coin-img-ETHETH+4.80%coin-img-BTCBTC+2.78%coin-img-SOLSOL+1.60%coin-img-XAUTXAUT+2.95%coin-img-PAXGPAXG+3.20%coin-img-BASEDBASED-21.05%coin-img-CDDCDD-90.95%coin-img-USDCUSDC-0.02%coin-img-ETHETH+4.80%coin-img-BTCBTC+2.78%coin-img-SOLSOL+1.60%coin-img-XAUTXAUT+2.95%coin-img-PAXGPAXG+3.20%coin-img-BASEDBASED-21.05%coin-img-CDDCDD-90.95%coin-img-USDCUSDC-0.02%coin-img-ETHETH+4.80%coin-img-BTCBTC+2.78%coin-img-SOLSOL+1.60%coin-img-XAUTXAUT+2.95%coin-img-PAXGPAXG+3.20%coin-img-BASEDBASED-21.05%coin-img-CDDCDD-90.95%coin-img-USDCUSDC-0.02%coin-img-ETHETH+4.80%coin-img-BTCBTC+2.78%coin-img-SOLSOL+1.60%coin-img-XAUTXAUT+2.95%coin-img-PAXGPAXG+3.20%coin-img-BASEDBASED-21.05%coin-img-CDDCDD-90.95%coin-img-USDCUSDC-0.02%

Google Quantum AI says physical qubits needed to crack Bitcoin's elliptic-curve security could be 20x lower

Google Quantum AI has published a technical blog post outlining new resource estimates for quantum attacks on the 256-bit elliptic curve discrete logarithm problem (ECDLP256), the cryptographic foundation behind Bitcoin and many other blockchain systems. The post, dated March 31, 2026, is co-authored by Ryan Babbush (Director of Quantum Algorithms Research, Google Quantum AI) and Hartmut Neven (VP of Engineering, Google Quantum AI and Google Research). Its central takeaway: the estimated number of physical qubits required to break ECDLP256 has dropped by roughly 20x compared with prior estimates. In a whitepaper accompanying the update, the authors describe two fault-tolerant circuit designs implementing Shor's algorithm for ECDLP256. One uses fewer than 1,200 logical qubits with 90 million Toffoli gates; the other uses fewer than 1,450 logical qubits with 70 million Toffoli gates. Under standard hardware assumptions aligned with Google's superconducting quantum roadmap, they estimate the circuits could run in minutes on a cryptographically relevant quantum computer (CRQC) requiring fewer than 500,000 physical qubits. Google argues the results strengthen the case for accelerating migration to post-quantum cryptography (PQC). The company notes it recently proposed a 2029 migration timeline and says PQC is already a mature path for securing blockchains against future CRQCs. The post points to existing examples of post-quantum blockchains as well as experimental deployments of PQC on blockchains that are currently vulnerable to quantum attacks. For the cryptocurrency ecosystem, the authors recommend steps to reduce near-term exposure, including limiting the exposure or reuse of vulnerable wallet addresses. They also suggest exploring policy options related to abandoned cryptocurrencies, given the long-term implications of quantum-enabled key recovery. A key element of the publication is its disclosure approach. The authors emphasize that blockchain security discussions are unusually sensitive because market confidence can be damaged by fear, uncertainty, and doubt (FUD), and they argue that unsound quantum-breaking estimates can themselves function as an attack vector. To balance transparency with risk, Google says it is releasing verification materials based on a "zero-knowledge proof" method, allowing third parties to validate the resource estimates without revealing the underlying quantum circuits or operational attack details. Google says it hopes the work will help align quantum computing, security, cryptocurrency and policy communities around responsible disclosure practices for quantum cryptanalysis, while supporting long-term resilience of the broader digital economy.
Selected
BTC
BTC+2.77%
Disclaimer: The content above is only the author's opinion and does not represent BingX’s stance. It shall not be construed as investment advice from BingX. For details, refer to the Terms and Conditions.