Forget the 10 septillion years needed for a classical computer to solve this problem, and focus instead on the falling number of necessary error correction qubits.

Google announced its latest quantum computing advance, the Willow chip, on December 9, 2024. The announcement focuses on two aspects: current power and future potential.

The power is demonstrated by large numbers: Willow can solve a problem in less than five minutes that would take a classical supercomputer 10 septillion years to solve. Now, even though the supercomputer and the length of time it would take are not factual but obviously simulations, and even though the problem may have been developed specifically to be solved by Willow, this is mighty impressive. 

Karl Holmqvist, founder and CEO of Lastwall.

Karl Holmqvist, founder and CEO of Lastwall, explains the process. “What Google achieved with Willow involves something called random circuit sampling (RCS), which generates random quantum circuits specifically designed as a benchmark for quantum computers,” he told SecurityWeek.

“RCS is about creating complex pseudo-random quantum circuits, making it extremely difficult for classical computers to process. In that sense, it’s a contrived problem because it’s built specifically to test quantum systems. However, it is also an accepted benchmark for evaluating whether a system can harness quantum effects.”

It is and is meant to be impressive. Note that in 2019 Google bragged about achieving ‘quantum supremacy’ with a quantum computer that could solve a different problem that would take a supercomputer 10,000 years to solve in around 200 seconds. Willow shows a remarkable improvement in just five years.

But it is perhaps not as impressive as we are meant to assume. There is no apparent dramatic decrease in the time to a cryptographically relevant quantum computer (CRQC) – that point at which a quantum computer will be able to decrypt current PKE encryption. To put it bluntly, it is specifically CRQC rather than quantum computing in general that is of current concern to cybersecurity professionals.

It is the other part of the Willow announcement that is of greater importance — Google appears to have made a breakthrough in quantum error correction. Qubits are so inherently fragile (prone to errors from environmental noise, decoherence, and operational imperfections) that each ‘functioning’ qubit requires many more qubits to correct the errors. Without that error correction, a quantum computer effectively decays into a classical computer.

Willow has 105 qubits. IBM’s Osprey says it has 433 qubits. “What’s the use of a high qubit count if error rates are so high the results cannot be trusted?” asks Skip Sanzeri, co-founder and COO, QuSecure. “I think it’s safe to say that IBM and others have not yet achieved these error correction milestones or most likely we would have heard about them. We can bet that all eyes will be on Google as other companies and nation-states will attempt to mimic Willow’s error correction.”

Skip Sanzeri, Co-founder and COO, QuSecure

Just a few years ago, SecurityWeek was told that each working qubit could require up to a thousand extra error correction qubits — although improvements in error correction algorithms and methods have been steadily lowering this number, and different technologies have different degrees of quantum instability. Now Google has announced that it has achieved what is known as ‘below threshold’ error correction.

Google has demonstrated with Willow that it can increase the number of qubits while simultaneously reducing the reliance on error correcting qubits. 

“This is a major watershed moment for quantum computation design, marked by the demonstration of below-threshold scaling capabilities,” explained Holmqvist. “The shift from ‘more qubits add more noise’ to ‘more qubits exponentially reduce noise’ is transformative, opening pathways for various architectural approaches and representing a huge leap forward in quantum computing.”

Sanzeri adds, “Error correction is applicable across all quantum computing types including superconducting, photons, ions and even neutral atoms. So safe to say this is an industry breakthrough.” But he also warns, “These results represent incremental progress rather than a full solution. While significant, the level of error correction achieved is still far from the thresholds required for large-scale, fault-tolerant quantum systems.”

It is impossible to say that Willow and Google’s below threshold error correction brings the day of CRQC any closer, but it does have that potential. The real lesson for security folk is that we no longer dare delay our cryptographic migration to NIST’s post quantum and agile encryption algorithms. To do so goes beyond folly.

Related: Google Invests in Alternative Neutral Atom Quantum Technology

Related: Microsoft Adds Support for Post-Quantum Algorithms in SymCrypt Library

Related: Post-Quantum Cryptography Standards Officially Announced by NIST – a History and Explanation

Related: QuSecure Scores Post-Quantum Cybersecurity Contract Worth More Than $100M Annually