The AI conversation has a gravitational pull. Superintelligence, AGI, chatbots, model benchmarks. It is loud, and it is everywhere, and it is, in the long run, possibly not the most consequential computing development of our lifetimes.
Quantum computing does not get the same airtime. It probably should.
IBM’s cryptography researchers published work this week alongside the teams at Signal and Threema, two of the world’s most trusted secure messaging platforms, on the problem of making private communication safe against quantum machines that do not yet exist at full scale but are getting closer. The immediate story is technical and important. The larger story is stranger and more exciting than the coverage it receives.
Here is the thing: quantum computing actually does that, which makes it different from everything that came before. A classical computer, no matter how powerful, processes information the same fundamental way your calculator does: ones and zeroes, on or off, this or that. A quantum computer uses qubits, which, through superposition, can represent not one state or another but an enormous range of probabilities simultaneously. Entangle those qubits together, and the machine begins to explore computational possibilities that a classical system would need, in some cases, a billion years to work through sequentially. IBM’s blog put it exactly that way, not as hyperbole but as a mathematical fact about current encryption standards.
That is what makes this week’s announcement more than a routine security collaboration. The encryption protecting Signal’s messages, your bank’s servers, health records, and government communications is built on mathematical problems that are practically unsolvable for classical computers. Quantum machines, at sufficient scale, will not find those problems hard. They will dissolve them.
The attack vector IBM and Signal are specifically working against has a name: harvest now, decrypt later. Someone gains access to encrypted data today, copies it, stores it, and waits until they have a machine powerful enough to read it. The data does not have to be crackable now. It just has to be worth keeping. Signal has been defending against this since 2023. The new work goes further, redesigning the private group messaging protocol from the ground up so that even metadata about who belongs to which group cannot be linked to real identities by a quantum-capable attacker. The team’s solution was to make group members themselves the gatekeepers rather than the server, with each member assigned a pseudonym key that the server can track by position without ever knowing the person behind it.
Two of the three post-quantum cryptography standards that NIST published in 2024, the closest thing to a global benchmark for surviving the quantum transition, were developed by IBM Research scientists. The third was co-developed by a researcher who has since joined IBM. That is not an advertisement. It is the context for why Signal and Threema came to IBM specifically.
We find ourselves wanting to pause on what this technology actually represents before returning to the security mechanics of it, because we think the security conversation can obscure something more fundamental. Quantum computing is not faster computing. It is a different kind of computing, one that operates by rules that feel closer to physics than engineering, that exploits properties of reality at the subatomic level to perform calculations that exist outside what classical logic can reach. The researchers building these machines are not optimising existing tools. They are working at the edge of what matter itself is capable of.
The problems that become solvable under those conditions go well beyond encryption. Drug discovery, material science, climate modelling, logistics at scales that currently exceed what any computer can simulate; these are fields where the limiting factor is not processing speed but the fundamental complexity of the problem. Quantum machines do not just do those things faster. They make categories of problems tractable that are currently intractable in principle.
None of that is here yet in full form. The machines that exist today are remarkable and still limited. The timeline to the kind of scale that breaks current encryption is genuinely uncertain. But the people who build security infrastructure cannot afford to wait for certainty, which is precisely why IBM and Signal are doing this work now rather than in five years, when the urgency will be undeniable.
The AI conversation is not going away, and it should not. But somewhere in the background of all of it, in a lab, a qubit is holding two states at once, and the implications of that are still larger than most of the discourse has caught up to.
