Quantum computers: where are we on the path from theory to reality?

Author : Arnaud DUFOURNET, Chief Marketing Officer

On September 12, 1962, John F. Kennedy told the American people that, “We choose to go to the moon in this decade and do the other things not because they are easy, but because they are hard.” The development of a quantum computer able to outperform today’s most powerful supercomputers brings to mind the space race that pitched the Americans against the Soviets in the 1960s. The stakes are equally colossal in terms of geopolitics, defense, and economic supremacy. There is, however, one noteworthy difference: in this new race, there could well be more than one winner.

Everyone wants their own quantum computer

The media hype surrounding quantum computing has been building up for some months now, and not without good reason. In a report published in November 2024 [in French only], France’s intellectual property office, INPI, revealed that “Quantum computing has expanded dramatically over the past decade, with a 20-fold increase in patent families between 2013 and 2022.” According to the quantum technology consultancy QURECA, more than $40 billion has been invested in quantum computing.

As with the space race, the major nations all want to be the first to own a quantum computer able to perform complex calculations that no current supercomputer can handle. In the current highly unstable and uncertain geopolitical context, the development of such a computer is obviously likely to alter the balance of power.

Unsurprisingly, the United States is ahead of the field, with its technology behemoths IBM, Google, and Microsoft. Lagging a little behind, China is nonetheless chasing hard and, above all, investing massively in research and development.

Other nations are doing well, such as Canada, with D-Wave, a pioneer in quantum computing, and France, with five start-ups using different technologies to generate qubits. Moreover, the French defense procurement and technology agency (DGA) is banking on them to deliver at least two prototype universal quantum computers by 2032 under the Proqcima program. Russia is also looking to make up ground and has just unveiled a 50-qubit prototype quantum computer based on neutral rubidium atoms.

The qubit race is running at full tilt

Spectacular announcements in the field of quantum computing have followed one after another in the last few years. Google set the ball rolling in 2019 by announcing that it had achieved quantum supremacy. Its quantum computer using the Sycamore processor, consisting of just 53 physical qubits, managed to perform a specific task that even conventional supercomputers could not achieve inside a reasonable timeframe. Although highly controversial, this announcement triggered an acceleration in the qubit race.

However, there is still a long and winding road ahead before the benefit of the computing power that quantum computing promises will be seen. Quantum technology is currently in the NISQ era, which stands for Noisy Intermediate Scale Quantum, and is where the most advanced manufacturers, such as IBM, find themselves. These first quantum computers are of intermediate size, meaning they have between fifty and a thousand physical qubits, and the calculations they perform generate quantum noise, in other words errors. They are nevertheless useful for understanding future applications and running simulations of simple quantum systems or small-scale optimization exercises.

The next stage for quantum computing is to introduce error detection and correction. Known as FTQC, for Fault-Tolerant Quantum Computers, this phase involves using quantum error correction codes and reducing quantum decoherence and other sources of noise. FTQCs require a number of physical qubits to encode a single, reliable, logical qubit, the usual ratio being around a thousand or more to one, depending on the technology used.

To date, no fully operational FTQC exists. Building one is one of the major objectives currently being pursued by manufacturers and researchers, as Google’s latest announcement about its new Willow quantum chip shows. French startup Alice & Bob meanwhile is planning to produce its first universal FTQC by 2030.

Once the matter of errors is under control, scaling up will still be a huge challenge to meet. To enter the LSQC (Large-Scale Quantum Computing) era, large-scale quantum computers will need to be able to perform useful calculations with a significant number of logical qubits (> 1,000) and an error rate low enough for complex calculations. This will also require distinctly longer coherence times to have been achieved than is currently the case.

Then lastly, the Holy Grail, or more prosaically the UQC (Universal Quantum Computer), will be a quantum computer able to run any quantum algorithm, such as Shor’s factorization algorithm, or Grover’s unstructured search algorithm, these being two algorithms dreaded by IT security professionals.

When will Q-Day happen?

Quantum computing is making rapid, evenly paced progress. In 2024, an unprecedented 13 players issued major announcements regarding their roadmaps. However, it remains hard to predict when the famous Q-Day will occur, i.e. the day when a computer able to break current encryption systems will finally become operational. Nvidia’s CEO, Jensen Huang, recently cooled expectations by saying at the CES in Las Vegas that “useful quantum computers” are two decades away. Experts generally reckon on 15 to 20 years. In its latest update to its research into the development of quantum computing, Germany’s Federal Office for Information Security (BSI) ventured a conservative estimate, saying such a computer might arrive 16 years from now. This timeframe could be reduced if innovations arise in terms of error correction and reduction.

Despite this degree of uncertainty, the threat is being taken very seriously by security agencies, who speak with one voice: the likelihood of the quantum threat becoming reality within the next decade has become sufficiently high that they are calling on public- and private-sector organizations alike to start their transition to quantum-resistant cryptography now. Their message is starting to get through. ENISA observes in its first report on the state of cybersecurity in the European Union (a report published in December as part of the cooperation set up by the NIS2 Directive) that PQC along with AI are the two emerging technologies that have most gained in importance over the past year.

Another known factor is that RSA and elliptic curves are reaching the end of the road. In November, NIST announced the deprecation of 112-bit RSA and ECC digital signature algorithms (2048-bit keys) from 2030 and a total ban from 2035 (see the report here). Shortly afterwards, the Australian Signals Directorate (ASD) went even further, disallowing the use of these same algorithms from 2030 (see its recommendations here). The pace of transition to PQC therefore looks set to quicken in 2025.

Useful resources

• INPI report [in French]
• ENISA report
• BSI report
• NIST report