🔬 Quantum Computing
No hype. Just the facts (as of August 2025).
This page explains what quantum computing is, what it can and cannot do today, and how to avoid being misled. It's written for technical and business readers who want a realistic view—not marketing.
⚠️ TL;DR — Reality Check
We are still in the NISQ era (Noisy Intermediate-Scale Quantum): current devices are noisy, limited in qubit count and circuit depth, and are not generally fault-tolerant. Useful science is happening, but broad commercial advantage is not here yet.
The big cryptography headline (breaking RSA/ECC with Shor's algorithm) remains theoretical until we have large, fault-tolerant machines. Resource estimates vary—from ~20 million physical qubits (2019–2021) to <1 million qubits in a 2025 analysis—but these are still projections, not practical hardware.
What you can do now for security: start migrating to Post-Quantum Cryptography (PQC). NIST has finalized the first three standards: FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), FIPS 205 (SLH-DSA). You don't need a quantum computer for this.
Be careful with QKD (quantum key distribution) claims. The U.S. NSA does not recommend QKD for protecting national security systems at this time; PQC is the practical migration path.
What Quantum Computing Is (in one minute)
🔮 Basic Principles
Quantum computers use qubits that can be in superpositions and become entangled. With the right algorithms, some problems can be solved asymmetrically faster than with classical computers.
⚡ Famous Examples
- Shor: factoring & discrete logs — threatens RSA/ECC when large fault-tolerant machines exist
- Grover: unstructured search — quadratic speed-up; typically mitigated by increasing symmetric key sizes
Architectures you'll hear about
🔧 Gate-based (Universal)
the long-term target for fault-tolerant quantum computing
🎯 Quantum Annealing
specialized for optimization/sampling (Ising/QUBO). They are not universal and do not run arbitrary gate-based algorithms like Shor. Don't conflate annealing demos with breaking public-key crypto.
Status in 2025 (why we're not there yet)
Error rates and depth limits
NISQ devices can't run long circuits reliably; research focuses on quantum error correction (QEC) to build stable logical qubits from many noisy physical qubits.
Promising results exist, but system-level, large-scale fault tolerance remains an R&D goal.
Crypto timelines
Resource estimates for factoring RSA-2048 continue to evolve (e.g., 20 million → <1 million physical qubits under optimistic assumptions), but these papers model a future fault-tolerant computer; they are not evidence that today's machines can do it.
Plan for PQC now; don't panic about an imminent break.
Industry conclusions today:
- ❌ No clear, reproducible commercial advantage for general workloads compared to HPC/GPUs yet
- ✅ Use watch, learn, prepare approach: small research experiments via cloud/simulators, plan PQC migration, and avoid large investments in unproven solutions
What It's Good For (and not)
✅ Plausible near- to mid-term areas
- 🧪 Quantum chemistry & materials (e.g., catalysts, batteries)
- 📊 Certain combinatorial optimization and sampling problems (must be benchmarked against best-in-class classical OR/HPC)
- 🤖 Experimental ML methods using quantum kernels/feature maps
Not a silver bullet: No reputable evidence shows quantum computers currently outperform top-tier classical/HPC methods across the board.
❌ Commonly overhyped claims today
- 🚫 "Quantum AI" solves everything instantly → No reputable evidence of clear standards
- 🚫 Annealer cracks public-key crypto → Not the same architecture that runs Shor
- 🚫 Black-box "plug-and-play 10x better" solutions without benchmarks against best classical methods
Security: What You Should Do Today
1️⃣ Inventory and migrate crypto
- • Map where you use RSA/ECC today and plan a staged migration to FIPS 203/204/205
- • Hybrid modes (PQC + classical) are common during transition
2️⃣ Prefer PQC over QKD for general IT
- ✅ QKD has deployment, distance, and cost constraints; major guidance favors PQC for broad adoption at this time
Red Flags — How Not to Get Fooled
🚩 Red Flags
- ⚠️ "We can break RSA today" (with no peer-reviewed proof or reproducible benchmarks)
- ⚠️ "Quantum-powered" product that doesn't say gate-based vs. annealing or provide algorithmic details
- ⚠️ No comparison to strong classical baselines (HPC, GPUs, MILP/CP-SAT/heuristics)
- ⚠️ No hard numbers: physical vs. logical qubits, error rates, code distance, runtime assumptions, or QEC evidence
- ⚠️ Equating an annealer demo with running Shor's algorithm
❓ Questions to ask vendors
- 1. Is it gate-based or annealing? Which algorithms do you actually run?
- 2. Do you have peer-reviewed results?
- 3. Show head-to-head benchmarks vs. state-of-the-art classical methods on representative problems.
- 4. Can independent parties reproduce your results?
- 5. What's the TCO and roadmap (hardware access, upgrades, exit options)?
For Decision-Makers
0–2 years
- • No need to buy quantum hardware
- • Run small, well-designed PoCs via cloud/simulators (for learning), and execute a PQC migration plan
3–5 years
- • Revisit narrowly defined use cases (materials/chemistry; specific optimization) only if reproducible evidence shows an advantage over classical
Ongoing
- • Build crypto agility, staff literacy, and procurement language (PQC requirements, reproducibility, benchmarks)
Where GaugeSnap Fits
We help clients separate science from marketing:
PQC readiness
crypto inventory, migration roadmap, and pilot rollouts aligned to FIPS 203/204/205
Reality-checked PoCs
cloud-based experiments (with classical baselines) that are small, measurable, and reproducible—no black boxes
Governance
procurement wording to avoid lock-in and require verifiable performance evidence
No Hype
Just the facts
PQC readiness: crypto inventory, migration roadmap, and pilot rollouts aligned to FIPS 203/204/205. Reality-checked PoCs: cloud-based experiments (with classical baselines) that are small, measurable, and reproducible—no black boxes. Governance: procurement wording to avoid lock-in and require verifiable performance evidence.
Sources for the key claims
Academic papers and status reports:
- • NISQ overview (limits of today's hardware): Preskill, Quantum (2018). [Quantum Journal]
- • RSA-2048 resource estimates: Gidney & Ekerå (2021); Gidney (2025 preprint). [Quantum Journal], [arXiv]
- • PQC standards finalized: NIST FIPS 203/204/205. [NIST CSRC], [NIST]
Got a "quantum solves everything" pitch?
If you get a "quantum solves everything" pitch, send it to us—we'll review it and show you the verifiable path (or the holes) before you spend a baht.