IBM builds a 50 qubit quantum computer - is this the end of RSA?


Georg T. Becker, Senior Researcher at ESMT

IBM announced in November that it has successfully build a 50 qubit quantum computer. IBM also announced a 20 qubit quantum computer that will be available for clients to use and experiment on. This is quite a leap forward from the 17 qubits systems currently available and highlights the big improvements currently happening in this area.

Quantum computers work completely different than traditional computers. Instead of working on bits that can be either 0 or 1, quantum computer work on qubits that can have a so called superposition which contains significantly more information than a simple bit. With the “strange workings of quantum mechanics” a quantum computer can use this significant amount of information within a qubit to run specific algorithms such as Shor’s algorithm that can solve some problems exponentially faster than a conventional computer. [Note: quantum computers are not per se “better” than traditional computers. The speedup is only achieved for very specific problems.]

And that is what makes quantum computer extremely important for IT security: If a quantum computer can be build which i) has enough qubits (more than 2000-4000) and ii) is very stable, i.e., does not suffer from noise, the most popular public-key algorithms such as RSA and ECC can be attacked. This would have significant security implications as our entire IT infrastructure relies on these public key algorithms.

Note that while the 50 qubit system is a major leap forward, we are still far away from building a quantum computer that is capable of breaking RSA. Indeed, so far no test results of IBM’s 50 qubit system are available to answer the question if it is actually stable enough to be useful. With the heavy investment of leading IT companies such as IBM, Google (which announced to also build a 50 qubit system by the end of this year), Intel or Microsoft as well as considerable public funding (Europe is investing 1.2 billion in quantum technologies in the next 10 years) we are definitely at a turning point in quantum computer research. The next few years will likely show how far the proclaimed goal of building a quantum computer able to break RSA can be built in the foreseeable future.

But it is important to note that there is no reason to despair. We already know how we can “survive” the quantum computer. Post-quantum cryptography – cryptographic algorithms for which no efficient quantum algorithm is known -  have matured to a point where they can be used in practical applications (see And standardization is now also on the way with a big open initiative from NIST. Hence, while quantum computer advance, so does also post-quantum security. But if you have data that needs to stay confidential for the next 50 years, it might be already the time to think about implementing post-quantum cryptography now.