Celebrity gossip might break the Internet, but not in the way that quantum computers could. “The advent of quantum computers poses a critical threat, as they could break widely deployed encryption schemes,” warns Lily Chen, a cryptography expert from the US National Institute of Standards and Technology (NIST). Systems at risk include banking encryption, digital signatures, secure messaging, secure shell tunnelling, cryptocurrency and more.

Today’s quantum computers are still too small and error-prone to defeat gold-standard encryption. However, new results from Google Quantum AI and start-up Oratomic suggest that could change, with two widely used cryptographic systems – elliptic curve cryptography (ECC) and the Rivest-Shamir-Adleman (RSA) algorithm – potentially coming under threat sooner than many scientists predicted.

Space–time trade-off

At present, anyone who wants to access encrypted information needs a secret digital key. To obtain this key, an attacker must first solve a difficult mathematics problem. For example, breaking the RSA algorithm boils down to factoring a large number into its prime components. Breaking ECC involves finding a secret number that connects two points on an elliptic curve.

Classical computers might take billions of years to solve these problems. But if an attacker had access to a powerful enough quantum computer, they could solve the problems in mere minutes using an algorithm devised by Peter Shor in 1994.

Several years ago, experts estimated that cracking a typical RSA scheme with 2048-bit keys (RSA-2048) would require tens of millions of physical quantum bits (qubits), which are the building blocks of quantum computers. A year ago, this value dropped to a million. By February 2026 it was down to 100,000. The latest results from California-based Oratomic push the floor even lower, to 10,000 physical qubits. The largest neutral-atom qubit array – realized last year in the lab of Oratomic co-founder Manuel Endres – stands at 6100 qubits. This makes the benchmark of 10,000 feel alarmingly close, though Endres’ array hasn’t yet been used for computation.

There are, however, trade-offs. Quantum computers that use fewer qubits or more space-efficient hardware generally have longer computation times. Oratomic’s proposed 10,000-qubit platform would require three years to crack ECC with 256-bit keys (ECC-256) and 120 years to crack RSA-2048. The company’s predicted time-efficient alternative could solve ECC-256 in 10 days, but that would require 26,000 qubits. Solving RSA-2048 in 97 days would take 100,000 qubits.

Oratomic’s numbers have not yet been peer-reviewed, and outside experts say they depend on different assumptions about future hardware developments. “The space-efficient [architecture] is mostly based on assuming aspects that have been demonstrated to work individually in state-of-the-art academic labs,” explains Maria Violaris, a quantum physicist at Oxford Quantum Circuits, who was not involved in the research. “Meanwhile, the time-efficient one relies on more speculative assumptions that need future innovation.”

A second perspective

On the same day as the Oratomic team posted its findings on the arXiv preprint server, researchers at Google Quantum AI released a white paper with their own updated resource estimates. They report that a computer with 500,000 physical qubits made from superconducting circuits could solve ECC-256 in 18 minutes – and potentially even less (see box). Google’s current state-of-the-art processor, Willow, has 105 physical qubits. However, the researchers warn against assuming gradual and predictable progress because quantum computing developments are driven by overcoming scaling barriers rather than by steady increases in processor size.

The high number of physical qubits required for quantum computation comes from the need to detect and correct errors. Google Quantum AI’s estimate is based on a well-known error-correction method known as the surface code. In this approach, physical qubits are arranged in a rectangular grid and interact with their nearest neighbours. Quantum information is spread redundantly across this grid, allowing errors on one physical qubit to be found and fixed. The entire grid is considered one logical qubit, and the ratio of logical to physical qubits is called the encoding rate.

In the surface code, reducing error amounts to adding more physical qubits per logical qubit, and typical encoding rates range from a few hundred to a few thousand. In contrast, the Oratomic team based its estimates on a newer method of error correction called quantum Low-Density-Parity-Check (qLDPC), which reduces error more efficiently by making the physical qubits interact over large distances. Hengyun (Harry) Zhou, a physicist at the Massachusetts Institute of Technology in the US who was not involved in the research, explains that this longer-range connectivity can significantly increase the encoding rate. For qLDPC codes, a typical rate is around 1 to 10, but rates can now go as high as 1 to 2.

Because neutral atoms are highly reconfigurable, neutral atom platforms like those used by Oratomic (and other companies, including QuEra Computing, Infleqtion, Pasqal, planqc and Atom Computing) are naturally suited to the required long-range connectivity that qLDPC codes require. However, Zhou argues that it’s “not completely out of the question” that superconducting qubit platforms could use these codes too. “There is some additional cost that the lack of reconfigurability in those platforms currently leads to, but I would say if we’re thinking about a beyond-10-year timescale, it’s quite imaginable that things could also change for other platforms as well,” he says.

Responsible disclosure

Google Quantum AI’s white paper may represent a turning point in another respect. Rather than being open about their circuit designs, its authors hid them behind a “zero-knowledge proof”, which provided enough information to verify claims while hiding details that they say could provide bad actors with an “instruction manual”.

This is a relatively novel approach within the quantum computing community, which has thus far followed the conventional academic practice of publishing results with full transparency. A Google blog post expresses hope that “our approach to responsible disclosure can spur an important conversation among quantum computing researchers and the broader public”.

Certainly, it has already spurred a conversation among experts. “This is the first time I’ve ever seen a new mathematical result actually announced that way,” Scott Aaronson, a quantum physicist at the University of Texas at Austin, US, wrote on his blog. “I’m not sure how much it will actually help, as once other groups know that a smaller circuit exists, it might be only a short time until they’re able to find it as well.”

Zhou echoes this sentiment. “These are the kind of results that could potentially have a lot of general societal safety implications, so you want to make sure that they’re safeguarded responsibly,” he observes. “That being said, I think it is also possible that other people, now that they know what is possible, might come up with related constructions.”

What comes next?

In the long run, protecting against threats likely means migrating away from RSA and ECC and towards new mathematical problems that are difficult for both classical and quantum computers to solve. Google recently introduced 2029 as an internal deadline for migrating major system to so-called post-quantum cryptography (PQC), and many experts believe the migration ought to begin now.

“Migrating to PQC is a massive undertaking that won’t happen overnight. Starting migration today is a necessary risk management strategy,” urges Chen from NIST. She notes that NIST has been instrumental in guiding this migration, beginning with its 2016 call for cryptography experts to design and evaluate new algorithms for PQC, and culminating in its publication of the three most promising ones in 2024.

The Google Quantum AI researchers also outline recommendations to help cryptocurrency communities and policymakers prepare for the PQC era. And while urgency permeates their white paper, ongoing PQC efforts prompted them to end it on a positive note. “These trailblazing projects demonstrate that transition to post-quantum cryptography is realistic and instil hope that it will have been completed before the first [cryptographically relevant quantum computers] come online,” they write.

The post New findings shorten the road to cryptographically relevant quantum computers appeared first on Physics World.

Many-body physics is the study of large ensembles of interacting particles and their collective behaviour. These systems are notoriously difficult to simulate, yet they underpin phenomena such as superconductivity and superfluidity. Thus, they are of great interest to understand. As a many-body physicist myself, I arrived at my first American Physical Society (APS) meeting with a different curiosity: understanding what the largest physics conference in the world was all about.

Last week, I joined a crowd of 14,000 scientists convening in Denver, Colorado for the annual Global Physics Summit, hosted by the APS.

On Sunday morning, the day before the conference, I walked alone through the streets of downtown Denver. Silence filled the frigid air. A light flurry of snow covered the empty streets in white. It seemed that the city was still asleep.

But Denver was abruptly awakened on Monday morning, as I found myself well-accompanied by the crowd collectively moving towards the Colorado Convention Center for an 8 a.m. start. Inside, the conference was humming with its own emergent dynamics, with lines forming around coffee stations and people bustling to find their way to wherever they were going.

Throughout the day, I was faced with the repeated indecision of choosing between over 80 simultaneous sessions. Some sessions housed APS’s infamous blitz talks with speakers racing to pack as many graphs and equations into their allotted 10 min. Having barely enough time to write down the takeaways, I tried, often in vain, to fill my memory as quickly as possible.

Other sessions featured longer talks on hot topics in physics. By evening, my mind was swimming with notions of scalable quantum computing and physics funding issues and public engagement opportunities and the infiltration of AI slop into every corner of the scientific process. These sessions offered me a necessary reminder that science is not performed in a vacuum. With that said, the purely technical sessions on ultracold atomic gases served as a necessary reprieve for me that day.

Ultracold atoms, cooled to only a fraction of a degree above absolute zero, provide physicists with a clean and controllable platform for studying quantum many-body physics. At its heart, this physics is governed by interparticle correlations.

During my PhD, we measured two-body correlations and observed bosons spatially bunching together—unlike their antisocial fermionic counterparts. While the stereotypical physicist may be notoriously antisocial, the APS lanyard seemed to overturn that reputation.

Over dinner one evening, I requested a table for one. Only a moment later, I was joined by a physicist I’d never met before, and the evening unfolded behind pleasant chatter of 2D materials and the lack of vegetables in our travel diets.

Two tables down sat a professor whose work I admired. I’ll admit that I embarrassingly (or, more favourably, courageously) walked to the washroom so that I could pass by his table and say hello. I had met him once last year, but he didn’t remember me. So, I kept talking until he agreed that he remembered, and that it was nice to run into each other again. Whether true or not, I accepted it as a win. Without an APS lanyard, I probably would have avoided that conversation.

Single-atom resolution

On Thursday, a session titled “Novel imaging and quantum sensing technologies” caught my eye since I work with a quantum gas microscope. The microscope is a high-magnification imaging system that affords us the resolution of individual atoms. The microscopic information is far richer than what is obtained by a bulk imaging technique such as absorption.

Similarly, at the conference, I found the greatest value in individual conversations. Conversing with employees at the career fair, though exhausting, was far more effective than listening to panels on how to plan for careers that I couldn’t decide if I wanted.

By the end of the week, I started to recognize people I had already met over the few days prior. I saw every reunion or simple “Oh! Hi” as miraculous rather than a given, based on the size of the conference. People shared with me their personal journeys navigating the hardships and uncertainties of today’s world, others about the trade-offs and uncertainties in their experimental results. Some of the most fulfilling and deeply human conversations were the spontaneous ones that arose outside the doors of sessions that we had meant to be in.

When Friday rolled around, the city emptied as quickly as it had filled. For me, I retreated into the sunny Boulder mountains, mulling over the lingering resolution of singular people whose shared words and ideas were now intertwined with my own. Ignoring my fear of getting lost, I followed my instincts deeper into the dry heat of the afternoon, one step at a time.

The post Many-body effects at the world’s largest physics conference appeared first on Physics World.