Zurich Zurich

Quantum Computing’s Asymmetric Risk Means One Break Is All It Takes

quantum demand
quantum demand
Quantum Source Quantum Source

Insider Brief

  • Experts on an a16z podcast warn that while the threat of a cryptographically relevant quantum computer is real, the lack of commercial demand is dampening acceleration on the technology.
  • Without strong business incentives, the development of large-scale quantum systems may take decades, despite the irreversible risks posed by even a single success.
  • This asymmetry — where one breakthrough could break global encryption — has prompted governments to act preemptively, even as the private sector lags behind.

Quantum computing could one day upend global cybersecurity systems, but without intense Moore’s law-like commercial pressures to build such a machine today, timelines for the arrival of fault-tolerant quantum computing are hard to pin down, according to experts interviewed on a recent episode of a16z’s web3 with a16z podcast.

However, the stark contrast between business demand and national security risk is shaping the future of quantum technology. That imbalance, discussed in depth during the podcast focused mainly on how quantum impacts blockchains, creates a paradox: the most urgent need for quantum computers may come from adversaries looking to break encryption, not companies trying to solve business problems.

“The reason Moore’s Law happened was because there was a lot of demand for increased computing capacity,” said Stanford professor and a16z crypto advisor Dan Boneh. “For quantum: We’re not quite seeing the strong business demand, and the strong business drive, for such large quantum computers. In the quantum computing space, there isn’t… any commercial applications yet. So, it’s not clear that the same investment will take place.”

Responsive Image

Computing history shows how incentives shape progress. Classical computing advanced quickly in part due to Moore’s Law, which held that the number of transistors on a chip would double roughly every 18 months. But Boneh noted that Moore’s Law wasn’t just a function of physics.

Without a similar commercial pull, quantum development is likely to proceed more slowly. Boneh estimated that to build a quantum computer capable of breaking modern encryption, the field would need to scale to around 10 million qubits. Today, devices typically operate in the range of 100 physical qubits. Using Moore-like assumptions, he calculates that it would take another 15 to 22 years to reach that level.

“Again keep in mind, these are just guesses; we might be off by a decade in either direction.” Boneh said, adding that the timeline could accelerate if quantum development became a major national priority, but does not see any indication of a Manhattan Project-style effort in the U.S. or elsewhere.

The experts did not mention how those business demand might change if quantum computers found commercial uses in lucrative areas, such as pharmaceutical development.

Risk Still Exists

That doesn’t mean the risk is remote, the experts suggest. According to Georgetown professor and a16z research partner Justin Thaler, the threat is structurally asymmetric.

“The other thing you can say is that there’s a number of different approaches that different teams are pursuing to achieve this… (I’m not an expert on this, but) you have like trapped ions, trapped topological quantum computing, there’s several,” said Thaler. “And, they’re each making great progress. They’re each also kind of in their infancy to varying degrees. And so progress on one does not imply progress on the other — but only one of them needs to succeed in the end for you know all of our crypto-systems that we use today to be broken.”

In other words, even if most fail, a single scalable platform could make encrypted systems obsolete.

This dynamic is what makes quantum computing uniquely dangerous. The timeline may be uncertain, but the impact is total. In the podcast, the experts warn that once a cryptographically relevant quantum computer is built, the effects would be irreversible. According to Boneh, it’s possible that hackers could use a quantum computer to move money around on a blockchain without the owner’s permission.

High Stakes, Immediate Action

Because the stakes are so high, governments are already acting. The U.S. National Institute of Standards and Technology (NIST) has announced plans to phase out cryptographic standards vulnerable to quantum attacks by 2035. That move is less about predicting when quantum computers will arrive, and more about setting a deadline for when systems need to be switched over.

“They’re setting up a target, to get everybody thinking about the problem, and in some sense start the process,” Boneh said.

Unlike encryption, which can be harvested today and broken later — a risk known as “harvest now, decrypt later” — blockchain systems rely mostly on digital signatures. That makes them less vulnerable in the short term, but they still require upgrades. Thaler noted that Bitcoin’s governance model may make switching to post-quantum signatures particularly slow.

While the absence of a profitable use case for quantum computing today could hold back investment and innovation, the experts did mention technological trends that abruptly shifted due to business demands. The discussion on the podcast mentions zero-knowledge proofs, specifically, a once-niche cryptographic tool that has advanced rapidly due to demand from the blockchain industry.

“I think the ZK analogy is a good one…  I mean, the reason it progressed so quickly — and now we have such wonderful frameworks to do ZK — is because there was a lot of, business pressure,” Boneh said.

Thaler echoed the point, saying he was surprised not by how fast zero-knowledge systems improved, but that anyone found compelling use cases for them in the first place.

“Before I knew about blockchains, it was impossible to imagine that it’d be useful to prove statements you could actually run the prover on but then blockchains made statements that are simple enough to run the-these very slow provers on, very valuable,” said Thaler. “And so that, that’s more surprising to me. And then, of course, that sparked all the investments, which is why the-the field is where it is today.”

The experts did not see similar pressure yet existing in quantum. And that may be why experts are urging a measured but serious response. While they see a 20-year timeline as reasonable, both Boneh and Thaler warn against complacency.

If the first quantum computer that matters is built for offense, the cost of delay will be paid in trust, security, and sovereignty. As Boneh said, the best way to prepare is to act now—not because the threat is imminent, but because the infrastructure to defend against it takes decades to deploy.

Thaler said: “So what I would say is: Look, I do fully expect us to have, you know, cryptographically relevant quantum computers in the coming decades… And so what I would say is… It’s not cost-free or risk-free to switch. And it’s a cost-benefit analysis thing — we do eventually have to switch, for sure.”

Matt Swayne

With a several-decades long background in journalism and communications, Matt Swayne has worked as a science communicator for an R1 university for more than 12 years, specializing in translating high tech and deep tech for the general audience. He has served as a writer, editor and analyst at The Quantum Insider since its inception. In addition to his service as a science communicator, Matt also develops courses to improve the media and communications skills of scientists and has taught courses. [email protected]

Share this article:

Keep track of everything going on in the Quantum Technology Market.

In one place.

Related Articles

Join Our Newsletter