The U.S. government is betting $2 Billion on quantum computing, and the defense side can't keep up

Last month, the United States Commerce Department signed letters of intent to award just over $2 billion to nine quantum computing companies building the machines that break the cryptography defending Bitcoin and Ethereum, and the cryptography that the rest of the internet runs on.

These are not simply research grants. They represent industrial policy for manufacturing scale, and an investment in long-term equity outcomes where the government hopes to turn a profit. IBM is getting $1B to stand up a quantum-grade superconducting wafer foundry. GlobalFoundries is getting $375M for a multi-architecture fab. The remaining $636M is split across seven companies actually building quantum computers, across superconducting, trapped ion, photonic and neutral-atom modalities.

When a country builds purpose-built fabrication facilities for a technology, it is no longer asking whether that technology works. It is asking how fast it can scale. The Commerce Department believes quantum to be beyond the experimental, “maybe one day” phase, and wants to win the race to a cryptographically relevant quantum computer (CRQC) before its adversaries. Being able to break widely used cryptography is a very powerful advantage that every government would love to have.

To defend against a CRQC, we need post-quantum cryptography. The defense side has no comparable backer.

By all public accounts, quantum computing capabilities are developing quickly. Google's quantum researchers have spent the last twelve months publishing increasingly aggressive resource estimates for breaking elliptic curve cryptography. This public research raised alarms; going forward, it is likely that only a small fraction of the field's research will be public. The conclusion and the recommendation of experts is that migration to post-quantum cryptography should begin immediately.

The gap is not a funding gap

The obvious response to the U.S. government’s announcement is that the defense side needs equivalent funding. Find an industry consortium, match the $2 billion, fund post-quantum cryptography research at the same scale, and close the gap.

That response is wrong, or at least insufficient. The issue with post-quantum defense is that everyone needs to adopt the solution at once. This is more of a coordination problem than a financial hurdle. Money can fund the offense to converge on capability. It cannot fund the defense to converge on adoption.

Securing bitcoin shows the shape of the challenge. There is one cryptographic system to defend, but the defense only works if every wallet, every custodian, every exchange and every long-dormant address moves to a new system together. Partial migration is partial protection. The defense has to propagate to millions of independent endpoints, none of which can be forced.

The federal government has already drawn the lines. The transition to post-quantum cryptography standards, outlined in the NIST IR 8547, sets specific deadlines: RSA-2048 and ECDSA at 112-bit security are deprecated in 2030 and disallowed in 2035; every quantum-vulnerable public-key algorithm is prohibited in NIST standards after 2035. National Security Memorandum 10 directs federal systems to mitigate quantum risk on the same horizon. These are not aspirational targets. They are dates that compliance officers, vendors and procurement officers across the federal government are already planning against.

The digital asset industry should be held to the same schedule. The Clarity Act, now moving through Congress, gives federal regulators their first comprehensive framework for digital asset oversight. That framework should require custodians, exchanges and stablecoin issuers operating in the United States to publish post-quantum migration plans, with milestones that align to NIST's 2030 and 2035 deadlines. The CHIPS Act accelerated the offense. The Clarity Act framework can force the defense to keep pace. The U.S. Department of the Treasury and the SEC have the standing to enforce it. They should use it and force coordination that the industry has been deferring for years.

Note: The views expressed in this column are those of the author and do not necessarily reflect those of CoinDesk, Inc. or its owners and affiliates.