Quantum Factoring Needs Just 10,000 Qubits

A new analysis from Madelyn Cain and colleagues at University of California and Oratomic reveals that Shor’s algorithm, a key tool with implications for modern cryptography, may be achievable with fewer qubits than previously thought. By optimising quantum error correction and circuit design, cryptographically relevant calculations using Shor’s algorithm could potentially be performed with as few as 10,000 reconfigurable atomic qubits. The research sharply lowers the resource requirements for building a quantum computer capable of breaking widely used encryption algorithms, suggesting such a machine may be within reach given continued advances in neutral-atom technology and recent experimental demonstrations of fault-tolerant operations on increasingly large qubit arrays.

The team’s analysis indicates that a system with 26,000 physical qubits could solve discrete logarithms on the P-256 elliptic curve in a matter of days. Shor’s algorithm viability enhanced via reduced qubit counts and optimised atomic architectures A cryptographically relevant Shor’s algorithm now requires as few as 10,000 reconfigurable atomic qubits, a reduction from previous estimates of millions. This breakthrough crosses a critical threshold, as the immense qubit requirements previously rendered practical implementation of the algorithm, vital for breaking modern encryption, impossible. The reduction was achieved through advances in quantum error-correcting codes, efficient logical instruction sets, and optimised circuit design, densely packing logical qubits to minimise overhead. Under plausible assumptions, a system comprising 26,000 physical qubits could solve discrete logarithms on the P-256 elliptic curve in a matter of days, demonstrating a sharp leap in computational speed. These findings highlight the potential of neutral atoms for fault-tolerant quantum computing and wider scientific applications. Utilising high-rate quantum error-correcting codes, the team achieved encoding rates of over 1,000 logical qubits with approximately 30 per cent efficiency, a significant improvement over earlier designs using planar surface codes which achieved around 4 per cent. Simulations suggest that a 26,000-qubit system could solve problems in elliptic-curve cryptography, such as breaking the P-256 encryption standard, in a matter of days, while factoring RSA-2048 integers requires considerably more qubits, around 102,000, and potentially 97 days of computation. This disparity in computational effort highlights that factoring RSA-2048 remains substantially more demanding than solving discrete logarithms on the P-256 elliptic curve. High-rate qLDPC codes and optimised qubit architectures for fault-tolerant quantum computation The core of this advancement lies in the application of high-rate quantum low-density parity check (qLDPC) codes, a method of quantum error correction. These codes protect fragile quantum information from errors by densely packing logical qubits, the fundamental units of quantum information, into each code block, sharply reducing the overall qubit overhead. Careful architectural design is necessary to efficiently address and manipulate individual logical qubits during complex calculations, and the team achieved this through optimised logical instruction sets and circuit design, streamlining the process of performing operations on the qubits. Previous estimates requiring millions of physical qubits for quantum error correction are now significantly reduced. The approach utilises qLDPC codes, densely packing logical qubits to minimise overhead. Systems with 26,000 physical qubits could potentially solve discrete logarithms on the P-256 elliptic curve in a few days, but factoring RSA-2048 integers would take considerably longer. The success of this method hinges on achieving fault tolerance, essential to correct errors inherent in quantum systems. Shor’s algorithm feasibility hinges on qubit count and algorithmic complexity The prospect of breaking today’s encryption standards with quantum computers has long felt theoretical, hampered by the sheer scale of hardware required.

This research suggests a path to practicality, demonstrating that a machine capable of running Shor’s algorithm, a key threat to current security, might need only ten thousand qubits, a dramatic reduction from previous estimates. However, the team’s calculations reveal a significant disparity in computational effort; factoring RSA-2048, a widely used encryption standard, remains substantially more demanding than solving discrete logarithms on the P-256 elliptic curve. Acknowledging that factoring RSA-2048 remains more complex than breaking P-256 encryption, this work delivers a vital recalibration of expectations. It demonstrates that building a quantum computer capable of cracking widely used security protocols is not solely a matter of scale, but also of clever engineering and optimised design. Reducing the qubit requirement to around ten thousand, alongside advances in neutral atom technology, brings a practical quantum threat demonstrably closer to reality. This represents a critical shift, compelling renewed focus on post-quantum cryptography Advances in quantum error correction, logical instruction sets, and circuit design have shown the algorithm is potentially achievable with approximately 10,000 reconfigurable atomic qubits. This represents a critical shift, as previous estimates demanded millions of qubits for fault-tolerant operation. Optimised design is therefore of paramount importance in realising practical quantum computation. Researchers demonstrated that Shor’s algorithm, a potential threat to current encryption, could be executed with as few as 10,000 reconfigurable atomic qubits. This finding significantly reduces the estimated hardware requirements compared to previous calculations, bringing the possibility of cryptographically relevant quantum computation closer to realisation.

The team’s analysis indicates that solving discrete logarithms on the P-256 elliptic curve may be achievable in a matter of days with 26,000 physical qubits, although factoring RSA-2048 integers remains a more substantial computational challenge. They suggest that further progress relies on continued advances in neutral-atom technology and optimised circuit design. 👉 More information 🗞 Shor’s algorithm is possible with as few as 10,000 reconfigurable atomic qubits 🧠 ArXiv: https://arxiv.org/abs/2603.28627 Tags: