As with any quantum computing news, I will wait for Scott Aaronson to tell me what to think about this.
replies(6):
https://www.nature.com/articles/s41586-025-09526-6
In the last sentence of the abstract you will find:
"These results ... indicate a viable path to practical quantum advantage."
And in the conclusions:
"Although the random circuits used in the dynamic learning demonstration remain a toy model for Hamiltonians that are of practical relevance, the scheme is readily applicable to real physical systems."
So the press release is a little over-hyped. But this is real progress nonetheless (assuming the results actually hold up).
[UPDATE] It should be noted that this is still a very long way away from cracking RSA. That requires quantum error correction, which this work doesn't address at all. This work is in a completely different regime of quantum computing, looking for practical applications that use a quantum computer to simulate a physical quantum system faster than a classical computer can. The hardware improvements that produced progress in this area might be applicable to QEC some day, this is not direct progress towards implementing Shor's algorithm at all. So your crypto is still safe for the time being.
Where is the exact threat?
As far as i am aware, eliptic curve is also vulnerable to quantum attacks.
The threat is generally both passive eavesdropping to decrypt later and also active MITM attacks. Both of course require the attacker to be in a position to eavesdrop.
> Let’s say you crack the encryption key used in my bank between a java payment processing system and a database server.
Well if you are sitting in the right place on the network then you can.
> how do you mitm this traffic?
Depends on the scenario. If you are government or ISP then its easy. Otherwise it might be difficult. Typical real life scenarios are when the victim is using wifi and the attacker is in the physical vicinity.
Like all things crypto, it always depends on context. What information are you trying to protect and who are you trying to protect.
All that said, people are already experimenting with PQC so it might mostly be moot by the time a quantum computer comes around. On the other hand people are still using md5 so legacy will bite.
Not really. This would be if not instantly then when a batch goes for clearing or reconciliation, be caught -- and an investigation would be immediately started.
There are safeguards against this kind of thing that can't be really defeated by breaking some crypto. We have to protect against malicious employees etc also.
One can not simply insert bank transactions like this. They are really extremely complicated flows here.