Quantum Threat to Crypto May Arrive Sooner as Qubit Requirements Fall
New research suggests the quantum computing power needed to break the cryptography securing blockchain networks is lower than previously estimated, intensifying concerns over whether the crypto industry can transition to quantum-resistant systems in time.
A joint paper from Caltech and quantum startup Oratomic indicates that a machine with roughly 26,000 qubits could break ECC-256—the elliptic curve encryption standard used by Bitcoin and Ethereum—in about 10 days. By comparison, RSA-2048, widely used in traditional financial systems, would require significantly more computational resources.
More strikingly, the study estimates that as few as 10,000 physical qubits could be sufficient to compromise the cryptography protecting bitcoin and ether wallets. That figure marks a sharp reduction from earlier projections, which often ranged into the hundreds of thousands.
Qubits, the fundamental units of quantum computers, measure system scale rather than processing speed, analogous to cores or transistors in classical computing.
The findings, published on the arXiv preprint server, coincide with a separate Google Quantum AI paper that places the threshold for breaking similar encryption below 500,000 qubits. The Oratomic analysis builds on Google’s quantum circuit designs for attacking 256-bit elliptic curve cryptography, showing that a neutral-atom architecture—where laser-controlled atoms function as qubits—could execute the same tasks with far fewer resources.
Together, the studies highlight a rapid compression in estimates for quantum attack feasibility. Over the past two decades, the qubit requirements for running Shor’s algorithm—the quantum method used to break public-key encryption—have dropped dramatically, from roughly one billion qubits in early estimates to around 10,000 today.
These advances sharpen the potential timeline for real-world risks. Under the study’s assumptions, a 26,000-qubit system could derive private keys from public addresses within days, enabling attackers to take control of funds secured by ECC-256.
Breaking RSA-2048 would remain more resource-intensive, requiring about 102,000 qubits and several months of computation in a parallelized setup. Elliptic curve cryptography is considered more vulnerable in this context because it delivers comparable security with smaller key sizes.
The research suggests that rapid “on-spend” attacks—where a quantum system cracks a key in minutes to intercept live transactions—are unlikely in the near term. However, it does little to mitigate longer-term risks to funds already stored in exposed addresses, including millions of bitcoins held in early wallets or reused keys.
The study comes with notable caveats. All nine authors are shareholders in Oratomic, with most directly employed by the company, positioning the work as both a scientific contribution and a validation of its hardware approach.
Still, the broader trend is clear. As qubit requirements continue to fall, the focus is shifting from whether quantum computers can break crypto security to whether the industry can upgrade its defenses before the threat becomes economically viable.
Share this content:
