MICKAI®
Article · 12 July 2026

What is quantum computational advantage, and does it break encryption?

Quantum advantage is a narrow benchmark win, not a broken cipher, and the honest response is to adopt post-quantum signing and encryption now.

What is quantum computational advantage, and does it break encryption?
Author
Micky Irons
Published
12 July 2026
Follow Micky Irons
LinkedInX
sovereign aiquantum computingpost-quantum cryptographyencryptionquantum advantage

Quantum computational advantage means a quantum machine beats the best classical method on one narrow task. It does not break encryption, which needs unbuilt hardware.

The question matters in 2026 because quantum headlines arrive faster than ever, and each one is read as proof that encryption is finished. Boards, regulators and procurement teams need a clear line between a physics benchmark and a working code-breaker, so they can plan calmly rather than react to fear.

What does quantum computational advantage actually mean?

It means a quantum processor completes one carefully chosen benchmark faster than the best known classical algorithm. The task is contrived, not a useful application.

The phrase describes a specific claim: on a chosen benchmark, a quantum processor produces a result that the best classical hardware would take an impractical time to match. Researchers once called this quantum supremacy and now prefer advantage. The benchmarks are deliberately suited to quantum physics, such as sampling from the output of a random circuit. They prove the machines are real and improving. They do not perform anything a bank, hospital or ministry would recognise as useful work, and they say nothing about cryptography.

What is quantum computational advantage, and does it break encryption?, illustration 1

Did Jiuzhang, Sycamore or Willow break any encryption?

No. Each demonstrated speed on a sampling benchmark with no cryptographic use. None ran Shor's algorithm, and none factored a key or decrypted a message.

Each headline result belongs to this category of contrived benchmarks. The table below sets out what each demonstrated and whether it touches encryption.

MilestoneWhat it demonstratedDoes it break encryption?
Jiuzhang (boson sampling)Gaussian boson sampling with photonsNo; a physics benchmark, not code-breaking
Sycamore and Willow (random circuit sampling)Random circuit sampling on superconducting qubitsNo; sampling only, no cryptographic task
Future Shor-capable machineLarge fault-tolerant qubits running Shor's algorithmYes in theory; such hardware does not exist yet
What is quantum computational advantage, and does it break encryption?, illustration 2

What would it actually take to break public-key cryptography?

A large fault-tolerant quantum computer running Shor's algorithm, with millions of stable qubits and error correction far beyond today's noisy prototypes. No such machine exists.

Public-key cryptography such as RSA and elliptic-curve relies on mathematical problems that are hard for classical computers. Shor's algorithm solves them efficiently, but only on a large, error-corrected quantum computer. Today's machines carry a few hundred noisy qubits, and factoring a real key would need millions of logical qubits held stable long enough to finish. Estimates of the arrival date range from a decade to never, and every serious roadmap still puts it in the future. The gap between a physical qubit and a logical one is the crux. Error correction spends thousands of noisy physical qubits to hold a single stable logical qubit, and a cryptographically relevant machine needs those logical qubits in the thousands, not the handful demonstrated so far. That engineering distance, not any missing theory, is what keeps the threat on the horizon rather than at the door.

What is quantum computational advantage, and does it break encryption?, illustration 3

What is harvest now, decrypt later, and should we worry today?

Adversaries copy encrypted data now and store it to decrypt once quantum machines mature. The ciphertext is stolen today; the threat lands years later.

This is why the real risk is not tomorrow's headline but today's copying. An adversary intercepts encrypted traffic or exfiltrates archives now, stores the ciphertext cheaply, and waits. When a capable machine eventually appears, the old data is decrypted retroactively. Anything with a confidentiality life measured in years, such as state secrets, health records or defence design data, is already exposed to this patient strategy. Storage is cheap and patience costs nothing, so an adversary loses little by hoarding traffic it cannot yet read. The defensive move is to shorten the window during which today's captured data stays readable, by re-encrypting long-lived secrets under post-quantum schemes well before the capability lands.

What is quantum computational advantage, and does it break encryption?, illustration 4

Which post-quantum standards protect sovereign systems?

NIST's FIPS 203, 204 and 205. ML-KEM (203) encapsulates keys; ML-DSA (204) and SLH-DSA (205) produce signatures. Encapsulation and signing are separate jobs.

NIST finalised its first post-quantum standards in 2024. FIPS 203 (ML-KEM) is key encapsulation: it protects the session keys that secure data in transit, and it never signs. FIPS 204 (ML-DSA) and FIPS 205 (SLH-DSA) are digital signatures: they prove authenticity and integrity. The distinction matters because encapsulation and signing are different jobs, and a signing standard, not ML-KEM, is what seals an audit trail so every recorded action stays provable. Migration is a programme, not a switch. Crypto-agility, the ability to swap algorithms without rebuilding the system, lets an estate adopt these standards in stages and retire classical schemes as confidence grows.

How does a sovereign intelligence operating system handle the quantum threat?

By signing every action with post-quantum algorithms today. Mickai runs offline on operator-owned hardware, sealing its audit ledger with FIPS 204 and FIPS 205 signatures.

Sovereignty and post-quantum hygiene are the same discipline. Mickai is a Sovereign Intelligence Operating System, a SIOS, built and live, running offline on operator-owned hardware with every action cryptographically sealed. Its audit ledger is signed with FIPS 204 and FIPS 205, so the record survives the day classical signatures weaken. A zero-egress inbound perimeter keeps sensitive data from leaving the estate, hardware-attested identity binds every operator to the audit chain, and cross-model consensus across its 50 brains, 25 domain and 25 operational, checks results before they are trusted.

Public cloud assistants such as ChatGPT, Copilot and Gemini are the right choice for open, low-sensitivity work, and we would point a team there for exactly that. For a defence ministry or a systemically important bank, the same services stay off limits for the most sensitive data, because the US CLOUD Act can compel a US-based provider to hand over data regardless of where its servers sit, and regimes such as DORA and NIS2 demand demonstrable control. Sovereign design answers that need without any argument against a named vendor. The estate rests on 104 filed UK patent applications and 2,340 claims, owned by Mickai LTD (Companies House 17166618), filed and patent pending.

Quantum computational advantage is a milestone in physics, not a break in cryptography, and the sound response is to sign and encrypt for a post-quantum world now.

Frequently asked questions

Has any quantum computer broken RSA or AES?

No. No quantum computer has broken RSA, AES or any deployed public-key scheme. The advantage demonstrations ran sampling benchmarks with no cryptographic function. Breaking RSA needs a fault-tolerant machine running Shor's algorithm, which does not exist yet.

Do I need to act before a quantum computer exists?

Yes. Harvest now, decrypt later means encrypted data copied today can be unlocked once quantum hardware matures. Data with a long confidentiality life should migrate to post-quantum protection now, well before any capable machine arrives.

Is AES-256 safe from quantum attack?

Symmetric ciphers like AES-256 remain strong. Grover's algorithm only halves the effective key length, so AES-256 keeps roughly 128-bit security, which is ample. The urgent quantum risk sits with public-key schemes such as RSA and elliptic curve, not AES.

Which NIST standard should sign my audit logs?

For signatures, use FIPS 204 (ML-DSA) or FIPS 205 (SLH-DSA). FIPS 203 (ML-KEM) is key encapsulation and never signs. A sovereign audit ledger should be sealed with a signing standard so every entry stays verifiable long after the keys age.

How does Mickai keep an audit trail provable after quantum?

Every recorded action is sealed with a FIPS 204 or FIPS 205 post-quantum signature, so the ledger stays verifiable even when classical signatures weaken. As a SIOS running offline on operator-owned hardware, the trail is bound to hardware-attested identity and never leaves the estate.

Subscribe
Get every new Mickai article by email.

Long-form essays on sovereign AI from Micky Irons. One email per article. No tracking, no marketing, no third parties. Every email includes a one-click unsubscribe link.

Prefer RSS? Subscribe at /articles/feed.xml.

Originally published at https://mickai.co.uk/articles/what-is-quantum-computational-advantage-and-does-it-break-encryption. If you operate in a regulated sector or want sovereign AI on your own hardware, the audit form on mickai.co.uk is the entry point.
More articles