Exclusive Student Offer

Prime for Young Adults

Get a 6-month trial with premium college perks & fast delivery.

Start Free Trial
Listen Anywhere

Audible Standard Trial

Get 30 days of audiobooks free. Cancel anytime, keep your books.

Claim Free Books

Google researchers have proven that quantum computers could crack the encryption behind Bitcoin & Co. with significantly less computing effort than previously assumed.

• The vulnerability was published for the first time using a zero-knowledge proof
• Almost all common blockchains base their security on the affected elliptic curve cryptography
• Store-now-decrypt-later attacks make the risk relevant today


Quantum attack on cryptocurrencies: What Google calculated

On March 31, 2026, Ryan Babbush, Director of Research for Quantum Algorithms at Google, and Hartmut Neven, VP of Engineering at Google Quantum AI, published a white paper with updated resource estimates for a quantum attack on the so-called 256-bit Elliptic Curve Discrete Logarithm method (ECDLP-256), on which elliptic curve cryptography is based. Their central result: Two newly compiled quantum circuits that implement Shor’s algorithm on ECDLP-256 require fewer than 1,200 or 1,450 logical qubits and 90 or 70 million Toffoli gates. On a superconducting qubit system with fewer than 500,000 physical qubits, these calculations could be performed in minutes, assuming hardware assumptions compatible with some of Google’s current quantum processors.

This corresponds to a reduction of a factor of 20 compared to previous estimates. The researchers describe this step not as a leap, but as a continuation of a long history of incremental optimizations in compiling quantum algorithms into fault-tolerant circuits. A cryptographically relevant quantum computer, or CRQC for short, does not yet exist at this point in time. However, the new numbers shift the threshold at which it becomes realistic.

Which cryptocurrencies are at risk from quantum gaps

Almost all common blockchains and cryptocurrencies rely on ECDLP-256 for central security functions. Bitcoin and Ethereum are the most prominent examples. Coinbase, one of the largest crypto trading venues in the world, notes in a January 2026 blog post: “Most modern blockchains, including Bitcoin and Ethereum, are based on elliptic curve cryptography. While these systems remain secure today, the arrival of large-scale quantum computers could ultimately weaken or break them.” Coinbase CEO Brian Armstrong reiterated in late March 2026 that he is making post-quantum security a personal priority after the company’s chief security officer Philip Martin hailed Google’s latest quantum research as a significant signal for the industry.

Ethereum co-founder Vitalik Buterin had already warned in November 2025 that Ethereum’s elliptical cryptography could become vulnerable by 2028. Bitcoin, on the other hand, according to Coinbase security chief Martin, does not yet have a clear migration plan. Jameson Lopp, chief security officer at self-custody provider Casa, estimated in December 2025 that an upgrade to quantum-resistant processes for Bitcoin could take up to ten years.

Today’s underestimated quantum risk

While a functional CRQC is still pending, Babbush and Neven emphasize in their white paper that some of the risk does not arise with its arrival. The principle behind it: Attackers can intercept and store encrypted data today in order to decrypt it at a later point in time using a powerful quantum computer. In its security blog from March 25, 2026, Google describes this as a store-now-decrypt-later attack and classifies the threat to encryption as already relevant today. Specifically, this affects wallet addresses that have been publicly exposed or reused. The more public keys are visible on the blockchain, the larger the potential attack surface for a future CRQC. Google therefore expressly recommends neither disclosing nor reusing vulnerable wallet addresses.

Google’s recommendations until 2029

On March 25, 2026, Google announced its migration schedule to post-quantum cryptography by 2029. Google VP of Security Engineering Heather Adkins and Senior Staff Cryptography Engineer Sophie Schmieg wrote that this timeline reflects migration needs in light of recent advances in quantum hardware, error correction and resource estimation. PQC refers to cryptographic methods that are designed to withstand attacks by quantum computers.

The US National Institute of Standards and Technology (NIST) has already published three finalized PQC standards: FIPS 203, FIPS 204 and FIPS 205, including the ML-DSA algorithm for digital signatures. Google is already integrating ML-DSA into Android 17. The Ethereum Foundation published a dedicated post-quantum security page in March 2026 and says it is planning up to seven protocol forks by 2029 in order to gradually convert Ethereum to quantum-secure processes. At the execution layer level, the Foundation relies on account abstraction, which allows users to migrate voluntarily without forcing an abrupt network-wide switch.

In its white paper, Google names not only the Ethereum Foundation but also Coinbase and the Stanford Institute for Blockchain Research as actors with whom collaboration is already underway.

Paul Schütte, editorial team at finanzen.net

By the way: Alphabet A (ex Google) and other US stocks can even be traded on finanzen.net ZERO until 11 p.m. (without order fees, plus spreads). Open a depot now for free and secure a new customer bonus!

Selected leverage products on Alphabet A (ex Google)

With knock-outs, speculative investors can participate disproportionately in price movements. Simply select the lever you want and we will show you suitable open-end products on Alphabet A (ex Google)

Advertising

ttn-28

Get Audible 30-Day Free Trial

As an Amazon Associate, we earn from qualifying purchases.