Bitcoin might appear impregnable, but quantum hardware has already indicated the start of its demise. The question is no longer whether but when.
Summary
An IBM 133-qubit machine researcher broke a six-bit elliptic curve key, confirming Shor's algorithm is effective on actual hardware and not just theory.
History demonstrates cryptographic systems once thought to be secure, starting from Enigma to DES to SHA-1, ultimately succumbed as computing practices evolved.
Bitcoin uses 256-bit elliptic curve cryptography, which today is unbreakable, but quantum computing may convert that strength into a solvable equation.
Estimates by experts are billions of physical qubits to crack Bitcoin's keys, yet breakthroughs and government reports indicate such devices could materialize within decades. At this time, no limit has been defined on the number of non-cloning-enabled qubits.
Governments, businesses, and developers are already drawing up post-quantum defenses, but Bitcoin's upgrade process needs worldwide coordination, which means its future security is not a matter of if but when.
**
A scratch on Bitcoin's long-standing wall**
On Sep. 2, Steve Tippeconnic, a researcher with IBM's 133-qubit machine, did something that until recently was a theoretical concept.
A six-bit elliptic curve cryptographic key was cracked with the assistance of quantum interference, demonstrating that Shor's algorithm could transcend the chalkboard and withstand actual hardware.
The key was merely six bits long, providing only 64 possible solutions. Any phone in existence today would be able to brute-force it in the blink of an eye. But that was never the question.
The innovation was demonstrating that quantum computers operating hundreds of thousands of layers deep were still able to chisel out patterns robust enough to yield the correct answer.
The key that was deciphered, k = 42, emerged in the top 100 results three times following over sixteen thousand attempts. That one percent success rate sounds modest at first glance, but in cryptography, it equated to everything.
It validated that a quantum computer could consistently boost the right solution even when noise, spurious candidates, and hardware defects overwhelmed the measurement space. The essential breakthrough was that the mathematics worked in practice, not merely in simulation.
Bitcoin, overnight things did not change. Six bits are a child's plaything against the 256-bit keys securing its network. 64 choices and 2^256 alternatives are astronomically different. The discussion did change.
**
Today's norm, tomorrow's weakness**
As history demonstrates, cryptographic systems once thought secure ultimately fail when computing methods improve. The German Enigma machine is perhaps the most well-known example.
Used massively by Nazi Germany during the Second World War, Enigma encoded military messages from submarine movements to combat orders.
It was based on a set of rotating substitution ciphers that generated over 150 quintillion potential settings, leading German command to believe their messages were indecipherable.
Codebreakers at Bletchley, aided by early mechanical machines like the Bombe and subsequently the Colossus computer, minimized the problem to a workable form.
The achievement laid bare German communications in real-time and cut the war short, demonstrating for the first time that sheer human cleverness wedded with new machines could defeat even humongous mathematical defenses.
The U.S. in the 1970s came up with the Data Encryption Standard, or DES, to protect government and commercial communications during a time when computing and banking networks were growing at a fast pace.
The 56-bit key size was strong enough against hardware available at the time and was adopted as a federal standard.
By 1998, though, the Electronic Frontier Foundation showed how rapidly progress could disintegrate that security. It constructed a specially designed machine known as Deep Crack which brute-forced a DES key in 56 hours for approximately $250,000.
Within a short while, the volunteer community Distributed.net coordinated global computing power to reduce the attack time to only 22 hours.
These achievements rendered DES obsolete. In the course of a few years, it was officially retired and supplanted by the Advanced Encryption Standard, which guards government, corporate, and consumer systems today.
Hash functions took a comparable journey. The SHA-1 algorithm, developed in 1995, became the foundation for digital certificates, software patches, and online signatures, securing much of the early web.
It withstood practical attack for years and was relied upon by certificate authorities, browsers, and governments. That reliance came to an end in 2017 when researchers from CWI Amsterdam and Google broke the news of SHAttered, the first ever practical collision attack against SHA-1.
They created two different PDF files with the same hash, demonstrating that the algorithm could be controlled and was no longer safe to use for security.
Major browsers and certificate authorities moved away from SHA-1 within months, requiring a move to more secure standards like SHA-256.
These examples all show a persistent theme. Systems that were previously considered impregnable eventually became vulnerable, not by design, but because computing power and algorithms continued to improve.
Billions of qubits from a breakthrough
Bitcoin's elliptic curve cryptography is based on 256-bit keys. That length corresponds to approximately 1.16 × 10^77 potential combinations.
According to NIST standards, a 256-bit key provides 128-bit security strength, which is considered computationally infeasible to brute force on classical machines. Independent estimates show such an attack would take longer than the age of the universe.
Quantum computing introduces a different model. Shor’s algorithm reduces the problem of discrete logarithms from exponential to polynomial time, scaling with the cube of the input size rather than with 2^n.
A 2017 estimate by Microsoft researcher Martin Roetteler and co-authors estimated that factoring a 256-bit elliptic curve key would cost on the order of a few thousand logical qubits, approximately 2,300 by their estimates
Because today's qubits are faulty, those logical qubits would be equivalent to billions of physical qubits when error correction is included.
Today's hardware is far from that size. IBM's biggest processor, Condor, announced in December 2023, contains 1,121 qubits, and Google's Willow chip hit 105 qubits in 2024. But even these front-running prototypes still use noisy qubits that can't handle long or error-corrected algorithms.
Following a 2025 Government Accountability Office report by the U.S. Government, experts predict the prospect of cryptographically significant quantum computers that can decode commonly used public key encryption in the next 10 to 20 years.
The 2024 expert survey of the Global Risk Institute is in line with the uncertainty, predicting such systems remain the plausible option in the long term, but still decades away.
Constructing defenses ahead of the quantum storm
Governments and corporations are already making plans for when today's encryption is no longer valid.
In 2016, the U.S. National Institute of Standards and Technology (NIST) issued an open world competition to develop quantum-resistant cryptography. Out of over 80 submissions, four algorithms were chosen in 2022 for standardization.
These are CRYSTALS-Kyber for exchange keys and CRYSTALS-Dilithium, Falcon, and SPHINCS+ for signatures. NIST has also indicated that formal standards would be released by 2026, offering governments and industries a well-defined migration path.
National security organizations are linking policy to such technical standards. The U.S. National Security Agency has ordered that all national security and classified systems transition to post-quantum algorithms by 2035, and Canada and the European Union have initiated such moves.
Cloudflare has gone from planning. Over 38 % of all human HTTPS traffic on its network employs hybrid TLS, a combination of traditional and post-quantum key exchange by default, as of early 2025. In several countries of Europe, post-quantum encryption already surpasses 50 % deployment.
It also incorporated post-quantum protection into its Zero Trust platform, expanding coverage to traffic within the internal corporate network through such products as Gateway, Access, and WARP clients, with full implementation available by mid-2025.
Financial regulators and central banks have also issued guidance alerting institutions to anticipate "harvest now, decrypt later" risks, where encrypted records taken today would be vulnerable once quantum computers achieve the necessary scale.
Bitcoin fits into this broader shift. Its use of the elliptic curve secp256k1 exposes it directly to quantum progress, but adjustments to protocol are a matter of global agreement.
Scholarly proposals outline how new signature schemes might be implemented through optional script upgrades so that post-quantum addresses may coexist with traditional ones.
Developer forums indicate both the need and challenge of such adjustments, as even small upgrades demand agreement among miners, exchanges, and users.
The six-bit elliptic curve experiment on IBM's ibm_torino in 2025 demonstrated the idea at a small scale, proving that Shor's algorithm was capable of being executed on real hardware instead of just theory.
Things that were once unthinkable are often rendered mundane once techniques and equipment are able to keep up. Large integer factoring, which was once inaccessible, is now effortless for traditional algorithms through hundreds of digits. Protein folding, previously believed to be impossible, is now managed by AI systems within minutes.
image www.unsplash.com