Post-Quantum Cryptography
Post-quantum cryptography (PQC) refers to cryptographic algorithms designed to remain secure against both classical and quantum computer attacks. It is the primary mitigation strategy for the threat that large-scale quantum computers pose to current public-key cryptographic systems.
The Problem PQC Solves
Current widely-used public-key cryptography — including ECDLP-256) — relies on mathematical problems (discrete logarithms, integer factorisation) that are hard for classical computers but solvable in polynomial time by a quantum computer running Shor’s algorithm.
When cryptographically relevant quantum computers (CRQCs) arrive, they will be able to:
- Derive private keys from public keys (breaking bitcoin and blockchain wallet security)
- Decrypt intercepted encrypted communications
Timeline Urgency
The timeline to CRQCs is shortening rapidly:
- babbush-neven-2026-quantum-vulnerabilities-cryptocurrency (Google, 2026): ECC-256 breakable with < 500,000 physical qubits.
- Caltech/Oratomic estimates (cottier-2026-quantum-computing-breakthroughs): Fault-tolerant quantum computing may require only ~10,000 qubits, not millions.
- Combined estimate (scott-aaronson, 2026): bitcoin could be vulnerable to a machine with 25,000–30,000 qubits — a figure that was “millions” just one year prior.
“While viable solutions like PQC exist, they will take time to implement, bringing increasing urgency to act.” — babbush-neven-2026-quantum-vulnerabilities-cryptocurrency
Google’s own PQC migration target: 2029 (across its infrastructure).
Standardised PQC Algorithms
NIST finalised its first set of PQC standards in 2024:
- ML-KEM (formerly CRYSTALS-Kyber) — key encapsulation
- ML-DSA (formerly CRYSTALS-Dilithium) — digital signatures
- SLH-DSA (formerly SPHINCS+) — hash-based signatures
These are based on mathematical problems (lattice problems, hash functions) that are believed to be hard even for quantum computers.
Implications for Cryptocurrency
blockchain networks and cryptocurrency wallets using ECDLP-256 must migrate to PQC to remain secure post-CRQC.
Recommendations from babbush-neven-2026-quantum-vulnerabilities-cryptocurrency:
- Transition blockchains to PQC — standard path; implementations already exist experimentally.
- Avoid exposed/reused wallet addresses — limits the attack surface in the interim.
- Address abandoned coins — policy consideration: wallets with exposed public keys but no access.
Collaborators on crypto-PQC migration: coinbase, Stanford Institute for Blockchain Research, Ethereum Foundation.
Sources
- babbush-neven-2026-quantum-vulnerabilities-cryptocurrency — Primary source; Google’s disclosure and PQC recommendations
- cottier-2026-quantum-computing-breakthroughs — Accelerating timeline context