Split View: 양자컴퓨터 2025: Google Willow 105큐비트, Microsoft 위상 큐비트, IBM 10만 큐비트 로드맵 — 개발자가 알아야 할 모든 것

Quantum Computing 2025: Google Willow, Microsoft Topological Qubits, IBM 100K Qubit Roadmap

• 1. Quantum Computing: Why You Should Pay Attention Now
  • Why 2024-2025 Is the Turning Point
  • Google Willow: 10^25 Years Compressed to 5 Minutes
  • Microsoft Majorana 1: The Path to 1 Million Qubits
• 2. Quantum Computing Fundamentals: A Developer's Guide
  • Qubits = Probabilistic Bits
  • Entanglement = Quantum Correlation
  • Classical Bits vs Qubits Comparison
  • Quantum Gates = Extensions of Logic Gates
• 3. Deep Comparison of the Three Quantum Leaders
  • Google Willow (105 Qubits)
  • IBM: From Heron to Blue Jay
  • Microsoft Majorana 1: The Topological Qubit Challenge
  • Three-Company Comparison Table
• 4. The Day Quantum Breaks Encryption: Q-Day
  • What Is Q-Day
  • Q-Day Prediction Timeline
  • Quantum Resources Required to Break RSA-2048
  • NIST PQC Standards (August 2024)
  • U.S. PQC Transition Mandate
• 5. The Quantum + AI Intersection
  • Google: Quantum-AI Physics Simulation
  • McKinsey Analysis: Quantum Solves AI Bottlenecks
  • Three Approaches to Quantum Machine Learning
  • Hybrid Quantum-Classical Systems
• 6. Quantum Computing Ecosystem Map
  • Hardware Players
  • Cloud Quantum Services
  • Software Frameworks
  • Framework Selection Guide
• 7. What Developers Should Prepare
  • PQC Migration Checklist (Start Immediately)
  • Getting Started with Qiskit/Cirq
  • Audit Your Cryptographic Libraries
  • Defending Against "Harvest Now, Decrypt Later" Attacks
• 8. Quantum Computing Timeline
  • Technology Development Roadmap
  • Developer Action Timeline
• Hands-On Quiz
  • Q1. What is Google Willow's most important achievement?
  • Q2. Why are Microsoft Majorana 1's topological qubits theoretically advantageous over conventional superconducting qubits?
  • Q3. What does the "Harvest Now, Decrypt Later" attack mean for developers?
  • Q4. What is the difference between CRYSTALS-Kyber (ML-KEM) and CRYSTALS-Dilithium (ML-DSA) in NIST PQC standards?
  • Q5. What are three quantum security preparations developers can start immediately?
• References

1. Quantum Computing: Why You Should Pay Attention Now

Quantum computing has been labeled a "future technology" for decades. But in 2024-2025, the landscape fundamentally shifted. Google completed a computation with its 105-qubit chip in just 5 minutes that would take classical supercomputers 10 to the power of 25 years. Microsoft unveiled an entirely new topological qubit chip. IBM presented a roadmap to 100,000 qubits by 2033.

This is no longer an academic story. Changes that will directly impact developers' daily work have begun.

Why 2024-2025 Is the Turning Point

Why now? Three decisive breakthroughs occurred simultaneously in quantum computing history during 2024-2025.

First, the error correction barrier fell. Google Willow demonstrated "below threshold" error correction for the first time, where adding more qubits actually reduces errors. This milestone took approximately 30 years since Peter Shor proposed quantum error correction in 1995.

Second, hardware diversity materialized. Superconducting (Google, IBM), topological (Microsoft), trapped ion (IonQ), and neutral atom (Atom Computing) approaches all achieved meaningful progress. The era of dependence on a single technology is over.

Third, practical benchmarks emerged. Instead of academic demonstrations, real physics simulations exceeded supercomputer performance.

Google Willow: 10^25 Years Compressed to 5 Minutes

In December 2024, Google announced the Willow quantum chip, achieving two historic milestones.

Achievement 1: Breaking the Error Correction Threshold

The biggest obstacle for quantum computers is errors. Qubits are extremely unstable and easily perturbed by external interference (heat, electromagnetic waves, vibrations). To compensate, multiple physical qubits are grouped into one "logical qubit," but previously, adding more qubits also increased errors.

Willow broke this dilemma. When scaling from a 3x3 qubit lattice to 5x5 and then 7x7, the error rate halved at each step, demonstrating "exponential error suppression." This means the system becomes more stable as you connect more qubits. It was the first proof of quantum computing's scalability.

Achievement 2: Crushing Supercomputers on RCS

In the Random Circuit Sampling (RCS) benchmark, Willow completed in about 5 minutes what the world's most powerful supercomputer (Frontier) would take 10 to the power of 25 years to compute. That duration vastly exceeds the age of the universe (13.8 billion years). While RCS is a benchmark rather than a practical problem, it quantitatively demonstrates the computational power of quantum systems.

Achievement 3: Real-World Physics Simulation (October 2025)

In October 2025, Google used a 65-qubit Sycamore chip to perform a gas diffusion simulation (Kicked Ising model) that was 13,000 times faster than the Frontier supercomputer. This represents one of the first cases where a quantum computer outperformed a classical computer on a real scientific problem.

Microsoft Majorana 1: The Path to 1 Million Qubits

In February 2025, Microsoft presented an entirely different path for quantum computing. The Majorana 1 chip uses topological qubits rather than conventional superconducting qubits or trapped ions.

What Are Topological Qubits?

If a regular qubit is like "a pencil balanced on its tip," a topological qubit is like "a knot tied in a rope." The pencil falls at the slightest breeze, but a knot doesn't easily come undone. Topologically protected quantum states are far more resistant to environmental noise.

Microsoft developed a new material called "topoconductor" combining indium arsenide (InAs) and aluminum (Al), demonstrating an 8-qubit chip. The numbers look small, but Microsoft claims this approach can scale to 1 million qubits on a single chip.

Key Controversy

Scientific community reactions to Majorana 1 are mixed. A Nature editorial raised concerns about insufficient independent verification. Microsoft previously claimed to have discovered Majorana particles in 2018, only to retract the paper due to data processing errors, so careful verification is needed.

However, Microsoft's participation in DARPA's US2QC (Utility-Scale Quantum Computing) program supports the technology's legitimacy.

2. Quantum Computing Fundamentals: A Developer's Guide

Understanding quantum computing requires three core concepts: qubits, superposition, and entanglement.

Qubits = Probabilistic Bits

A classical bit is either 0 or 1. Like a light switch: on or off.

A qubit exists in a superposition of 0 and 1. Using a developer-friendly analogy:

# Classical bit: deterministic
classical_bit = 0  # or 1

# Qubit: probabilistic (conceptual)
qubit = 0.6 * state_0 + 0.8 * state_1
# Measurement yields 0 with 36% probability, 1 with 64%
# (0.6^2 = 0.36, 0.8^2 = 0.64)

The key insight: before measurement, the qubit simultaneously holds both 0 and 1 states. This is the source of parallelism.

Entanglement = Quantum Correlation

When two qubits become entangled, determining one's state instantly determines the other's. Regardless of distance.

# Conceptual: entangled qubit pair
entangled_pair = "00" or "11"  # both 0 or both 1
# If qubit_A measures 0, qubit_B must be 0
# If qubit_A measures 1, qubit_B must be 1

This isn't "information transfer" but "correlation." However, leveraging this correlation enables computation patterns impossible for classical computers.

Classical Bits vs Qubits Comparison

Quantum Gates = Extensions of Logic Gates

Just as classical computing builds all operations from AND, OR, and NOT gates, quantum computing constructs operations from quantum gates.

Key Quantum Gates:

• H (Hadamard): Places a qubit into superposition. Transforms 0 to "0+1", 1 to "0-1"
• CNOT (Controlled-NOT): Creates entanglement between two qubits. Flips the target qubit if the control qubit is 1
• T Gate: Adjusts phase. Essential for universal quantum computation
• Measurement: Collapses superposition to 0 or 1. Quantum information is destroyed in the process

# Creating a Bell State with Qiskit - the simplest entanglement
from qiskit import QuantumCircuit

qc = QuantumCircuit(2, 2)
qc.h(0)       # Put qubit 0 in superposition
qc.cx(0, 1)   # Entangle qubits 0 and 1
qc.measure([0, 1], [0, 1])  # Measure

These four lines capture the essence of quantum computing: create superposition with H, create entanglement with CNOT, and obtain results through measurement.

3. Deep Comparison of the Three Quantum Leaders

Google Willow (105 Qubits)

Technical Stack:

• Qubit Type: Superconducting transmon qubits
• Qubit Count: 105 (physical)
• Coherence Time: 5x improvement over previous generation (~100 microseconds)
• Gate Error Rate: Single-qubit below 0.05%, two-qubit below 0.5%

Historic Achievement: Breaking the Error Correction Threshold

What Google achieved wasn't simply building more qubits. The core is crossing the "error correction threshold."

In quantum error correction, multiple physical qubits are grouped to form one logical qubit. The problem was that adding physical qubits also introduced new error sources. Crossing the threshold means "the error correction benefit of added qubits exceeds the newly introduced errors."

Willow's experimental results:

• 3x3 surface code: baseline error rate
• 5x5 surface code: 50% error reduction
• 7x7 surface code: additional 50% error reduction

If this pattern holds, sufficiently large surface codes can produce virtually perfect logical qubits.

RCS Benchmark Results

Willow's performance on Random Circuit Sampling:

• Willow time: approximately 5 minutes
• Frontier supercomputer estimated time: 10^25 years
• Comparison: 10^15 times the age of the universe (1.38 x 10^10 years)

October 2025: Real-World Physics Simulation

Google used a 65-qubit Sycamore processor for gas diffusion simulation (Kicked Ising model):

• 13,000x faster than the Frontier supercomputer
• More practically meaningful than RCS since it simulates real physical phenomena
• Demonstrates applicability to quantum chemistry and materials science

IBM: From Heron to Blue Jay

IBM's quantum roadmap is the most detailed and systematic in the industry.

Current: IBM Heron (156 Qubits)

The Heron processor, released in 2024, is IBM's current flagship chip:

• 156 fixed-frequency transmon qubits
• 3-5x gate performance improvement over the previous Eagle processor
• Tunable couplers dramatically reduce crosstalk (interference between adjacent qubits)
• Deployed on IBM Quantum System Two, available via cloud service

Milestone: IBM Condor (1,121 Qubits)

Condor, announced by IBM in 2023, is a processor exceeding 1,000 qubits. Its significance is more symbolic as a milestone for the "1,000-qubit era" than for practical computation.

2025: Kookaburra (4,158 Qubits)

Kookaburra is central to IBM's multi-chip architecture:

• 3 chips connected via quantum interconnect
• Approximately 1,386 qubits per chip, totaling 4,158 qubits
• Begins modular scaling beyond single-chip limits
• Supports classical-quantum hybrid workloads

Roadmap: From Starling to Blue Jay

IBM's approach is incremental but systematic. Hardware and software (Qiskit) advance together at each stage.

Microsoft Majorana 1: The Topological Qubit Challenge

A Fundamentally Different Approach

While Google and IBM focus on superconducting qubits, Microsoft chose a fundamentally different path with topological qubits.

Topoconductor Technology

Microsoft's topoconductor is a superlattice structure of indium arsenide (InAs) and aluminum (Al):

• Majorana zero modes form at the boundary between superconductor and semiconductor
• These zero modes serve as the foundation for topologically protected qubits
• Intrinsic resistance to environmental noise

The 1 Million Qubit Vision

According to Microsoft, the greatest advantage of topological qubits is scalability:

• Dramatically lower error correction overhead per physical qubit compared to existing methods
• Theoretically scalable to 1 million qubits on a single chip
• This is the scale needed for practical quantum computing

DARPA US2QC Program

Microsoft participates in DARPA's US2QC (Utility-Scale Quantum Computing) program. The program aims to develop utility-scale quantum computers, and Microsoft's involvement indicates partial government endorsement of their technical direction.

Controversy and Criticism

• Nature editorial: pointed out insufficient independent reproduction of Microsoft's topological qubit claims
• 2018 paper retraction: A Nature paper on Majorana particles was retracted due to data processing errors
• Current demonstration scale: 8 qubits, far fewer than Google (105) or IBM (156)
• However, since the technological approach is fundamentally different, simple qubit count comparisons are inappropriate

Three-Company Comparison Table

4. The Day Quantum Breaks Encryption: Q-Day

What Is Q-Day

Q-Day is the point when quantum computers can effectively crack widely used public-key cryptographic systems (RSA-2048, ECC).

Why does this matter? Because the foundation of current internet security -- TLS/SSL, digital signatures, certificate systems -- all rely on RSA and ECC. When Q-Day arrives, all of these become vulnerable.

Q-Day Prediction Timeline

Security experts' Q-Day predictions vary but converge in general direction:

Optimistic Forecast (Earliest Predictions)

• Q-Day possible around 2030
• Google's Willow error correction achievements reinforce this view
• NIST's urgently accelerated PQC standardization reflects this timeline

Median Forecast

• Over 50% probability of Q-Day by 2035
• Consensus among most government agencies and security researchers
• Basis for starting PQC migration now

Conservative Forecast

• After 2040
• Emphasizes engineering challenges (millions of physical qubits needed)
• However, "Harvest Now, Decrypt Later" attacks mean preparation is needed now

Quantum Resources Required to Break RSA-2048

Estimates of quantum resources needed to crack RSA-2048 are declining rapidly:

2012 estimate: Approximately 1 billion physical qubits needed 2019 estimate: Approximately 20 million physical qubits 2023 Google research: 1,399 logical qubits sufficient (approximately 4 million physical qubits) Post-2024 estimates: Possibly achievable with fewer than 1 million physical qubits

This trend results from algorithm optimization and improved error correction efficiency. A dual effect occurs where required resources decrease as hardware advances.

NIST PQC Standards (August 2024)

The U.S. National Institute of Standards and Technology (NIST) officially released the first post-quantum cryptography standards in August 2024:

CRYSTALS-Kyber (ML-KEM) - FIPS 203

• Purpose: Key encapsulation (key exchange)
• Basis: Module Lattice problem
• Performance: Faster than RSA key exchange
• Already experimentally applied in TLS 1.3

CRYSTALS-Dilithium (ML-DSA) - FIPS 204

• Purpose: Digital signatures
• Basis: Module Lattice problem
• Signature size: Larger than RSA but acceptable

SPHINCS+ (SLH-DSA) - FIPS 205

• Purpose: Digital signatures (backup algorithm)
• Basis: Hash-based signatures
• Advantage: Insurance against lattice problem compromise
• Disadvantage: Very large signature size

U.S. PQC Transition Mandate

The U.S. government is responding most aggressively to the quantum threat:

• 2024: NIST PQC standards finalized
• 2025: Federal agencies mandated to develop PQC migration plans
• By 2030: All federal systems must complete transition to TLS 1.3 + PQC algorithms
• OMB M-23-02: Federal agencies required to inventory quantum-vulnerable cryptography

This is not a mere recommendation but a legal obligation. It affects all companies doing business with the U.S. government.

5. The Quantum + AI Intersection

Quantum computing and AI are not separate technologies. They mutually reinforce each other, and in 2025, their intersection began producing concrete results.

Google: Quantum-AI Physics Simulation

Google's October 2025 achievement demonstrates quantum-AI synergy:

• Physics simulation using a 65-qubit quantum processor
• 13,000x acceleration compared to the Frontier supercomputer
• Simulation results can be used as AI model training data
• A virtuous cycle where quantum-generated data enables AI to learn more accurate models

McKinsey Analysis: Quantum Solves AI Bottlenecks

McKinsey analyzed that quantum computing can address three core AI bottlenecks:

Bottleneck 1: Algorithm Efficiency

• Current AI training relies on Gradient Descent
• Quantum algorithms (Quantum Approximate Optimization) enable more efficient optimization
• Exponential speedup expected especially for combinatorial optimization problems

Bottleneck 2: Memory Wall

• Large Language Model (LLM) parameter counts are growing exponentially
• Quantum memory can encode exponentially many states
• n qubits can simultaneously represent 2^n states

Bottleneck 3: Computational Limits

• AI training energy consumption is growing exponentially
• Quantum acceleration possible for specific operations (matrix operations, sampling)
• Hybrid quantum-classical systems enable efficient resource allocation

Three Approaches to Quantum Machine Learning

1. Quantum Feature Mapping

• Encode classical data into quantum states
• Pattern recognition in high-dimensional feature spaces
• Quantum advantage possible in kernel-based learning

2. Quantum Preprocessing

• Extract quantum features from data using quantum systems
• Pass extracted features to classical AI models
• Most practical approach in the current NISQ era

3. Parameter Optimization

• Leverage Variational Quantum Eigensolver (VQE) and similar methods
• Optimize quantum circuit parameters
• Hybrid of classical optimizers and quantum circuits

Hybrid Quantum-Classical Systems

Realistically, hybrid approaches will become practical before pure quantum systems:

[Classical Computer] <-> [Quantum Processor]
        |                        |
   Overall control          Quantum subroutines
   Data management          Optimization/sampling
   Post-processing          Feature extraction

IBM's Qiskit Runtime, Google's Cirq, and others already support this hybrid model, providing environments where developers can separately program "quantum parts" and "classical parts."

6. Quantum Computing Ecosystem Map

Hardware Players

Cloud Quantum Services

AWS Braket

• Access to diverse hardware: IonQ, Rigetti, D-Wave, and more
• Integration with AWS ecosystem (S3, Lambda, etc.)
• Includes simulators
• Pay-per-use pricing

Azure Quantum

• Hardware access: IonQ, Quantinuum, and more
• Native Microsoft Q# support
• Azure ecosystem integration
• Azure Quantum Credits program (free credits)

Google Quantum AI

• Google's own hardware (Sycamore, Willow)
• Native Cirq support
• TensorFlow Quantum integration
• Researcher access programs

Software Frameworks

Framework Selection Guide

Beginners -> Qiskit (richest educational materials)
AI/ML Research -> PennyLane (quantum ML specialized)
Google Hardware -> Cirq
Microsoft/Azure -> Q#
Multi-hardware -> Braket SDK
High-speed Simulation -> Qulacs

7. What Developers Should Prepare

Quantum computing hasn't become universal yet, but there are things developers should start right now.

PQC Migration Checklist (Start Immediately)

Step 1: Create a Cryptographic Inventory (1-2 weeks)

# Check OpenSSL version
openssl version -a

# Check current TLS configuration
openssl s_client -connect your-server.com:443 -tls1_2

# Check crypto library dependencies (Node.js example)
npm ls | grep -i "crypto\|rsa\|ecdsa\|tls"

# Python projects
pip list | grep -i "crypto\|rsa\|pycryptodome"

# Java projects
grep -r "RSA\|ECDSA\|EC\|DSA" --include="*.java" src/

Step 2: Risk Classification (1 week)

Step 3: Adopt PQC Hybrid Mode (1-3 months)

# Example: PQC hybrid key exchange using liboqs
# pip install liboqs-python

# Hybrid approach: traditional ECDH + ML-KEM
# 1. Perform traditional ECDH key exchange
# 2. Simultaneously perform ML-KEM key exchange
# 3. Combine both keys for final session key

Hybrid mode provides a dual safety net: "protected by traditional crypto if PQC breaks, protected by PQC if traditional crypto breaks."

Step 4: Add Crypto Auditing to CI/CD Pipeline

# .github/workflows/crypto-audit.yml example structure
# Regularly scan project crypto dependencies
# Alert on quantum-vulnerable algorithm usage
# Verify NIST standard compliance

Getting Started with Qiskit/Cirq

The easiest path to start quantum programming:

1. Qiskit Installation and First Circuit

pip install qiskit qiskit-aer

from qiskit import QuantumCircuit
from qiskit_aer import AerSimulator

# Create a 2-qubit Bell state
qc = QuantumCircuit(2, 2)
qc.h(0)           # Hadamard: create superposition
qc.cx(0, 1)       # CNOT: create entanglement
qc.measure([0,1], [0,1])

# Run on simulator
sim = AerSimulator()
result = sim.run(qc, shots=1000).result()
counts = result.get_counts()
print(counts)
# Result: approximately 500x '00', 500x '11'
# -> Perfect quantum entanglement

2. Run on IBM Quantum Hardware

# IBM Quantum account required (free)
from qiskit_ibm_runtime import QiskitRuntimeService

service = QiskitRuntimeService(channel="ibm_quantum")
backend = service.least_busy(min_num_qubits=2)
# Execute on actual quantum hardware

3. Getting Started with Cirq (Google)

pip install cirq

import cirq

# Define qubits
q0, q1 = cirq.LineQubit.range(2)

# Create circuit
circuit = cirq.Circuit([
    cirq.H(q0),          # Hadamard
    cirq.CNOT(q0, q1),   # CNOT
    cirq.measure(q0, q1, key='result')
])

# Simulate
simulator = cirq.Simulator()
result = simulator.run(circuit, repetitions=1000)
print(result.histogram(key='result'))

Audit Your Cryptographic Libraries

A checklist to verify whether your current projects use quantum-vulnerable algorithms:

Check RSA/ECC Dependencies:

# Node.js / TypeScript
grep -rn "createSign\|createVerify\|generateKeyPair\|RSA\|ECDSA" \
  --include="*.ts" --include="*.js" src/

# Python
grep -rn "RSA\|ECDSA\|ECDH\|from Crypto" \
  --include="*.py" .

# Go
grep -rn "crypto/rsa\|crypto/ecdsa\|crypto/elliptic" \
  --include="*.go" .

# Java
grep -rn "RSA\|ECDSA\|KeyPairGenerator\|Signature" \
  --include="*.java" src/

Transition Priorities:

1. Data-at-rest encryption: Long-term stored data is vulnerable to "Harvest Now, Decrypt Later" attacks
2. Key exchange protocols: Transition TLS handshake key exchange to PQC hybrid
3. Digital signatures: Prioritize transitioning long-validity certificates and signatures
4. Symmetric encryption: Upgrade AES-128 to AES-256 (against Grover's algorithm)

Defending Against "Harvest Now, Decrypt Later" Attacks

This attack is happening right now:

Attack Scenario:

1. Attackers bulk-capture currently encrypted network traffic
2. Store the encrypted data long-term
3. Once quantum computers advance sufficiently, decrypt all stored data at once
4. Confidential communications, transaction records, and personal data from years ago become exposed

Why Prepare Now:

• Medical records: Legal protection periods for patient data span decades
• Financial data: Transaction records and account information retain value for years
• Corporate secrets: Strategy documents and patent-related communications are long-term sensitive
• Government secrets: National security information classification periods span decades

Actions You Can Take Immediately:

1. Audit encryption methods for long-term stored data
2. Verify Perfect Forward Secrecy (PFS) in VPN/TLS configurations
3. Test PQC hybrid TLS (Chrome and Firefox already support ML-KEM)
4. Review data retention policies: delete unnecessary data

8. Quantum Computing Timeline

Technology Development Roadmap

Developer Action Timeline

2025 (Now) ──────────────────────────────────────────────────
  [Required] Create cryptographic inventory
  [Required] Begin PQC learning
  [Recommended] Learn Qiskit/Cirq basics
  [Recommended] Verify and transition to TLS 1.3

2026-2027 ───────────────────────────────────────────────────
  [Required] Adopt PQC hybrid mode
  [Required] Transition long-term data encryption
  [Recommended] Experiment with quantum cloud services
  [Recommended] Team quantum security training

2028-2030 ───────────────────────────────────────────────────
  [Required] Complete PQC transition
  [Required] Fully remove quantum-vulnerable algorithms
  [Recommended] Leverage hybrid quantum-classical workloads
  [Recommended] Experiment with quantum ML pipelines

Hands-On Quiz

Q1. What is Google Willow's most important achievement?

Q2. Why are Microsoft Majorana 1's topological qubits theoretically advantageous over conventional superconducting qubits?

Q3. What does the "Harvest Now, Decrypt Later" attack mean for developers?

Q4. What is the difference between CRYSTALS-Kyber (ML-KEM) and CRYSTALS-Dilithium (ML-DSA) in NIST PQC standards?

Q5. What are three quantum security preparations developers can start immediately?

References

1. Google AI Blog - "Meet Willow, our state-of-the-art quantum chip" (Dec 2024)
2. Nature - "Quantum error correction below the surface code threshold" - Google Quantum AI (2024)
3. Microsoft Research Blog - "Microsoft's Majorana 1 chip carves new path for quantum computing" (Feb 2025)
4. IBM Quantum - "IBM Quantum Development Roadmap" (2024-2033)
5. NIST - "Post-Quantum Cryptography Standardization" - FIPS 203, 204, 205 (Aug 2024)
6. Nature Editorial - "Extraordinary claims need extraordinary evidence" - Majorana 1 commentary (2025)
7. Google Quantum AI - "Quantum advantage in simulating physical dynamics" (Oct 2025)
8. McKinsey - "Quantum computing and AI: A transformative combination" (2024)
9. DARPA - "Utility-Scale Quantum Computing (US2QC)" official documentation
10. OMB Memorandum M-23-02 - "Migrating to Post-Quantum Cryptography" (2022)
11. Gidney & Ekera - "How to factor 2048 bit RSA integers in 8 hours using 20 million noisy qubits" (2021)
12. Google Research - "Reducing the cost of breaking RSA" - 1,399 logical qubit estimate (2023)
13. Qiskit - "Getting Started with Qiskit" official documentation
14. Cirq - "Google Cirq Documentation" official documentation
15. PennyLane - "Quantum Machine Learning" official documentation
16. CISA - "Post-Quantum Cryptography Initiative" guidelines (2024)
17. Chrome Platform Status - "TLS Key Exchange with ML-KEM" (2024)