Quantum Indicators: What if China Gets a Quantum Computer First?

Black holes are a natural phenomenon that occurs in space and from which nothing, not light, not information, can escape. The implication being that what goes into a black hole does not come out and we cannot observe what’s inside. It’s also a good way to describe the state of quantum computing research inside the People’s Republic of China (PRC). To technology and China watchers, this comes as no surprise. But there’s a deeper threat here. The development of a cryptoanalytically relevant quantum computer (CRQC) inside this black hole creates incentives to keep any breakthroughs a secret. Understanding this, the US scientific and intelligence communities need to develop a framework of tripwires and indicators that, if observed, may indicate the operation of a CRQC before such a device is available in the West. This post provides a framework of indicators that should be integrated into the National Intelligence Priorities Framework (NIPF) as a counterintelligence and science and technology imperative. We might accept black holes in nature, but we cannot accept them as a matter of national security. The Threat Classical computing devices (phones, tablets, laptops) are deterministic in nature. That means that the computation done inside your device is a matter of linear 1s and 0s, binary code or individual bits. Everything that happens inside your computer can be tracked back to how different electrical pulses represent binary code inside the chips inside your CPU. As time goes on, chips hold more and more transistors giving your computer the ability to process more binary code faster and in parallel. However, calculations are still done linearly, one number at a time. It is fast, but there is still time associated with it. Quantum computers are entirely different making them better at problems that are practically impossible for classical computers. Quantum computers are probabilistic meaning that they do not read binary code linearly. Due to the quirky characteristics of quantum particles, they can perform calculations in a new way using qubits, the basic unit of computation in a quantum computer associated with quantum particles. Let’s take a real-world example: RSA encryption , which is the asymmetric encryption scheme on which we based the security of our information on the internet, is based on relatively simple math that classical computer find difficult to do. Deterministic computation means that guessing the prime number factors (private key) of a really big number (public key) takes literal billions of years. It’s not impossible but is practically impossible since by the time the key is broken, whatever you were trying to find is long gone. In deterministic computing, the computer has to check each potential answer individually. One at a time. It’s faster than a human but it still takes time. If your data is secure for a billion years, we can call that good. Subscribe now All of this changes when you apply a quantum computer, and Shor’s Algorithm , to the problem. Unlike a classical computer, quantum computers do not have to check every potential answer individually. They can check every possible answer at once and identify the correct answer in seconds to minutes, NOT billions of years. This an incredibly complex process on which some of the world’s best engineers and physicists are working, but this is the TL;DR. Encryption on which the internet depends broken fast. At this point, the threat should be clear. If all of our internet-based communications, financial transactions, and personal information can be broken quickly, that is an attractive capability for a nation-state to have. While there are many other applications for quantum computing, this one presents a geopolitical risk and is the catalyst behind a quiet, but very real, statecraft capabilities arms race. Chinese Funding and IP Theft The utility of being first in the CRQC race is not lost on China any more than it is lost on Western countries. From an intelligence aspect, this is a capability that is worth the investment. We know China has interest in quantum computing from these public documents. We also know that China is not exactly forthcoming about how much funding is going into their quantum research. We have these numbers for Western countries thanks to public investment and venture backed efforts. No such luck in China. So, the question is: How far along is China in a CRQC development? The answer? We don’t know. I’ve been asked many times in the last 5 years about how soon a CRQC will be online. The frustrating, but accurate, answer is that we are one breakthrough away. The problem with a CRQC is an engineering problem, not a physics limitation. The physics supports the building of a CRQC, we (humans) just need to figure out how to build the hardware. This isn’t simple but it is also not physically limited. So, whereas we do not have the ability to do it today, we are…one breakthrough away. In the West, we have a gauge on how close/far away we might be from such a breakthrough. No such luck in China. What we also know is that China engages in state-sponsored intellectual property (IP) theft . We know China prioritizes dominance in emerging technologies to include AI and quantum. It does not take a seasoned China intelligence analyst to see that there is an excellent chance that China is attempting to shortcut their path to a CRQC by stealing the IP of quantum firms in the US and Europe at a minimum. R&D is an expensive and time-consuming undertaking, which is an area where the US excels. If you do not have to go through a long and expensive R&D process, you shortcut your path to the technology AND save a bunch of money. The US intelligence community does not engage in espionage to benefit private companies in economic competition. No such luck in China. Together, the threat begins to crystalize. China is in hot pursuit of a CRQC, but it is doing so inside a black hole into which large state subsidies and stolen IP enter, but no information emerges. How is the national security establishment to handle this problem? How would we know if China gets to a CRQC before us? We need a comprehensive set of indicators and tripwires that are fed into the NIPF and turn into active collection requirements for the intelligence community and our close allies. Indicators and Tripwires When the British broke the Enigma code, they were willing to go to extraordinary lengths to protect the code. They allowed troops to be bombed, ships to be sunk, all in defense of the secrecy of their real weapon. A CRQC that is developed in China before the West should be considered in the same way. To begin, we must make some assumptions: China will go to great lengths to protect a CRQC from disclosure. China will limit the number of people who are aware of a CRQC to the lowest number possible. China will attempt to keep the spotlight off of any of its primary S&T projects. China will use its CRQC capability sparingly, chiefly focusing on the encrypted files it has already taken through steal now, decrypt later practices. With these assumptions, we can gather some categories under which we can group potential observations: Intelligence Collection Activities In general, China will want very little to change publicly. The black hole should remain black. Quantum research at Chinese universities should continue. The goal is to give the West no reason to believe anything is different. A change from the black hole approach to a transparent approach would be an indicator of a shift. While the public facing activities may not change, there would almost certainly be subtle but observable shifts in non-public activities such as intelligence collection. Share Risking exposure of a CRQC due to an intelligence row is a risk that is beyond tolerance. So, there would need to be a reduction in the highest risk intelligence collection activities, but not a complete stoppage. We would expect to see some of the riskiest collection activities slow or stop completely. Not traditional political intelligence collection but risky collection on S&T projects. That indicator may point to a CRQC. In the area of IP theft, China would have to continue its work in what the West calls steal now, decrypt later. That work cannot stop because it would be an easy tip of the hand for the West to pick up. If China is very worried about detection of changes in its IP theft activities, it may even choose to have some cyber operations or even human non-traditional collectors caught for strategic reasons. If there is a very public bust of an IP theft operation, it would indicate strongly that China still needs IP to complete its project. This could be a misdirection to preserve the assessments of intelligence agencies that China does not have a CRQC. With these assumptions, and with the full classified understanding of the NIPF, the IC should develop a set of indicators and tripwires to watch for as we continue to pay attention to the potential development of a Chinese CRQC. Academic Indicators In academia, China is known for producing a large quantity of academic papers that often result in fewer citations than Western papers in emerging tech areas like AI. Following a quantum breakthrough, the Chinese Communist Party (CCP) is likely to control the information released through academic channels to be extra careful about not revealing anything sensitive. We may see a slowdown in the volume of papers or we may see the papers concentrate on a particular approach to CRQC development as a way to draw the spotlight away from the breakthrough. Market Indicators A CRQC gives the country possessing it the ability to decrypt sensitive files, specifically those files that have been stolen but are waiting to be decrypted. Those files will contain, among other thing, the IP and trade secrets of other technologies. If we see significant Chinese breakthroughs in other technology areas, even if not dual use, that could be an indicator. The same can be said for investments. Having access to trade data and confidential business information will present an opportunity for market wins that may be difficult for an easy credit issuing and high debt country to resist. Back to our example from WWII, the scientists at Bletchley Park could not only break the Enigma code but had to also invent an analytical framework to protect their discovery. In the same way, the US cannot only work on cryptographic transition but also must create an analytical capability to detect signs of an CRQC being used against it. Fortunately, other emerging technologies are reaching an inflection point where they can complete the full picture of quantum preparation. A Call to Action The pace of development combined with world events that impact technology development demand national security agencies employ AI to constantly and dynamically evaluate the factors above and provide an ongoing risk assessment to decision makers. To build this capability, we have the following recommendations:  The National Security Council and Office of Science and Technology Policy should write a complementary document to National Security Memorandum-10 that addresses mitigation measures in the event an adversary obtains a CRQC before the projected timeline. The memorandum should include:  Specific analytic factors required to show indicators of a CRQC deployment;  A responsible agency for the capability’s development, likely ODNI;  A timeline for deployment;  An outline for the functions and capabilities of the system; and  A mandate to identify data sources.  The new national security memorandum should be kept secret to avoid providing adversaries with a roadmap on how to avoid detection.  Promote open quantum research and development programs as a core diplomatic platform with allies and partners  Create and adopt system-specific output classification and information sharing policies to ensure smooth communication with critical infrastructure stakeholders.  In an era with orders of magnitude less information and data, the Bombe at Bletchly Park was one of the tightly guarded secrets in the history of statecraft not because of its direct destructive power but because of its power with information. An operational CRQC would be a much more powerful weapon used against far more information that has the potential to bring devastating effects. As development continues, US and allied policy makers must take a step beyond the transition to PQC. They must prioritize intelligence collection requirements that will provide indicators that China has developed an operational CRQC before the US or its allies. The power conferred on the first country to have a CRQC in an information saturated world makes the choice to keep it a secret obvious. The West has developed it quantum computing capabilities in the open to date, but the same is not true in China. Chinese leaders are unlikely to publicize such a breakthrough because of how valuable the capability would be. While the country continues to work toward a PQC transition, it should also develop a program designed to provide technical and geopolitical analysts the indicators they need to assess whether China has obtained or will soon obtain a CRQC. Emerging technologies such as quantum computing and AI will continue to develop rapidly and will continue to be used as instruments of state power by great power competitors. Current asymmetric cryptography was thought to be unbreakable until a major emerging technology breakthrough threatened it. This will not be the last time that a major technology breakthrough will call our accepted realities into question so we must build an early warning system to help us see these changes coming and to take preemptive action. A CRQC indicator program as outlined above would accomplish this for quantum computing but other such programs should be developed for other emerging technologies with statecraft implications. The intelligence community can capture the data we need to achieve this, they just need to be directed at the right requirements in support of the right policy goals. Ensuring security of our vital information is the right goal. We now need the indicators so our analysts and collectors can continue giving us an edge in our national security. Connect with us: LinkedIn , Bluesky , X , Website To learn more about the services we offer, please visit our product page. Nick Reese is the cofounder and COO of Frontier Foundry and an adjunct professor of emerging technology at NYU. He is a veteran and a former US government policymaker on cyber and technology issues. Visit his LinkedIn here . This post was edited by Thomas Morin, Marketing Analyst at Frontier Foundry. View his Substack here and his LinkedIn here . Leave a comment