Google says its breakthrough quantum chip can’t break modern cryptography
Image: Google Experts believe that one day, quantum computers could make today’s systems of encryption utterly obsolete. But Google tells The Verge its new “breakthrough” Willow chip is nowhere near ready for that. “The Willow chip is not capable of breaking modern cryptography,” Google Quantum AI director and COO Charina Chou tells The Verge. A so-called “cryptanalytically relevant quantum computer,” or CRQC, could “jeopardize civilian and military communications, undermine supervisory and control systems for critical infrastructure, and defeat security protocols for most Internet-based financial transactions,” the White House warned in 2022, ordering that US agencies must transition to new systems to mitigate that risk by 2035. But Willow is not a CRQC, according to Google. While the company does claim it can solve a computing challenge in five minutes that would take the world’s fastest supercomputer ten septillion years, Google has only produced 105 physical qubits worth of that computing power and suggests it would need millions to literally crack the codes. “Estimates are we’re at least 10 years out from breaking RSA, and that around 4 million physical qubits would be required to do this,” Chou writes. She says Willow doesn’t change the timeline at all. And though Chinese researchers have repeatedly claimed to discover new ways to break RSA encryption with a much smaller quantum computers, ones with just a few hundreds or thousands of qubits, security experts have repeatedly been skeptical. Google is one of the many companies preparing to defend against the potential threat of broken encryption with post-quantum cryptography, or PQC, ever since the Edward Snowden leaks revealed that spy agencies like the NSA were quietly funding code-breaking quantum computer research. A few years back, we wrote about how the National Institute of Standards and Technology created a competition to develop quantum-safe cryptography standards back in 2016. This August, NIST released three finalized algorithms and its standards for integrating them into products and systems, and plans to select one or two more by the end of the year. The RAND Corporation, a think tank famous for advising on US national security in the past, suggested in a 2023 editorial that the moment an RSA-breaking quantum computer exists, it’ll trigger a worldwide rush to defend against it: “As soon as the existence of the CRQC becomes public knowledge — or is even considered plausible — and the threat becomes concrete, most vulnerable organizations will immediately move to upgrade all their communications systems to post-quantum cryptography.”
/cdn.vox-cdn.com/uploads/chorus_asset/file/25782341/google_willow_chip.png)
Experts believe that one day, quantum computers could make today’s systems of encryption utterly obsolete. But Google tells The Verge its new “breakthrough” Willow chip is nowhere near ready for that.
“The Willow chip is not capable of breaking modern cryptography,” Google Quantum AI director and COO Charina Chou tells The Verge.
A so-called “cryptanalytically relevant quantum computer,” or CRQC, could “jeopardize civilian and military communications, undermine supervisory and control systems for critical infrastructure, and defeat security protocols for most Internet-based financial transactions,” the White House warned in 2022, ordering that US agencies must transition to new systems to mitigate that risk by 2035.
But Willow is not a CRQC, according to Google. While the company does claim it can solve a computing challenge in five minutes that would take the world’s fastest supercomputer ten septillion years, Google has only produced 105 physical qubits worth of that computing power and suggests it would need millions to literally crack the codes.
“Estimates are we’re at least 10 years out from breaking RSA, and that around 4 million physical qubits would be required to do this,” Chou writes. She says Willow doesn’t change the timeline at all.
And though Chinese researchers have repeatedly claimed to discover new ways to break RSA encryption with a much smaller quantum computers, ones with just a few hundreds or thousands of qubits, security experts have repeatedly been skeptical.
Google is one of the many companies preparing to defend against the potential threat of broken encryption with post-quantum cryptography, or PQC, ever since the Edward Snowden leaks revealed that spy agencies like the NSA were quietly funding code-breaking quantum computer research.
A few years back, we wrote about how the National Institute of Standards and Technology created a competition to develop quantum-safe cryptography standards back in 2016. This August, NIST released three finalized algorithms and its standards for integrating them into products and systems, and plans to select one or two more by the end of the year.
The RAND Corporation, a think tank famous for advising on US national security in the past, suggested in a 2023 editorial that the moment an RSA-breaking quantum computer exists, it’ll trigger a worldwide rush to defend against it:
“As soon as the existence of the CRQC becomes public knowledge — or is even considered plausible — and the threat becomes concrete, most vulnerable organizations will immediately move to upgrade all their communications systems to post-quantum cryptography.”
/cdn.vox-cdn.com/uploads/chorus_asset/file/24993388/DSC05706.jpg){kind=small}
/cdn.vox-cdn.com/uploads/chorus_asset/file/25542168/2162005028.jpg){kind=small}
/cdn.vox-cdn.com/uploads/chorus_asset/file/25692971/Meta_facial_recogition.jpg){kind=small}
/cdn.vox-cdn.com/uploads/chorus_asset/file/25538267/2162029635.jpg){kind=small}
/cdn.vox-cdn.com/uploads/chorus_asset/file/23318441/akrales_220309_4977_0403.jpg){kind=small}
/cdn.vox-cdn.com/uploads/chorus_asset/file/24347780/STK095_Microsoft_04.jpg){kind=small}
