Pruden argues that to defend against a quantum computer capable of cryptographically relevant operations, we need post-quantum cryptography and regulatory coordination that the industry has been deferring for years.

ast month, the United States Commerce Department signed letters of intent to award just over $2 billion to nine quantum computing companies building the machines that break the cryptography defending Bitcoin and Ethereum, and the cryptography that the rest of the internet runs on.

These are not simply research grants. They represent industrial policy for manufacturing scale, and an investment in long-term equity outcomes where the government hopes to turn a profit. IBM is getting $1B to stand up a quantum-grade superconducting wafer foundry. GlobalFoundries is getting $375M for a multi-architecture fab. The remaining $636M is split across seven companies actually building quantum computers, across superconducting, trapped ion, photonic and neutral-atom modalities.

When a country builds purpose-built fabrication facilities for a technology, it is no longer asking whether that technology works. It is asking how fast it can scale. The Commerce Department believes quantum to be beyond the experimental, “maybe one day” phase, and wants to win the race to a cryptographically relevant quantum computer (CRQC) before its adversaries. Being able to break widely used cryptography is a very powerful advantage that every government would love to have.

To defend against a CRQC, we need post-quantum cryptography. The defense side has no comparable backer.

By all public accounts, quantum computing capabilities are developing quickly. Google’s quantum researchers have spent the last twelve months publishing increasingly aggressive resource estimates for breaking elliptic curve cryptography. This public research raised alarms; going forward, it is likely that only a small fraction of the field’s research will be public. The conclusion and the recommendation of experts is that migration to post-quantum cryptography should begin immediately.

The gap is not a funding gap

The obvious response to the U.S. government’s announcement is that the defense side needs equivalent funding. Find an industry consortium, match the $2 billion, fund post-quantum cryptography research at the same scale, and close the gap.

That response is wrong, or at least insufficient. The issue with post-quantum defense is that everyone needs to adopt the solution at once. This is more of a coordination problem than a financial hurdle. Money can fund the offense to converge on capability. It cannot fund the defense to converge on adoption.

Securing bitcoin shows the shape of the challenge. There is one cryptographic system to defend, but the defense only works if every wallet, every custodian, every exchange and every long-dormant address moves to a new system together. Partial migration is partial protection. The defense has to propagate to millions of independent endpoints, none of which can be forced.

Read More: The U.S. government is betting $2 Billion on quantum computing, and the defense side can’t keep up