To defend against a CRQC, we need post-quantum cryptography. The defense side has no comparable backer.
By all public accounts, quantum computing capabilities are developing quickly. Google’s quantum researchers have spent the last twelve months publishing increasingly aggressive resource estimates for breaking elliptic curve cryptography. This public research raised alarms; going forward, it is likely that only a small fraction of the field’s research will be public. The conclusion and the recommendation of experts is that migration to post-quantum cryptography should begin immediately.
The gap is not a funding gap
The obvious response to the U.S. government’s announcement is that the defense side needs equivalent funding. Find an industry consortium, match the $2 billion, fund post-quantum cryptography research at the same scale, and close the gap.
That response is wrong, or at least insufficient. The issue with post-quantum defense is that everyone needs to adopt the solution at once. This is more of a coordination problem than a financial hurdle. Money can fund the offense to converge on capability. It cannot fund the defense to converge on adoption.
Securing bitcoin shows the shape of the challenge. There is one cryptographic system to defend, but the defense only works if every wallet, every custodian, every exchange and every long-dormant address moves to a new system together. Partial migration is partial protection. The defense has to propagate to millions of independent endpoints, none of which can be forced.
Leave a Reply