A new paper by a Google AI researcher suggests that cracking the RSA cryptosystem, a wide-used public-key encryption protocol, would require fewer quantum resources than previously thought. Google Quantum AI engineer Craig Gidney’s paper estimates that “a 2048 bit RSA integer could be factored in less than a week by a quantum computer with less than a million noisy qubits”. That stands in contrast to Gidney’s previous paper which estimated the computing power needed at 20 million qubits.
The research offers food for thought for those invested in the future of cryptocurrencies and digital finance.
Cryptocurrencies at risk?
As CoinDesk points out, RSA encryption underpins the security of many cryptocurrency wallets and some crypto transactions. If advances in quantum computing suddenly render RSA insecure, the consequences for digital asset security could be profound.
And while Bitcoin and other cryptocurrencies use elliptic curve cryptography (ECC), rather than RSA, the research serves as a wakeup call.
CoinDesk cautions: “While 256-bit ECC keys are significantly more secure than 2048-bit RSA keys, quantum threats scale nonlinearly, and research like Gidney’s compresses the timeline by which such attacks become feasible.”
For now, this a theoretical consideration. There are no real-world quantum computers that come anywhere near to cracking bank-grade encryption.
However, there are practical takeaways. Gidney explains that “understanding the cost of quantum factoring is important for planning and coordinating the transition away from RSA, and other cryptosystems vulnerable to quantum computers”. That is, research like Gidney’s will help inform our strategies for developing more robust and enduring protocols for the future digital economy.
Optimistically cautious
Gidney concludes his paper with a nice philosophical point. While his new paper posits a significant reduction in the qubit count need to break RSA 2048, he doesn’t see a way to reduce the requirement by another order of magnitude. Nonetheless, Gidney agrees with the National Institute of Standards and Technology Transition to Post-Quantum Cryptography Standards draft paper, which recommends disallowing vulnerable systems after 2035.
But why, if there’s no obvious path to designing an all-conquering quantum codebreaker? “Not because I expect sufficiently large quantum computers to exist by 2030, but because I prefer security to not be contingent on progress being slow.”
It’s a useful reminder that we should take evolving security threats seriously; not because we are pessimistic about technology, but precisely because of our optimism of the rate of innovation.
AI, quantum computing, and other emerging technologies are poised to transform conventional banking and trading practices. Cryptocurrencies and blockchain-based applications will likely evolve in parallel. With legislation like the GENIUS Act aiming to bring stablecoins into the mainstream, we can anticipate new and possibly unpredictable interactions between traditional financial systems and the crypto ecosystem. It’s no surprise that leading banks are already jointly exploring the development of a stablecoin to stay ahead of fast-moving crypto competition.
Holistic strategies: more important than ever
In financial services, the pace of innovation demands adaptability. Complacency is not an option.
Regulators, standards organisations, technology firms, and financial institutions must collaborate on comprehensive strategies to stay ahead of real-world innovation. Internally, financial organisations need to prioritise operational resilience and adopt integrated approaches to risk management. Today’s risks are deeply interconnected; treating them in isolation is no longer viable.
This is a significant challenge, but it also reflects the scale of the opportunity ahead.
All opinions, news, research, analysis, prices or other information is provided as general market commentary and not as investment advice and all potential results discussed are not guaranteed to be achieved. The information may have been derived from publicly available sources, company reports, personal research, or surveys. Past performance is not indicative of future performance. Trading carries risk of capital loss. Service available to professional clients only.
