A cluttered and complicated chart relating qubit counts to qubit error rates, comparing today's devices to cryptographic attacks.

Overdue quantum landscape update: sam-jaques.appspot.com/quantum_land...

A 2d chart can only say so much. tl;dr new results are still overhyped, but definitely worth taking seriously. This chart is based on surface codes and a big question now is whether new codes can be practical (=>useless chart)

140 trillion quantum computers?

Quantum Computers Are Not a Threat to 128-bit Symmetric Keys There is no need to update symmetric key sizes as part of the post-quantum transition, due to the details of how Grover's algorithm scales. Most authorities agree.

There are no technical or compliance reasons to double the size of symmetric keys in response to the threat of quantum computers.

This common misunderstanding of Grover's algorithm risks wasting limited resources that should go towards deploying actually urgent post-quantum algorithms.

I post links about the quantum thing. That is my life now, I guess.

Anyways, here is Cloudflare following suit and setting 2029 as target date, and Scott slowing losing his mind over people being dumb on the internet.

https://blog.cloudflare.com/post-quantum-roadmap/ […]

Cloudflare targets 2029 for full post-quantum security Recent advances in quantum hardware and software have accelerated the timeline on which quantum attack might happen. Cloudflare is responding by moving our target for full post-quantum security to 202...

No one likes it if deadlines are pulled forward. I thought I had a decade at least for PQC. But when things change, you gotta adapt. blog.cloudflare.com/post-quantum...

A very nice explainer why "if you're so worried about quantum computers, why haven't they factored 21 yet?" isn't a very convincing argument. Look at the labels of the graph, and how extremely close the various lines are for factoring 21 and 2048 bit numbers. Polynomial scaling remains […]

from @bwesterb.bsky.social:

bas.westerbaan.name/notes/2026/0...

Quantum frontiers may be closer than they appear An overview of how Google is accelerating its timeline for post-quantum cryptography migration.

Last year, I thought we still had time to design PQ auth systems.

Now, based on the pace of progress and on statements like Google's, I believe

1. we need to finish rolling out PQ kex yesterday

2. we need to start rolling out PQ auth now

3. it's too late to ship any new non-PQ design or system

How To Make Quantum Algorithms Cheaper | Craig Gidney on Magic-State Factories, Resource Estimates YouTube video by 632nm

While I was attending APS March Meeting, I appeared in the 632nm podcast. The recording is available on youtube: www.youtube.com/watch?v=lnHg...

Never been on a podcast before, and no doubt that shows, but it was fun.

Quantum frontiers may be closer than they appear An overview of how Google is accelerating its timeline for post-quantum cryptography migration.

I would bet against Q day by 2030, but I wouldn't bet against it at 10:1 odds. ~10% risk is unacceptably high here, so I'm very in favor of transitioning to quantum-safe cryptography by 2029: blog.google/innovation-a...

Yes this means I 90% expect to be made fun of in 2030. Oh well.

"Lack of scalability is enough for Cloudflare to disqualify Quantum Key Distribution (QKD) outright: if a technology can’t bring security to the whole Internet, we’re not going to spend much time... "Lack of scalability is enough for Cloudflare to disqualify Quantum Key Distribution (QKD) outright: if a technology can’t bring security to the whole Internet, we’re not going to spend much time on i...

Interestingly, all the pushback against this post seems to be on... LinkedIN. www.linkedin.com/posts/baswes...

You don’t need quantum hardware for post-quantum security Post-quantum cryptography protects against quantum threats using today’s hardware. Quantum tech like QKD may sound appealing, but it isn’t necessary or sufficient to secure organizations.

"Lack of scalability is enough for us to disqualify QKD outright: if a technology can’t bring security to the whole Internet, we’re not going to spend much time on it."

Quantum Key Distribution (as opposed to post-quantum cryptography) has many problems, but this succinctly captures the core issue.