The scramble to replace today’s internet security—built on RSA and elliptic curve cryptography—with quantum-resistant alternatives is moving faster, whether anyone’s ready or not.
The trigger was a late-month whitepaper from Google Quantum AI, which argued that a quantum computer capable of threatening widely used cryptography could be about twenty times smaller than previously estimated. The big picture hasn’t changed in one key way: the machines that exist today are nowhere near that scale. The largest currently run at roughly 1,000 qubits, while the whitepaper estimates that about 500 times that amount would be needed. Still, even shaving down the timeline in theory has consequences—especially in sectors that care about long-term cryptographic durability.
One of the most noticeable reactions was in the crypto market. Algorand, described in the whitepaper as specifically implementing post-quantum cryptography on its blockchain, jumped 44% in price. That’s not exactly what you’d expect from a research memo alone. But it’s a reminder that crypto communities watch security updates like traders watch interest rates—quickly, loudly, and with a lot of interpretation.
We spoke with Algorand’s chief scientific officer and University of Michigan computer science and engineering professor Chris Peikert, whose early work on lattice cryptography underlies much of what’s used in post-quantum security today. Peikert’s take was blunt: the paper doesn’t just tweak risk, it shows quantum computers could break some widely used cryptography—especially in blockchains and cryptocurrencies—with fewer resources than previously thought. Those resources include the time required and the qubits needed. He also stressed that this isn’t only a crypto issue. The same kinds of cryptography sit under secure web connections between browsers and servers, and versions of elliptic curve cryptography appear in national security and military encryption. It’s pervasive—so the quantum question is also an internet question.
There’s also the uneasy irony that the research is getting better from multiple angles at once. Peikert said the whitepaper’s impact was “compounding” with a concurrent claim that hardware improvements reduced the number of physical qubits needed to achieve a target logical qubit. From a quantum perspective, he framed it as a win-win—advances stacking. For cryptography, it’s the opposite: accelerating pressure.
When asked what the findings mean for timelines, Peikert urged people to think in probabilities rather than calendars. Even so, he offered a range that’s hard to ignore: the chance of a successful quantum cryptographic attack in the next three years is extremely low—maybe less than a percent. Stretch that out to 5, 6, or 10 years and the risk becomes more serious, potentially 5% to 10% or more. The US government’s target for migrating national security systems to post-quantum cryptography by 2035 also came up, and Peikert called it prudent given how slow migrations are. Slow is putting it mildly—this work has to be done deliberately, without breaking systems or introducing new vulnerabilities. Somewhere between the “prepare now” and “we may still have a little time,” the feeling is: better to start early than start late.
Roadblocks, though, are real. Peikert pointed out that cryptography is hard to change and that there hasn’t been much of a systematic transition playbook since the early 1980s and late 1970s. Post-quantum cryptography can demand larger keys and ciphertexts and bigger digital signatures. It’s often faster computationally, he said, but size is the headache—especially in blockchain environments where space is at a premium. He also flagged that blockchains use sophisticated tools like zero-knowledge proofs, and that post-quantum versions of these “fancy” schemes aren’t as mature as the legacy systems already deployed. So, even with strong progress, adoption isn’t a simple flip of a switch.
For Algorand specifically, Peikert said the team has identified pressing issues and worked through them, starting with chain integrity—transaction history everyone agrees on. A first major project added post-quantum security to the history of the chain using state proofs, mixing ordinary post-quantum cryptography with more advanced techniques to condense large numbers of signatures into a smaller set, while still being confident the originals exist and are correctly formed. It’s not “complete” post-quantum security yet, he added—an intentionally cautious position.
If that all sounds like a lot of work for a question that started as “what if quantum gets better,” it is. But Peikert’s optimism is tied to something practical: more decision-makers recognize the migration is necessary, and most important systems will likely end up with mitigations or full migrations. The part everyone can’t control is timing—what if there’s a breakthrough and we get fewer years than we hoped? The whitepaper shortens the runway. The rest of the race is whether upgrades keep up.
On a rainy afternoon, there’s a moment where you can hear the background hum of a laptop fan and think, casually, about how many assumptions live in today’s encryption—until they don’t. That’s the mood this news lands in: not panic, exactly. More like an accelerated checklist, still half-written.
Is your phone listening to you?