Reddit Insights

Quantum Breakthrough: Accelerating Demand for Post-Quantum Security

Published on 07/21/2025Trend Spotting / Early Adopter Signals

The successful breaking of an elliptic curve key using Shor's Algorithm on a quantum computer, though small-scale, marks a significant milestone in quantum computing's advancement. This development signals the growing, inevitable threat to current encryption standards and will accelerate the demand for Post-Quantum Cryptography (PQC) solutions. Businesses in cybersecurity, quantum hardware/software development, and specialized consulting for quantum-safe transitions will find substantial opportunities. Investment in quantum research and development will also likely increase.

Origin Reddit Post

r/futurology

Shor’s Algorithm Breaks 5-bit Elliptic Curve Key on 133-Qubit Quantum Computer

Posted by u/upyoars07/21/2025

Top Comments

u/Edward_TH
I'd like to point out that the point of the experiment wasn't to demonstrate that QC can demolish current cryptographic algorithms with ease. The point of the experiment is to prove that curr
u/patstew
But each pair corresponds to one of the 32 keys, so 32 of those 1024 combinations are 'correct'. They've then said that 3 of those correct results appear in the top 100. Which is about what y
u/NeutrinosFTW
Non-alarmists would do well to remember that EC private keys are an order of magnitude smaller than RSA keys (200-300 bits is considered secure), and that the time complexity of Shor's algori
u/jcrestor
So basically they achieved a random result?
u/Edward_TH
I'd like to point out that the point of the experiment wasn't to demonstrate that QC can demolish current cryptographic algorithms with ease. The point of the experiment is to prove that curr
u/upyoars
> Researchers successfully demonstrated a quantum attack on elliptic curve cryptography by breaking a 5-bit key using a modified Shor’s algorithm on IBM’s 133-qubit quantum processor. Desp
u/Sp1unk
The results comprised a pair of invertible 5-bit numbers, so 1024 possible combinations.
u/roychr
This is not the point. It shows a reasonable path where current modern crypto algorithms will be a thing of the past and vulnerable.
u/Nagisan
Fair....so we only need 8 *billion* qubits (to crack RSA-2048) in a world where we are at about 1000 at best so far. Assuming we follow a similar glide path to [transistor counts](https://
u/Away_Swim4614
The previous record was 17 and happened more than 5 years ago.
u/lleti
> 5 bits Alarmists would do well to remember there’s only 32 possible combinations for 5 bits - as it currently stands, you could manually brute force an input field faster than this qua
u/jcrestor
So basically they achieved a random result?
u/NeutrinosFTW
Non-alarmists would do well to remember that EC private keys are an order of magnitude smaller than RSA keys (200-300 bits is considered secure), and that the time complexity of Shor's algori
u/henryguy
True good summary in the edit, ty. Makes sense that within that span we'd develop better encryption thus constantly pushing the goal post back.
u/j--__
it literally says that a 5-bit key (32 possible values) existed within the "top 100 candidate solutions". sounds like you'd be better off brute forcing it.
u/patstew
It seems like it, their stated pass criteria is "Declares success if k = 7 appears in the top 100.", but their results show that every 5-bit key appears. It seems so stupid that I feel like I
u/wektor420
That sounds terrible - this should be considered a failure
u/Away_Swim4614
The previous record was 17 and happened more than 5 years ago.
u/OffbeatDrizzle
"computed" is the wrong word but it's the easiest way to relate it to classical computing. I thought the whole point was that you're trying to manipulate wave functions to produce a useful re
u/j--__
it literally says that a 5-bit key (32 possible values) existed within the "top 100 candidate solutions". sounds like you'd be better off brute forcing it.
u/patstew
What does it mean by the top 100 candidate solutions? There are only 32 possibilities for a 5 bit key, on the face of it they've done 3x more work in their classical post processing than it w
u/NeutrinosFTW
5 bits you can bruteforce in a microsecond, 300 bits would take you the age of several universes. That's why quantum computing and Shor's algorithm are scary: no exponential (in fact not even
u/MonadMusician
5 bits demonstrates absolutely nothing about scalability. You should include the size of the key space in your hype post and how many times in one second a 1000 dollar laptop can brute force
u/monkeywaffles
only 32 possible answers, but "correctly identified the secret key (k=7) within the top 100 candidate solutions." 100 possible solutions quantum sounds fun :)
u/Toomastaliesin
About a month ago, two researchers uploaded a rather sassy paper to eprint (https://eprint.iacr.org/2025/1237) by the name "Replication of Quantum Factorisation Records with an 8-bit Home Com
u/j4_jjjj
Correct, and which is why the article mentions they narrowed it down to 100 solutions to find the correct one. Imagine thinking this experiment had only 32 outcomes....ffs
u/OverSoft
Adding qubits to quantum chips is an exponential problem. It becomes exponentially harder to scale. Breaking 256-bit elliptic curve is very far off.
u/patstew
What does it mean by the top 100 candidate solutions? There are only 32 possibilities for a 5 bit key, on the face of it they've done 3x more work in their classical post processing than it w
u/Malvania
My understanding of quantum computing is that it relies on a bit having more than two states - a 2 bit system could be 00, 01, 10, 11, or any combination of them all at once. With that in min
u/CishetmaleLesbian
Is this cryptographically important? No. Not at all because a 5-bit key has only 32 possible values. 5-bit keys are cryptographically meaningless. A brute force attack on a classical laptop w
u/West-Abalone-171
Except it's not doubling every year. We're over two decades on from factoring a 5 bit number via shor's algorithm with no meaningful improvement. In spite of a four order of magnitude increas
u/MonadMusician
5 bits demonstrates absolutely nothing about scalability. You should include the size of the key space in your hype post and how many times in one second a 1000 dollar laptop can brute force
u/OffbeatDrizzle
"computed" is the wrong word but it's the easiest way to relate it to classical computing. I thought the whole point was that you're trying to manipulate wave functions to produce a useful re
u/Sp1unk
Yeah they combine the pair to produce the secret key. I'm not sure if exactly 32 of them would be correct or not, but I agree the success criteria seem quite broad. K=0 and k=8 both show up t
u/Sp1unk
Yeah they combine the pair to produce the secret key. I'm not sure if exactly 32 of them would be correct or not, but I agree the success criteria seem quite broad. K=0 and k=8 both show up t
u/MonadMusician
5 bits demonstrates absolutely nothing about scalability. You should include the size of the key space in your hype post and how many times in one second a 1000 dollar laptop can brute force
u/TwistedBrother
You speak as if technology is stationary.
u/j4_jjjj
Correct, and which is why the article mentions they narrowed it down to 100 solutions to find the correct one. Imagine thinking this experiment had only 32 outcomes....ffs
u/Warm_Iron_273
That's all they ever do. Quantum computers are vaporware.
u/FuturologyBot
The following submission statement was provided by /u/upyoars: --- > Researchers successfully demonstrated a quantum attack on elliptic curve cryptography by breaking a 5-bit key using a
u/OffbeatDrizzle
Is everyone missing the point that 5 bits now could be 10 bits next year, then 20... etc? It's like saying "bruh nuclear bombs are only theoretical" in 1941
u/CishetmaleLesbian
Is this cryptographically important? No. Not at all because a 5-bit key has only 32 possible values. 5-bit keys are cryptographically meaningless. A brute force attack on a classical laptop w
u/CishetmaleLesbian
Is this cryptographically important? No. Not at all because a 5-bit key has only 32 possible values. 5-bit keys are cryptographically meaningless. A brute force attack on a classical laptop w
u/patstew
I think it's exactly 32 correct results, because it's basically solutions to `(a + bk) % 32 == 0`, and 7 is coprime to 32. It would be fewer for even k.
u/NeutrinosFTW
Non-alarmists would do well to remember that EC private keys are an order of magnitude smaller than RSA keys (200-300 bits is considered secure), and that the time complexity of Shor's algori
u/monkeywaffles
only 32 possible answers, but "correctly identified the secret key (k=7) within the top 100 candidate solutions." 100 possible solutions quantum sounds fun :)
u/verbass
Not quite right, the 5 bit key has 32 possible keys. The solution was one of these 32 keys. Also quantum computing uses interference patterns of qubits to exploit properties that can improve
u/wektor420
That sounds terrible - this should be considered a failure
u/DrClownCar
This is just a proof-of-concept. If this benchmark doubles every year, it gives organisations a deadline in their post-quantum cryptography transition.
u/Nagisan
*If*.....there is no indication I've seen that it *will* double every year. The time taken to crack is exponential, so unless improvements in the ability of quantum systems to break encryptio
u/verbass
Not quite right, the 5 bit key has 32 possible keys. The solution was one of these 32 keys. Also quantum computing uses interference patterns of qubits to exploit properties that can improve
u/MonadMusician
With 5 bits a human being could do this on stationary if they wanted to waste time. I mean yeah people should start using post quantum methods like lattice cryptography as their go tos now bu
u/TwistedBrother
You speak as if technology is stationary.
u/j4_jjjj
Correct, and which is why the article mentions they narrowed it down to 100 solutions to find the correct one. Imagine thinking this experiment had only 32 outcomes....ffs
u/NeutrinosFTW
Non-alarmists would do well to remember that EC private keys are an order of magnitude smaller than RSA keys (200-300 bits is considered secure), and that the time complexity of Shor's algori
u/Malvania
My understanding of quantum computing is that it relies on a bit having more than two states - a 2 bit system could be 00, 01, 10, 11, or any combination of them all at once. With that in min
u/Sp1unk
The results comprised a pair of invertible 5-bit numbers, so 1024 possible combinations.
u/rorrak
From the article: 'Classical post-processing of the quantum results correctly identified the secret key (k=7) within the top 100 candidate solutions.' A 5 bit key only has 32 possible values
u/NeutrinosFTW
Non-alarmists would do well to remember that EC private keys are an order of magnitude smaller than RSA keys (200-300 bits is considered secure), and that the time complexity of Shor's algori
u/MonadMusician
5 bits demonstrates absolutely nothing about scalability. You should include the size of the key space in your hype post and how many times in one second a 1000 dollar laptop can brute force
u/Nagisan
Fair....so we only need 8 *billion* qubits (to crack RSA-2048) in a world where we are at about 1000 at best so far. Assuming we follow a similar glide path to [transistor counts](https://
u/patstew
But each pair corresponds to one of the 32 keys, so 32 of those 1024 combinations are 'correct'. They've then said that 3 of those correct results appear in the top 100. Which is about what y
u/West-Abalone-171
Except it's not doubling every year. We're over two decades on from factoring a 5 bit number via shor's algorithm with no meaningful improvement. In spite of a four order of magnitude increas
u/TwistedBrother
You speak as if technology is stationary.
u/roychr
This is not the point. It shows a reasonable path where current modern crypto algorithms will be a thing of the past and vulnerable.
u/rorrak
From the article: 'Classical post-processing of the quantum results correctly identified the secret key (k=7) within the top 100 candidate solutions.' A 5 bit key only has 32 possible values
u/OffbeatDrizzle
Is everyone missing the point that 5 bits now could be 10 bits next year, then 20... etc? It's like saying "bruh nuclear bombs are only theoretical" in 1941
u/Edward_TH
I'd like to point out that the point of the experiment wasn't to demonstrate that QC can demolish current cryptographic algorithms with ease. The point of the experiment is to prove that curr
u/DrClownCar
This is just a proof-of-concept. If this benchmark doubles every year, it gives organisations a deadline in their post-quantum cryptography transition.
u/j4_jjjj
Correct, and which is why the article mentions they narrowed it down to 100 solutions to find the correct one. Imagine thinking this experiment had only 32 outcomes....ffs
u/Toomastaliesin
It is not correct to say that the time to crack is exponential - the complexity of Shor's algorithm is cubic in qubits, so, to break a n-bit key, you need O(n\^3) qubits.
u/jcrestor
So basically they achieved a random result?
u/hans_l
https://youtu.be/RQWpF2Gb-gU A great explanation of what QC actually is.
u/Different_Rope_4834
at 5 bits current modern crypto algorithms are vulnerable as-is without any quantum tech.
u/Warm_Iron_273
That's all they ever do. Quantum computers are vaporware.
u/OverSoft
Adding qubits to quantum chips is an exponential problem. It becomes exponentially harder to scale. Breaking 256-bit elliptic curve is very far off.
u/patstew
It seems like it, their stated pass criteria is "Declares success if k = 7 appears in the top 100.", but their results show that every 5-bit key appears. It seems so stupid that I feel like I
u/BorderKeeper
Fun fact this algorithm improves the efficiency of cracking that to square root of N. So if it would have taken 100 years to break it would take 10 with quantum computers.
u/j--__
it literally says that a 5-bit key (32 possible values) existed within the "top 100 candidate solutions". sounds like you'd be better off brute forcing it.
u/j4_jjjj
Correct, and which is why the article mentions they narrowed it down to 100 solutions to find the correct one. Imagine thinking this experiment had only 32 outcomes....ffs
u/Nagisan
Fair....so we only need 8 *billion* qubits (to crack RSA-2048) in a world where we are at about 1000 at best so far. Assuming we follow a similar glide path to [transistor counts](https://
u/MonadMusician
5 bits demonstrates absolutely nothing about scalability. You should include the size of the key space in your hype post and how many times in one second a 1000 dollar laptop can brute force
u/lleti
> 5 bits Alarmists would do well to remember there’s only 32 possible combinations for 5 bits - as it currently stands, you could manually brute force an input field faster than this qua
u/Different_Rope_4834
at 5 bits current modern crypto algorithms are vulnerable as-is without any quantum tech.
u/roychr
This is not the point. It shows a reasonable path where current modern crypto algorithms will be a thing of the past and vulnerable.
u/MonadMusician
5 bits demonstrates absolutely nothing about scalability. You should include the size of the key space in your hype post and how many times in one second a 1000 dollar laptop can brute force
u/NeutrinosFTW
Non-alarmists would do well to remember that EC private keys are an order of magnitude smaller than RSA keys (200-300 bits is considered secure), and that the time complexity of Shor's algori
u/Toomastaliesin
About a month ago, two researchers uploaded a rather sassy paper to eprint (https://eprint.iacr.org/2025/1237) by the name "Replication of Quantum Factorisation Records with an 8-bit Home Com
u/TwistedBrother
You speak as if technology is stationary.
u/Warm_Iron_273
That's all they ever do. Quantum computers are vaporware.
u/DrClownCar
This is just a proof-of-concept. If this benchmark doubles every year, it gives organisations a deadline in their post-quantum cryptography transition.
u/Malvania
My understanding of quantum computing is that it relies on a bit having more than two states - a 2 bit system could be 00, 01, 10, 11, or any combination of them all at once. With that in min
u/roychr
notwithstanding it is a demonstration and shows clearly all cryptocurrency will be vulnerable at some point because the time it takes will no longer be a deterrent.
u/CishetmaleLesbian
Is this cryptographically important? No. Not at all because a 5-bit key has only 32 possible values. 5-bit keys are cryptographically meaningless. A brute force attack on a classical laptop w
u/Sp1unk
The results comprised a pair of invertible 5-bit numbers, so 1024 possible combinations.
u/OffbeatDrizzle
Is everyone missing the point that 5 bits now could be 10 bits next year, then 20... etc? It's like saying "bruh nuclear bombs are only theoretical" in 1941
u/Different_Rope_4834
at 5 bits current modern crypto algorithms are vulnerable as-is without any quantum tech.
u/West-Abalone-171
Except it's not doubling every year. We're over two decades on from factoring a 5 bit number via shor's algorithm with no meaningful improvement. In spite of a four order of magnitude increas
u/j--__
it literally says that a 5-bit key (32 possible values) existed within the "top 100 candidate solutions". sounds like you'd be better off brute forcing it.
u/patstew
It seems like it, their stated pass criteria is "Declares success if k = 7 appears in the top 100.", but their results show that every 5-bit key appears. It seems so stupid that I feel like I
u/NeutrinosFTW
As someone who's been involved with PQ crypto both in research and in the industry, the nonchalantness with which people view this specific issue always surprises me. Our ability to establis
u/BorderKeeper
Fun fact this algorithm improves the efficiency of cracking that to square root of N. So if it would have taken 100 years to break it would take 10 with quantum computers.
u/roychr
This is not the point. It shows a reasonable path where current modern crypto algorithms will be a thing of the past and vulnerable.
u/jcrestor
So basically they achieved a random result?
u/patstew
But each pair corresponds to one of the 32 keys, so 32 of those 1024 combinations are 'correct'. They've then said that 3 of those correct results appear in the top 100. Which is about what y
u/lleti
> 5 bits Alarmists would do well to remember there’s only 32 possible combinations for 5 bits - as it currently stands, you could manually brute force an input field faster than this qua
u/Sp1unk
Yeah they combine the pair to produce the secret key. I'm not sure if exactly 32 of them would be correct or not, but I agree the success criteria seem quite broad. K=0 and k=8 both show up t
u/NeutrinosFTW
As someone who's been involved with PQ crypto both in research and in the industry, the nonchalantness with which people view this specific issue always surprises me. Our ability to establis
u/henryguy
True good summary in the edit, ty. Makes sense that within that span we'd develop better encryption thus constantly pushing the goal post back.
u/NeutrinosFTW
5 bits you can bruteforce in a microsecond, 300 bits would take you the age of several universes. That's why quantum computing and Shor's algorithm are scary: no exponential (in fact not even
u/MonadMusician
With 5 bits a human being could do this on stationary if they wanted to waste time. I mean yeah people should start using post quantum methods like lattice cryptography as their go tos now bu
u/Sp1unk
Yeah they combine the pair to produce the secret key. I'm not sure if exactly 32 of them would be correct or not, but I agree the success criteria seem quite broad. K=0 and k=8 both show up t
u/Toomastaliesin
About a month ago, two researchers uploaded a rather sassy paper to eprint (https://eprint.iacr.org/2025/1237) by the name "Replication of Quantum Factorisation Records with an 8-bit Home Com
u/Nagisan
Fair....so we only need 8 *billion* qubits (to crack RSA-2048) in a world where we are at about 1000 at best so far. Assuming we follow a similar glide path to [transistor counts](https://
u/Away_Swim4614
The previous record was 17 and happened more than 5 years ago.
u/CishetmaleLesbian
Is this cryptographically important? No. Not at all because a 5-bit key has only 32 possible values. 5-bit keys are cryptographically meaningless. A brute force attack on a classical laptop w
u/Different_Rope_4834
at 5 bits current modern crypto algorithms are vulnerable as-is without any quantum tech.
u/Toomastaliesin
It is not correct to say that the time to crack is exponential - the complexity of Shor's algorithm is cubic in qubits, so, to break a n-bit key, you need O(n\^3) qubits.
u/Nagisan
*If*.....there is no indication I've seen that it *will* double every year. The time taken to crack is exponential, so unless improvements in the ability of quantum systems to break encryptio
u/upyoars
> Researchers successfully demonstrated a quantum attack on elliptic curve cryptography by breaking a 5-bit key using a modified Shor’s algorithm on IBM’s 133-qubit quantum processor. Desp
u/MonadMusician
With 5 bits a human being could do this on stationary if they wanted to waste time. I mean yeah people should start using post quantum methods like lattice cryptography as their go tos now bu
u/Different_Rope_4834
at 5 bits current modern crypto algorithms are vulnerable as-is without any quantum tech.
u/wetrorave
I was about to make a snarky comment about what's the point if N-bit key capable quantum computers take O(eⁿ) time to develop, but it turns out I couldn't be more wrong: https://www.netmeist
u/OffbeatDrizzle
"computed" is the wrong word but it's the easiest way to relate it to classical computing. I thought the whole point was that you're trying to manipulate wave functions to produce a useful re
u/hans_l
https://youtu.be/RQWpF2Gb-gU A great explanation of what QC actually is.
u/NeutrinosFTW
5 bits you can bruteforce in a microsecond, 300 bits would take you the age of several universes. That's why quantum computing and Shor's algorithm are scary: no exponential (in fact not even
u/patstew
It seems like it, their stated pass criteria is "Declares success if k = 7 appears in the top 100.", but their results show that every 5-bit key appears. It seems so stupid that I feel like I
u/OffbeatDrizzle
Is everyone missing the point that 5 bits now could be 10 bits next year, then 20... etc? It's like saying "bruh nuclear bombs are only theoretical" in 1941
u/upyoars
> Researchers successfully demonstrated a quantum attack on elliptic curve cryptography by breaking a 5-bit key using a modified Shor’s algorithm on IBM’s 133-qubit quantum processor. Desp
u/wektor420
That sounds terrible - this should be considered a failure
u/rorrak
From the article: 'Classical post-processing of the quantum results correctly identified the secret key (k=7) within the top 100 candidate solutions.' A 5 bit key only has 32 possible values
u/NeutrinosFTW
Non-alarmists would do well to remember that EC private keys are an order of magnitude smaller than RSA keys (200-300 bits is considered secure), and that the time complexity of Shor's algori
u/patstew
What does it mean by the top 100 candidate solutions? There are only 32 possibilities for a 5 bit key, on the face of it they've done 3x more work in their classical post processing than it w
u/lleti
> 5 bits Alarmists would do well to remember there’s only 32 possible combinations for 5 bits - as it currently stands, you could manually brute force an input field faster than this qua
u/wetrorave
I was about to make a snarky comment about what's the point if N-bit key capable quantum computers take O(eⁿ) time to develop, but it turns out I couldn't be more wrong: https://www.netmeist
u/Sp1unk
The results comprised a pair of invertible 5-bit numbers, so 1024 possible combinations.
u/MonadMusician
5 bits demonstrates absolutely nothing about scalability. You should include the size of the key space in your hype post and how many times in one second a 1000 dollar laptop can brute force
u/BorderKeeper
Fun fact this algorithm improves the efficiency of cracking that to square root of N. So if it would have taken 100 years to break it would take 10 with quantum computers.
u/roychr
notwithstanding it is a demonstration and shows clearly all cryptocurrency will be vulnerable at some point because the time it takes will no longer be a deterrent.
u/Toomastaliesin
About a month ago, two researchers uploaded a rather sassy paper to eprint (https://eprint.iacr.org/2025/1237) by the name "Replication of Quantum Factorisation Records with an 8-bit Home Com
u/wektor420
That sounds terrible - this should be considered a failure
u/MonadMusician
With 5 bits a human being could do this on stationary if they wanted to waste time. I mean yeah people should start using post quantum methods like lattice cryptography as their go tos now bu
u/rorrak
From the article: 'Classical post-processing of the quantum results correctly identified the secret key (k=7) within the top 100 candidate solutions.' A 5 bit key only has 32 possible values
u/TwistedBrother
You speak as if technology is stationary.
u/verbass
Not quite right, the 5 bit key has 32 possible keys. The solution was one of these 32 keys. Also quantum computing uses interference patterns of qubits to exploit properties that can improve
u/OffbeatDrizzle
"computed" is the wrong word but it's the easiest way to relate it to classical computing. I thought the whole point was that you're trying to manipulate wave functions to produce a useful re
u/sciolisticism
Wouldn't that imply that this holds for a 300 bit EC key, yielding 300! combinations?  Why does this seem better to you? Just because 32 is a small number?
u/patstew
It seems like it, their stated pass criteria is "Declares success if k = 7 appears in the top 100.", but their results show that every 5-bit key appears. It seems so stupid that I feel like I
u/verbass
Not quite right, the 5 bit key has 32 possible keys. The solution was one of these 32 keys. Also quantum computing uses interference patterns of qubits to exploit properties that can improve
u/henryguy
True good summary in the edit, ty. Makes sense that within that span we'd develop better encryption thus constantly pushing the goal post back.
u/lleti
> 5 bits Alarmists would do well to remember there’s only 32 possible combinations for 5 bits - as it currently stands, you could manually brute force an input field faster than this qua
u/Malvania
My understanding of quantum computing is that it relies on a bit having more than two states - a 2 bit system could be 00, 01, 10, 11, or any combination of them all at once. With that in min
u/hans_l
https://youtu.be/RQWpF2Gb-gU A great explanation of what QC actually is.
u/West-Abalone-171
Except it's not doubling every year. We're over two decades on from factoring a 5 bit number via shor's algorithm with no meaningful improvement. In spite of a four order of magnitude increas
u/Malvania
My understanding of quantum computing is that it relies on a bit having more than two states - a 2 bit system could be 00, 01, 10, 11, or any combination of them all at once. With that in min
u/jcrestor
So basically they achieved a random result?
u/Nagisan
*If*.....there is no indication I've seen that it *will* double every year. The time taken to crack is exponential, so unless improvements in the ability of quantum systems to break encryptio
u/sciolisticism
Wouldn't that imply that this holds for a 300 bit EC key, yielding 300! combinations?  Why does this seem better to you? Just because 32 is a small number?
u/roychr
notwithstanding it is a demonstration and shows clearly all cryptocurrency will be vulnerable at some point because the time it takes will no longer be a deterrent.
u/j4_jjjj
Correct, and which is why the article mentions they narrowed it down to 100 solutions to find the correct one. Imagine thinking this experiment had only 32 outcomes....ffs
u/j4_jjjj
Correct, and which is why the article mentions they narrowed it down to 100 solutions to find the correct one. Imagine thinking this experiment had only 32 outcomes....ffs
u/OffbeatDrizzle
"computed" is the wrong word but it's the easiest way to relate it to classical computing. I thought the whole point was that you're trying to manipulate wave functions to produce a useful re
u/hans_l
https://youtu.be/RQWpF2Gb-gU A great explanation of what QC actually is.
u/OverSoft
Adding qubits to quantum chips is an exponential problem. It becomes exponentially harder to scale. Breaking 256-bit elliptic curve is very far off.
u/CishetmaleLesbian
Is this cryptographically important? No. Not at all because a 5-bit key has only 32 possible values. 5-bit keys are cryptographically meaningless. A brute force attack on a classical laptop w
u/patstew
I think it's exactly 32 correct results, because it's basically solutions to `(a + bk) % 32 == 0`, and 7 is coprime to 32. It would be fewer for even k.
u/West-Abalone-171
Except it's not doubling every year. We're over two decades on from factoring a 5 bit number via shor's algorithm with no meaningful improvement. In spite of a four order of magnitude increas
u/Away_Swim4614
The previous record was 17 and happened more than 5 years ago.
u/patstew
What does it mean by the top 100 candidate solutions? There are only 32 possibilities for a 5 bit key, on the face of it they've done 3x more work in their classical post processing than it w
u/CishetmaleLesbian
Is this cryptographically important? No. Not at all because a 5-bit key has only 32 possible values. 5-bit keys are cryptographically meaningless. A brute force attack on a classical laptop w
u/patstew
But each pair corresponds to one of the 32 keys, so 32 of those 1024 combinations are 'correct'. They've then said that 3 of those correct results appear in the top 100. Which is about what y
u/hans_l
https://youtu.be/RQWpF2Gb-gU A great explanation of what QC actually is.
u/verbass
Not quite right, the 5 bit key has 32 possible keys. The solution was one of these 32 keys. Also quantum computing uses interference patterns of qubits to exploit properties that can improve
u/patstew
But each pair corresponds to one of the 32 keys, so 32 of those 1024 combinations are 'correct'. They've then said that 3 of those correct results appear in the top 100. Which is about what y
u/Toomastaliesin
It is not correct to say that the time to crack is exponential - the complexity of Shor's algorithm is cubic in qubits, so, to break a n-bit key, you need O(n\^3) qubits.
u/patstew
It seems like it, their stated pass criteria is "Declares success if k = 7 appears in the top 100.", but their results show that every 5-bit key appears. It seems so stupid that I feel like I
u/NeutrinosFTW
5 bits you can bruteforce in a microsecond, 300 bits would take you the age of several universes. That's why quantum computing and Shor's algorithm are scary: no exponential (in fact not even
u/DrClownCar
This is just a proof-of-concept. If this benchmark doubles every year, it gives organisations a deadline in their post-quantum cryptography transition.
u/sciolisticism
Wouldn't that imply that this holds for a 300 bit EC key, yielding 300! combinations?  Why does this seem better to you? Just because 32 is a small number?
u/wetrorave
I was about to make a snarky comment about what's the point if N-bit key capable quantum computers take O(eⁿ) time to develop, but it turns out I couldn't be more wrong: https://www.netmeist
u/patstew
I think it's exactly 32 correct results, because it's basically solutions to `(a + bk) % 32 == 0`, and 7 is coprime to 32. It would be fewer for even k.
u/rorrak
From the article: 'Classical post-processing of the quantum results correctly identified the secret key (k=7) within the top 100 candidate solutions.' A 5 bit key only has 32 possible values
u/DrClownCar
This is just a proof-of-concept. If this benchmark doubles every year, it gives organisations a deadline in their post-quantum cryptography transition.
u/Edward_TH
I'd like to point out that the point of the experiment wasn't to demonstrate that QC can demolish current cryptographic algorithms with ease. The point of the experiment is to prove that curr
u/TwistedBrother
You speak as if technology is stationary.
u/j--__
it literally says that a 5-bit key (32 possible values) existed within the "top 100 candidate solutions". sounds like you'd be better off brute forcing it.
u/OffbeatDrizzle
Is everyone missing the point that 5 bits now could be 10 bits next year, then 20... etc? It's like saying "bruh nuclear bombs are only theoretical" in 1941
u/Malvania
My understanding of quantum computing is that it relies on a bit having more than two states - a 2 bit system could be 00, 01, 10, 11, or any combination of them all at once. With that in min
u/NeutrinosFTW
As someone who's been involved with PQ crypto both in research and in the industry, the nonchalantness with which people view this specific issue always surprises me. Our ability to establis
u/sciolisticism
Wouldn't that imply that this holds for a 300 bit EC key, yielding 300! combinations?  Why does this seem better to you? Just because 32 is a small number?
u/NeutrinosFTW
As someone who's been involved with PQ crypto both in research and in the industry, the nonchalantness with which people view this specific issue always surprises me. Our ability to establis
u/NeutrinosFTW
5 bits you can bruteforce in a microsecond, 300 bits would take you the age of several universes. That's why quantum computing and Shor's algorithm are scary: no exponential (in fact not even
u/Toomastaliesin
About a month ago, two researchers uploaded a rather sassy paper to eprint (https://eprint.iacr.org/2025/1237) by the name "Replication of Quantum Factorisation Records with an 8-bit Home Com
u/jcrestor
So basically they achieved a random result?
u/TwistedBrother
You speak as if technology is stationary.
u/TwistedBrother
You speak as if technology is stationary.
u/henryguy
True good summary in the edit, ty. Makes sense that within that span we'd develop better encryption thus constantly pushing the goal post back.
u/Sp1unk
Yeah they combine the pair to produce the secret key. I'm not sure if exactly 32 of them would be correct or not, but I agree the success criteria seem quite broad. K=0 and k=8 both show up t
u/Nagisan
*If*.....there is no indication I've seen that it *will* double every year. The time taken to crack is exponential, so unless improvements in the ability of quantum systems to break encryptio
u/OffbeatDrizzle
Is everyone missing the point that 5 bits now could be 10 bits next year, then 20... etc? It's like saying "bruh nuclear bombs are only theoretical" in 1941
u/OffbeatDrizzle
"computed" is the wrong word but it's the easiest way to relate it to classical computing. I thought the whole point was that you're trying to manipulate wave functions to produce a useful re
u/j--__
it literally says that a 5-bit key (32 possible values) existed within the "top 100 candidate solutions". sounds like you'd be better off brute forcing it.
u/patstew
It seems like it, their stated pass criteria is "Declares success if k = 7 appears in the top 100.", but their results show that every 5-bit key appears. It seems so stupid that I feel like I
u/West-Abalone-171
Except it's not doubling every year. We're over two decades on from factoring a 5 bit number via shor's algorithm with no meaningful improvement. In spite of a four order of magnitude increas
u/henryguy
True good summary in the edit, ty. Makes sense that within that span we'd develop better encryption thus constantly pushing the goal post back.
u/Nagisan
*If*.....there is no indication I've seen that it *will* double every year. The time taken to crack is exponential, so unless improvements in the ability of quantum systems to break encryptio
u/patstew
I think it's exactly 32 correct results, because it's basically solutions to `(a + bk) % 32 == 0`, and 7 is coprime to 32. It would be fewer for even k.
u/hans_l
https://youtu.be/RQWpF2Gb-gU A great explanation of what QC actually is.
u/verbass
Not quite right, the 5 bit key has 32 possible keys. The solution was one of these 32 keys. Also quantum computing uses interference patterns of qubits to exploit properties that can improve
u/lleti
> 5 bits Alarmists would do well to remember there’s only 32 possible combinations for 5 bits - as it currently stands, you could manually brute force an input field faster than this qua
u/patstew
What does it mean by the top 100 candidate solutions? There are only 32 possibilities for a 5 bit key, on the face of it they've done 3x more work in their classical post processing than it w
u/Nagisan
*If*.....there is no indication I've seen that it *will* double every year. The time taken to crack is exponential, so unless improvements in the ability of quantum systems to break encryptio
u/NeutrinosFTW
5 bits you can bruteforce in a microsecond, 300 bits would take you the age of several universes. That's why quantum computing and Shor's algorithm are scary: no exponential (in fact not even
u/rorrak
From the article: 'Classical post-processing of the quantum results correctly identified the secret key (k=7) within the top 100 candidate solutions.' A 5 bit key only has 32 possible values
u/OverSoft
Adding qubits to quantum chips is an exponential problem. It becomes exponentially harder to scale. Breaking 256-bit elliptic curve is very far off.
u/MonadMusician
With 5 bits a human being could do this on stationary if they wanted to waste time. I mean yeah people should start using post quantum methods like lattice cryptography as their go tos now bu
u/sciolisticism
Wouldn't that imply that this holds for a 300 bit EC key, yielding 300! combinations?  Why does this seem better to you? Just because 32 is a small number?
u/patstew
What does it mean by the top 100 candidate solutions? There are only 32 possibilities for a 5 bit key, on the face of it they've done 3x more work in their classical post processing than it w
u/NeutrinosFTW
As someone who's been involved with PQ crypto both in research and in the industry, the nonchalantness with which people view this specific issue always surprises me. Our ability to establis
u/Edward_TH
I'd like to point out that the point of the experiment wasn't to demonstrate that QC can demolish current cryptographic algorithms with ease. The point of the experiment is to prove that curr
u/Malvania
My understanding of quantum computing is that it relies on a bit having more than two states - a 2 bit system could be 00, 01, 10, 11, or any combination of them all at once. With that in min
u/FuturologyBot
The following submission statement was provided by /u/upyoars: --- > Researchers successfully demonstrated a quantum attack on elliptic curve cryptography by breaking a 5-bit key using a
u/OffbeatDrizzle
Is everyone missing the point that 5 bits now could be 10 bits next year, then 20... etc? It's like saying "bruh nuclear bombs are only theoretical" in 1941
u/Warm_Iron_273
That's all they ever do. Quantum computers are vaporware.
u/upyoars
> Researchers successfully demonstrated a quantum attack on elliptic curve cryptography by breaking a 5-bit key using a modified Shor’s algorithm on IBM’s 133-qubit quantum processor. Desp
u/wetrorave
I was about to make a snarky comment about what's the point if N-bit key capable quantum computers take O(eⁿ) time to develop, but it turns out I couldn't be more wrong: https://www.netmeist
u/roychr
This is not the point. It shows a reasonable path where current modern crypto algorithms will be a thing of the past and vulnerable.
u/sciolisticism
Wouldn't that imply that this holds for a 300 bit EC key, yielding 300! combinations?  Why does this seem better to you? Just because 32 is a small number?
u/Edward_TH
I'd like to point out that the point of the experiment wasn't to demonstrate that QC can demolish current cryptographic algorithms with ease. The point of the experiment is to prove that curr
u/patstew
But each pair corresponds to one of the 32 keys, so 32 of those 1024 combinations are 'correct'. They've then said that 3 of those correct results appear in the top 100. Which is about what y
u/MonadMusician
5 bits demonstrates absolutely nothing about scalability. You should include the size of the key space in your hype post and how many times in one second a 1000 dollar laptop can brute force
u/MonadMusician
5 bits demonstrates absolutely nothing about scalability. You should include the size of the key space in your hype post and how many times in one second a 1000 dollar laptop can brute force
u/roychr
notwithstanding it is a demonstration and shows clearly all cryptocurrency will be vulnerable at some point because the time it takes will no longer be a deterrent.
u/upyoars
> Researchers successfully demonstrated a quantum attack on elliptic curve cryptography by breaking a 5-bit key using a modified Shor’s algorithm on IBM’s 133-qubit quantum processor. Desp
u/FuturologyBot
The following submission statement was provided by /u/upyoars: --- > Researchers successfully demonstrated a quantum attack on elliptic curve cryptography by breaking a 5-bit key using a
u/NeutrinosFTW
As someone who's been involved with PQ crypto both in research and in the industry, the nonchalantness with which people view this specific issue always surprises me. Our ability to establis
u/BorderKeeper
Fun fact this algorithm improves the efficiency of cracking that to square root of N. So if it would have taken 100 years to break it would take 10 with quantum computers.
u/OverSoft
Adding qubits to quantum chips is an exponential problem. It becomes exponentially harder to scale. Breaking 256-bit elliptic curve is very far off.
u/Toomastaliesin
It is not correct to say that the time to crack is exponential - the complexity of Shor's algorithm is cubic in qubits, so, to break a n-bit key, you need O(n\^3) qubits.
u/TwistedBrother
You speak as if technology is stationary.
u/jcrestor
So basically they achieved a random result?
u/monkeywaffles
only 32 possible answers, but "correctly identified the secret key (k=7) within the top 100 candidate solutions." 100 possible solutions quantum sounds fun :)
u/NeutrinosFTW
5 bits you can bruteforce in a microsecond, 300 bits would take you the age of several universes. That's why quantum computing and Shor's algorithm are scary: no exponential (in fact not even
u/roychr
This is not the point. It shows a reasonable path where current modern crypto algorithms will be a thing of the past and vulnerable.
u/Nagisan
*If*.....there is no indication I've seen that it *will* double every year. The time taken to crack is exponential, so unless improvements in the ability of quantum systems to break encryptio
u/Different_Rope_4834
at 5 bits current modern crypto algorithms are vulnerable as-is without any quantum tech.
u/Different_Rope_4834
at 5 bits current modern crypto algorithms are vulnerable as-is without any quantum tech.
u/BorderKeeper
Fun fact this algorithm improves the efficiency of cracking that to square root of N. So if it would have taken 100 years to break it would take 10 with quantum computers.
u/verbass
Not quite right, the 5 bit key has 32 possible keys. The solution was one of these 32 keys. Also quantum computing uses interference patterns of qubits to exploit properties that can improve
u/Toomastaliesin
It is not correct to say that the time to crack is exponential - the complexity of Shor's algorithm is cubic in qubits, so, to break a n-bit key, you need O(n\^3) qubits.
u/MonadMusician
With 5 bits a human being could do this on stationary if they wanted to waste time. I mean yeah people should start using post quantum methods like lattice cryptography as their go tos now bu
u/DrClownCar
This is just a proof-of-concept. If this benchmark doubles every year, it gives organisations a deadline in their post-quantum cryptography transition.
u/FuturologyBot
The following submission statement was provided by /u/upyoars: --- > Researchers successfully demonstrated a quantum attack on elliptic curve cryptography by breaking a 5-bit key using a
u/NeutrinosFTW
As someone who's been involved with PQ crypto both in research and in the industry, the nonchalantness with which people view this specific issue always surprises me. Our ability to establis
u/wektor420
That sounds terrible - this should be considered a failure
u/roychr
notwithstanding it is a demonstration and shows clearly all cryptocurrency will be vulnerable at some point because the time it takes will no longer be a deterrent.
u/Toomastaliesin
About a month ago, two researchers uploaded a rather sassy paper to eprint (https://eprint.iacr.org/2025/1237) by the name "Replication of Quantum Factorisation Records with an 8-bit Home Com
u/Different_Rope_4834
at 5 bits current modern crypto algorithms are vulnerable as-is without any quantum tech.
u/FuturologyBot
The following submission statement was provided by /u/upyoars: --- > Researchers successfully demonstrated a quantum attack on elliptic curve cryptography by breaking a 5-bit key using a
u/NeutrinosFTW
Non-alarmists would do well to remember that EC private keys are an order of magnitude smaller than RSA keys (200-300 bits is considered secure), and that the time complexity of Shor's algori
u/hans_l
https://youtu.be/RQWpF2Gb-gU A great explanation of what QC actually is.
u/Nagisan
Fair....so we only need 8 *billion* qubits (to crack RSA-2048) in a world where we are at about 1000 at best so far. Assuming we follow a similar glide path to [transistor counts](https://
u/roychr
This is not the point. It shows a reasonable path where current modern crypto algorithms will be a thing of the past and vulnerable.
u/wetrorave
I was about to make a snarky comment about what's the point if N-bit key capable quantum computers take O(eⁿ) time to develop, but it turns out I couldn't be more wrong: https://www.netmeist
u/j--__
it literally says that a 5-bit key (32 possible values) existed within the "top 100 candidate solutions". sounds like you'd be better off brute forcing it.
u/Toomastaliesin
It is not correct to say that the time to crack is exponential - the complexity of Shor's algorithm is cubic in qubits, so, to break a n-bit key, you need O(n\^3) qubits.
u/BorderKeeper
Fun fact this algorithm improves the efficiency of cracking that to square root of N. So if it would have taken 100 years to break it would take 10 with quantum computers.
u/sciolisticism
Wouldn't that imply that this holds for a 300 bit EC key, yielding 300! combinations?  Why does this seem better to you? Just because 32 is a small number?
u/monkeywaffles
only 32 possible answers, but "correctly identified the secret key (k=7) within the top 100 candidate solutions." 100 possible solutions quantum sounds fun :)
u/upyoars
> Researchers successfully demonstrated a quantum attack on elliptic curve cryptography by breaking a 5-bit key using a modified Shor’s algorithm on IBM’s 133-qubit quantum processor. Desp
u/jcrestor
So basically they achieved a random result?
u/Away_Swim4614
The previous record was 17 and happened more than 5 years ago.
u/Sp1unk
The results comprised a pair of invertible 5-bit numbers, so 1024 possible combinations.
u/MonadMusician
With 5 bits a human being could do this on stationary if they wanted to waste time. I mean yeah people should start using post quantum methods like lattice cryptography as their go tos now bu
u/Warm_Iron_273
That's all they ever do. Quantum computers are vaporware.
u/j4_jjjj
Correct, and which is why the article mentions they narrowed it down to 100 solutions to find the correct one. Imagine thinking this experiment had only 32 outcomes....ffs
u/Sp1unk
The results comprised a pair of invertible 5-bit numbers, so 1024 possible combinations.
u/lleti
> 5 bits Alarmists would do well to remember there’s only 32 possible combinations for 5 bits - as it currently stands, you could manually brute force an input field faster than this qua
u/wektor420
That sounds terrible - this should be considered a failure
u/upyoars
> Researchers successfully demonstrated a quantum attack on elliptic curve cryptography by breaking a 5-bit key using a modified Shor’s algorithm on IBM’s 133-qubit quantum processor. Desp
u/jcrestor
So basically they achieved a random result?
u/hans_l
https://youtu.be/RQWpF2Gb-gU A great explanation of what QC actually is.
u/patstew
I think it's exactly 32 correct results, because it's basically solutions to `(a + bk) % 32 == 0`, and 7 is coprime to 32. It would be fewer for even k.
u/Toomastaliesin
About a month ago, two researchers uploaded a rather sassy paper to eprint (https://eprint.iacr.org/2025/1237) by the name "Replication of Quantum Factorisation Records with an 8-bit Home Com
u/verbass
Not quite right, the 5 bit key has 32 possible keys. The solution was one of these 32 keys. Also quantum computing uses interference patterns of qubits to exploit properties that can improve
u/upyoars
> Researchers successfully demonstrated a quantum attack on elliptic curve cryptography by breaking a 5-bit key using a modified Shor’s algorithm on IBM’s 133-qubit quantum processor. Desp
u/sciolisticism
Wouldn't that imply that this holds for a 300 bit EC key, yielding 300! combinations?  Why does this seem better to you? Just because 32 is a small number?
u/patstew
I think it's exactly 32 correct results, because it's basically solutions to `(a + bk) % 32 == 0`, and 7 is coprime to 32. It would be fewer for even k.
u/patstew
What does it mean by the top 100 candidate solutions? There are only 32 possibilities for a 5 bit key, on the face of it they've done 3x more work in their classical post processing than it w
u/Sp1unk
Yeah they combine the pair to produce the secret key. I'm not sure if exactly 32 of them would be correct or not, but I agree the success criteria seem quite broad. K=0 and k=8 both show up t
u/OverSoft
Adding qubits to quantum chips is an exponential problem. It becomes exponentially harder to scale. Breaking 256-bit elliptic curve is very far off.
u/OffbeatDrizzle
"computed" is the wrong word but it's the easiest way to relate it to classical computing. I thought the whole point was that you're trying to manipulate wave functions to produce a useful re
u/FuturologyBot
The following submission statement was provided by /u/upyoars: --- > Researchers successfully demonstrated a quantum attack on elliptic curve cryptography by breaking a 5-bit key using a
u/Nagisan
Fair....so we only need 8 *billion* qubits (to crack RSA-2048) in a world where we are at about 1000 at best so far. Assuming we follow a similar glide path to [transistor counts](https://
u/Malvania
My understanding of quantum computing is that it relies on a bit having more than two states - a 2 bit system could be 00, 01, 10, 11, or any combination of them all at once. With that in min
u/FuturologyBot
The following submission statement was provided by /u/upyoars: --- > Researchers successfully demonstrated a quantum attack on elliptic curve cryptography by breaking a 5-bit key using a
u/wektor420
That sounds terrible - this should be considered a failure
u/patstew
It seems like it, their stated pass criteria is "Declares success if k = 7 appears in the top 100.", but their results show that every 5-bit key appears. It seems so stupid that I feel like I
u/patstew
But each pair corresponds to one of the 32 keys, so 32 of those 1024 combinations are 'correct'. They've then said that 3 of those correct results appear in the top 100. Which is about what y
u/West-Abalone-171
Except it's not doubling every year. We're over two decades on from factoring a 5 bit number via shor's algorithm with no meaningful improvement. In spite of a four order of magnitude increas
u/wektor420
That sounds terrible - this should be considered a failure
u/Malvania
My understanding of quantum computing is that it relies on a bit having more than two states - a 2 bit system could be 00, 01, 10, 11, or any combination of them all at once. With that in min
u/Toomastaliesin
It is not correct to say that the time to crack is exponential - the complexity of Shor's algorithm is cubic in qubits, so, to break a n-bit key, you need O(n\^3) qubits.
u/Away_Swim4614
The previous record was 17 and happened more than 5 years ago.
u/Sp1unk
The results comprised a pair of invertible 5-bit numbers, so 1024 possible combinations.
u/monkeywaffles
only 32 possible answers, but "correctly identified the secret key (k=7) within the top 100 candidate solutions." 100 possible solutions quantum sounds fun :)
u/patstew
What does it mean by the top 100 candidate solutions? There are only 32 possibilities for a 5 bit key, on the face of it they've done 3x more work in their classical post processing than it w
u/OffbeatDrizzle
"computed" is the wrong word but it's the easiest way to relate it to classical computing. I thought the whole point was that you're trying to manipulate wave functions to produce a useful re
u/Warm_Iron_273
That's all they ever do. Quantum computers are vaporware.
u/FuturologyBot
The following submission statement was provided by /u/upyoars: --- > Researchers successfully demonstrated a quantum attack on elliptic curve cryptography by breaking a 5-bit key using a
u/lleti
> 5 bits Alarmists would do well to remember there’s only 32 possible combinations for 5 bits - as it currently stands, you could manually brute force an input field faster than this qua
u/Different_Rope_4834
at 5 bits current modern crypto algorithms are vulnerable as-is without any quantum tech.
u/CishetmaleLesbian
Is this cryptographically important? No. Not at all because a 5-bit key has only 32 possible values. 5-bit keys are cryptographically meaningless. A brute force attack on a classical laptop w
u/henryguy
True good summary in the edit, ty. Makes sense that within that span we'd develop better encryption thus constantly pushing the goal post back.
u/MonadMusician
With 5 bits a human being could do this on stationary if they wanted to waste time. I mean yeah people should start using post quantum methods like lattice cryptography as their go tos now bu
u/sciolisticism
Wouldn't that imply that this holds for a 300 bit EC key, yielding 300! combinations?  Why does this seem better to you? Just because 32 is a small number?
u/wektor420
That sounds terrible - this should be considered a failure
u/Sp1unk
The results comprised a pair of invertible 5-bit numbers, so 1024 possible combinations.
u/Nagisan
*If*.....there is no indication I've seen that it *will* double every year. The time taken to crack is exponential, so unless improvements in the ability of quantum systems to break encryptio
u/monkeywaffles
only 32 possible answers, but "correctly identified the secret key (k=7) within the top 100 candidate solutions." 100 possible solutions quantum sounds fun :)
u/OffbeatDrizzle
Is everyone missing the point that 5 bits now could be 10 bits next year, then 20... etc? It's like saying "bruh nuclear bombs are only theoretical" in 1941
u/patstew
But each pair corresponds to one of the 32 keys, so 32 of those 1024 combinations are 'correct'. They've then said that 3 of those correct results appear in the top 100. Which is about what y
u/patstew
But each pair corresponds to one of the 32 keys, so 32 of those 1024 combinations are 'correct'. They've then said that 3 of those correct results appear in the top 100. Which is about what y
u/OverSoft
Adding qubits to quantum chips is an exponential problem. It becomes exponentially harder to scale. Breaking 256-bit elliptic curve is very far off.
u/Warm_Iron_273
That's all they ever do. Quantum computers are vaporware.
u/henryguy
True good summary in the edit, ty. Makes sense that within that span we'd develop better encryption thus constantly pushing the goal post back.
u/Sp1unk
Yeah they combine the pair to produce the secret key. I'm not sure if exactly 32 of them would be correct or not, but I agree the success criteria seem quite broad. K=0 and k=8 both show up t
u/henryguy
True good summary in the edit, ty. Makes sense that within that span we'd develop better encryption thus constantly pushing the goal post back.
u/roychr
notwithstanding it is a demonstration and shows clearly all cryptocurrency will be vulnerable at some point because the time it takes will no longer be a deterrent.
u/roychr
This is not the point. It shows a reasonable path where current modern crypto algorithms will be a thing of the past and vulnerable.
u/upyoars
> Researchers successfully demonstrated a quantum attack on elliptic curve cryptography by breaking a 5-bit key using a modified Shor’s algorithm on IBM’s 133-qubit quantum processor. Desp
u/FuturologyBot
The following submission statement was provided by /u/upyoars: --- > Researchers successfully demonstrated a quantum attack on elliptic curve cryptography by breaking a 5-bit key using a
u/roychr
notwithstanding it is a demonstration and shows clearly all cryptocurrency will be vulnerable at some point because the time it takes will no longer be a deterrent.
u/Away_Swim4614
The previous record was 17 and happened more than 5 years ago.
u/Nagisan
Fair....so we only need 8 *billion* qubits (to crack RSA-2048) in a world where we are at about 1000 at best so far. Assuming we follow a similar glide path to [transistor counts](https://
u/Warm_Iron_273
That's all they ever do. Quantum computers are vaporware.
u/Sp1unk
Yeah they combine the pair to produce the secret key. I'm not sure if exactly 32 of them would be correct or not, but I agree the success criteria seem quite broad. K=0 and k=8 both show up t
u/j--__
it literally says that a 5-bit key (32 possible values) existed within the "top 100 candidate solutions". sounds like you'd be better off brute forcing it.
u/NeutrinosFTW
Non-alarmists would do well to remember that EC private keys are an order of magnitude smaller than RSA keys (200-300 bits is considered secure), and that the time complexity of Shor's algori
u/patstew
I think it's exactly 32 correct results, because it's basically solutions to `(a + bk) % 32 == 0`, and 7 is coprime to 32. It would be fewer for even k.
u/patstew
I think it's exactly 32 correct results, because it's basically solutions to `(a + bk) % 32 == 0`, and 7 is coprime to 32. It would be fewer for even k.
u/roychr
This is not the point. It shows a reasonable path where current modern crypto algorithms will be a thing of the past and vulnerable.
u/lleti
> 5 bits Alarmists would do well to remember there’s only 32 possible combinations for 5 bits - as it currently stands, you could manually brute force an input field faster than this qua
u/OverSoft
Adding qubits to quantum chips is an exponential problem. It becomes exponentially harder to scale. Breaking 256-bit elliptic curve is very far off.
u/Away_Swim4614
The previous record was 17 and happened more than 5 years ago.
u/patstew
What does it mean by the top 100 candidate solutions? There are only 32 possibilities for a 5 bit key, on the face of it they've done 3x more work in their classical post processing than it w
u/DrClownCar
This is just a proof-of-concept. If this benchmark doubles every year, it gives organisations a deadline in their post-quantum cryptography transition.
u/j4_jjjj
Correct, and which is why the article mentions they narrowed it down to 100 solutions to find the correct one. Imagine thinking this experiment had only 32 outcomes....ffs
u/verbass
Not quite right, the 5 bit key has 32 possible keys. The solution was one of these 32 keys. Also quantum computing uses interference patterns of qubits to exploit properties that can improve
u/MonadMusician
With 5 bits a human being could do this on stationary if they wanted to waste time. I mean yeah people should start using post quantum methods like lattice cryptography as their go tos now bu
u/DrClownCar
This is just a proof-of-concept. If this benchmark doubles every year, it gives organisations a deadline in their post-quantum cryptography transition.
u/wetrorave
I was about to make a snarky comment about what's the point if N-bit key capable quantum computers take O(eⁿ) time to develop, but it turns out I couldn't be more wrong: https://www.netmeist
u/West-Abalone-171
Except it's not doubling every year. We're over two decades on from factoring a 5 bit number via shor's algorithm with no meaningful improvement. In spite of a four order of magnitude increas
u/patstew
It seems like it, their stated pass criteria is "Declares success if k = 7 appears in the top 100.", but their results show that every 5-bit key appears. It seems so stupid that I feel like I
u/roychr
notwithstanding it is a demonstration and shows clearly all cryptocurrency will be vulnerable at some point because the time it takes will no longer be a deterrent.
u/Sp1unk
The results comprised a pair of invertible 5-bit numbers, so 1024 possible combinations.
u/Nagisan
Fair....so we only need 8 *billion* qubits (to crack RSA-2048) in a world where we are at about 1000 at best so far. Assuming we follow a similar glide path to [transistor counts](https://
u/Toomastaliesin
It is not correct to say that the time to crack is exponential - the complexity of Shor's algorithm is cubic in qubits, so, to break a n-bit key, you need O(n\^3) qubits.
u/roychr
notwithstanding it is a demonstration and shows clearly all cryptocurrency will be vulnerable at some point because the time it takes will no longer be a deterrent.
u/Toomastaliesin
About a month ago, two researchers uploaded a rather sassy paper to eprint (https://eprint.iacr.org/2025/1237) by the name "Replication of Quantum Factorisation Records with an 8-bit Home Com
u/DrClownCar
This is just a proof-of-concept. If this benchmark doubles every year, it gives organisations a deadline in their post-quantum cryptography transition.
u/Edward_TH
I'd like to point out that the point of the experiment wasn't to demonstrate that QC can demolish current cryptographic algorithms with ease. The point of the experiment is to prove that curr
u/wetrorave
I was about to make a snarky comment about what's the point if N-bit key capable quantum computers take O(eⁿ) time to develop, but it turns out I couldn't be more wrong: https://www.netmeist
u/OverSoft
Adding qubits to quantum chips is an exponential problem. It becomes exponentially harder to scale. Breaking 256-bit elliptic curve is very far off.
u/Warm_Iron_273
That's all they ever do. Quantum computers are vaporware.

Ask AI About This

Get deeper insights about this topic from our AI assistant

Start Chat

Create Your Own

Generate custom insights for your specific needs

Get Started