Quantum Risk Institute
Why Building a Cryptographically Relevant Quantum Computer Is Hard
The hard part is not announcing qubits. The hard part is controlling enough reliable logical qubits for a computation long enough to matter cryptographically.
The bottlenecks
- Qubits are fragile and lose information through noise and decoherence.
- Error correction requires many physical qubits to protect fewer logical qubits.
- Cryptographic attacks require long circuits with low accumulated error.
- Hardware quality, control electronics, fabrication, cooling, and software all have to improve together.
Why the timeline is uncertain
The 2025 Quantum Threat Timeline Report emphasizes both uncertainty and momentum: no fundamental barrier is known, but scaling remains daunting. That is exactly why QRI uses milestones rather than calendar predictions as the public scoring system.
Related QRI pages
Timeline report notes
What expert surveys say about timing.
Methodology
How uncertainty enters the index.
Sources and further reading
QRI content is educational research commentary, not financial advice, legal advice, or a prediction.
QRI analysis notes
Why Building a Cryptographically Relevant Quantum Computer Is Hard should be read as part of a broader risk model, not as an isolated prediction. QRI separates three questions: what has been publicly demonstrated, what would be required for cryptographic relevance, and how long migration would take for systems that depend on vulnerable public-key cryptography.
The current public evidence still supports a low near-term Bitcoin threat level. At the same time, the 2025 expert timeline discussion, post-quantum standards activity, and harvest-now-decrypt-later risk all point to the same planning lesson: organizations should use the quiet period to inventory cryptography, understand data shelf life, and reduce future migration pressure.
How QRI reviews this topic
For this page, QRI looks for primary-source support, clear language, internal consistency with the 0-100 Quantum Threat Level, and explicit separation between Bitcoin-specific risk and broader public-key infrastructure risk. A page does not earn trust by sounding certain. It earns trust by explaining what is known, what is unknown, and what evidence would change the conclusion.
Readers should treat this page as educational research commentary. It is not financial advice, legal advice, or a prediction that a specific quantum computer will arrive by a specific date. The right operational response is proportional readiness: monitor credible evidence, follow standards, and prepare migration paths before urgency becomes expensive.