What is Quantum Computing? A Developer's Guide
You will never program a quantum computer. But a quantum computer will break your code.
That statement is not hyperbole. The cryptographic algorithms protecting your API keys, your TLS connections, and your users' data rely on mathematical problems that quantum computers are specifically designed to solve. The encryption you depend on today has an expiration date.
This guide explains quantum computing in terms a developer can act on. No physics degree. No mathematical notation. Just the concepts that matter for your code and your security posture.
Classical Computers — What You Already Know
Every classical computer, from the laptop running your IDE to the server handling your API requests, operates on the same principle: binary bits. Each bit is either 0 or 1. Transistors switch on or off. Logic gates combine these switches into arithmetic, conditionals, and everything else you build software on.
Classical computation is deterministic and sequential at its core. Even with parallelism across multiple cores, each core processes one set of instructions at a time. When your code sorts a list or factors a number, it follows a fixed sequence of steps. The time it takes grows predictably with the input size — the complexity classes you learned about still apply.
This model has served us extraordinarily well for 80 years. But certain mathematical problems remain stubbornly hard for classical machines, no matter how many cores or how much memory you throw at them. Those problems happen to be the foundation of modern cryptography.
Quantum Computers — The 3-Minute Version
Quantum computers operate on fundamentally different principles. Three concepts matter:
Qubits: Computing on Many Values at Once
A classical bit holds one value: 0 or 1. A qubit can exist in a superposition of both states simultaneously. Think of a coin spinning in the air — it is neither heads nor tails until it lands. A qubit is neither 0 nor 1 until you measure it.
The power scales exponentially. Two qubits in superposition represent four states at once. Ten qubits represent 1,024 states. Three hundred qubits represent more states than there are atoms in the observable universe. A quantum computer with enough qubits can explore an enormous solution space in a single operation.
Entanglement: Correlated Qubits
When qubits become entangled, measuring one instantly determines the state of the other, regardless of physical distance. This is not just a curiosity — it is a computational resource. Entanglement lets quantum algorithms create correlations between qubits that enable computational shortcuts impossible on classical hardware.
Think of entanglement as a coordination mechanism. While classical parallelism requires explicit synchronization (locks, barriers, message passing), entangled qubits coordinate inherently. This lets quantum algorithms solve certain problems by exploring correlated paths through the solution space simultaneously.
Interference: Amplifying the Right Answer
Superposition and entanglement alone are not enough. The final ingredient is quantum interference — the ability to amplify the probability of correct answers and cancel out wrong ones.
Imagine a maze solver that explores all paths at once. Without interference, you would get a random path when you measured the result. Interference nudges the probabilities so that the correct answer — the shortest path — becomes overwhelmingly likely. Quantum algorithms are carefully designed to make the right answer constructively interfere with itself and the wrong answers destructively cancel out.
What Quantum Computers Are Good At
Quantum computers are not universally faster. They do not make your web server respond quicker or your database queries run faster. They are specialized machines that excel at specific problem types.
Shor's Algorithm: Breaking Public-Key Cryptography
In 1994, mathematician Peter Shor designed a quantum algorithm that factors large integers in polynomial time. On a classical computer, no known algorithm can do this efficiently — and that difficulty is exactly what RSA encryption relies on.
Shor's algorithm also solves the discrete logarithm problem, which underpins Elliptic Curve Cryptography (ECC). A sufficiently powerful quantum computer running Shor's algorithm would break RSA, ECDSA, ECDH, and every other asymmetric algorithm based on factoring or discrete logarithms.
Grover's Algorithm: Weakening Symmetric Crypto
Grover's algorithm searches an unsorted database of N items in roughly √N steps instead of N. Applied to cryptography, it effectively halves the security level of symmetric algorithms. AES-256 drops to an effective 128-bit security level — still strong enough to be safe, but AES-128 would drop to 64-bit, which is not.
What Quantum Computers Cannot Do
Quantum speedups are not universal. Most everyday computational tasks — sorting, searching indexed data, running neural networks, rendering graphics — get no meaningful quantum advantage. Your React app will not run faster on a quantum computer.
The Timeline — When Should You Worry?
Today's quantum computers are noisy intermediate-scale quantum (NISQ) devices. IBM's processors have surpassed 1,000 qubits, and Google has demonstrated quantum error correction milestones. But these machines are not yet capable of breaking real-world encryption. The qubits are too noisy, and the error rates too high.
Estimates for a cryptographically relevant quantum computer (CRQC) — one powerful enough to break RSA-2048 — range from the early 2030s to the mid-2040s. No one knows the exact date, and anyone claiming certainty is speculating.
The critical insight: cryptographic migration takes years, not weeks. Identifying every place your software uses RSA or ECDSA, selecting replacements, updating protocols, testing for compatibility, and deploying changes across your infrastructure is a multi-year effort. Organizations that start migrating now will be ready. Organizations that wait for the threat to materialize will not.
Classical vs. Quantum Capabilities
Classical Computer | Quantum Computer | |
|---|---|---|
| Bit type | Binary (0 or 1) | Qubit (superposition of 0 and 1) |
| Factor large integers | Exponential time (infeasible) | ✓ Polynomial time (Shor's) |
| Break RSA-2048 | Billions of years | ✓ Hours (estimated) |
| Search unsorted data | O(N) — check every item | ✓ O(√N) — Grover's algorithm |
| Run your web server | Optimized for this | Not applicable |
| Train ML models | Highly optimized (GPUs) | No practical advantage |
| Available today | ✓ Yes | Limited (noisy, small-scale) |
What This Means for Your Code
Not all cryptography is equally threatened. The dividing line is simple: asymmetric (public-key) algorithms are broken; symmetric algorithms are fine.
| Algorithm | Type | Quantum-Safe? | Notes |
|---|---|---|---|
| RSA-2048 | Key exchange / signatures | No | Broken by Shor's algorithm |
| ECDSA (P-256) | Signatures | No | Broken by Shor's algorithm |
| ECDH (P-256) | Key exchange | No | Broken by Shor's algorithm |
| AES-256 | Symmetric encryption | Yes | Grover's halves to 128-bit effective — still strong |
| SHA-256 | Hash function | Yes | Grover's halves to 128-bit effective — still strong |
| Kyber768 (ML-KEM-768) | Key encapsulation | Yes | Lattice-based, NIST FIPS 203 standard |
| Dilithium3 (ML-DSA-65) | Signatures | Yes | Lattice-based, NIST FIPS 204 standard |
Your asymmetric cryptography (RSA, ECC) needs replacing. Your symmetric cryptography (AES, SHA) is fine. The replacements — Kyber768 and Dilithium3 — are already standardized by NIST and available today.
Next Steps
The quantum threat to encryption is real, but the solution already exists. NIST has standardized quantum-safe algorithms, and Qpher makes them accessible through a simple API.
The next article in this learning path explains a specific attack that makes this threat urgent today, not just someday in the future: adversaries are already collecting your encrypted data, waiting to decrypt it when quantum computers arrive.
Ready to see what quantum-vulnerable code looks like in your own projects? Run pqc-check on your codebase to find quantum-vulnerable cryptographic patterns automatically.
For a hands-on introduction to Qpher, see the Introduction to Qpher.