m equally a realist. I don’t smoke the hopium that says quantum supremacy is just around the corner, nor do I think investors or the public are served by hyperbolic fear or hype. The never-ending cry of “wolf!” about instant crypto-cracking quantum computers is not just annoying, it’s counter-productive. It creates confusion and skepticism.

When the media blows each incremental advance out of proportion, it sets unrealistic expectations that inevitably lead to disillusionment when they’re not met. We’ve seen this cycle with other tech (AI, anyone?) and it’s happening here too.

So to those spreading the quantum fear-mongering: chill out, please. Yes, plan for the future of security – by all means, NIST and companies should be working on quantum-safe crypto now (and they are). But stop screaming that the sky is falling every time a lab factors the number 143 or a company announces a new qubit record. Perspective is everything. The quantum revolution will come in its own good time, not on the breathless schedule of a sensational headline.