Quantum Computing Opens a Cryptographic Security Window? How IBM's Executive Order Reshapes the Post-Quantum Migration Path

On June 22, 2026, U.S. President Trump signed two quantum computing executive orders at the White House, officially launching the U.S. “Quantum Surge” initiative. The first executive order requires the deployment of quantum computers with scientific research capability by 2028 and promotes progress in quantum sensing and quantum networks within five years. The second executive order focuses on cryptographic security, moving up the deadline for federal agencies to migrate to Post-Quantum Cryptography (PQC) to 2031, and requiring that high-value data systems complete migration by 2030.

IBM is the biggest beneficiary of this policy contest. Of the $2 billion quantum technology funding program previously announced by the U.S. Department of Commerce, IBM received about $1 billion to build Anderon—America’s first dedicated quantum chip foundry. IBM CEO Arvind Krishna attended the signing ceremony, and Trump publicly praised his leadership at the event. That evening, JPMorgan Chase raised IBM’s price target from $270 to $291, upgrading its rating from neutral to overweight. IBM shares rose 3.26% in pre-market trading.

For the crypto industry, the significance of these two executive orders goes far beyond short-term swings in geopolitics and capital markets. They mark the formal transition of quantum computing from laboratory research into a fast-track driven by national policy, while also setting a clear time window for the blockchain ecosystem that relies on Elliptic Curve Cryptography (ECC) and RSA encryption systems. This article will provide a structured analysis across three dimensions: the practical impact of the policy content, a technical assessment of the quantum threat, and the response paths for the crypto industry.

Policy Core: Crypto Security Implications of the Two Executive Orders

The first executive order is titled “Ushering in the Next Frontier of Quantum Innovation.” Its core objective is to establish the “Quantum Applications Development and Discovery Science Program” (QC-ADDS), requiring the Department of Energy to deliver a quantum computer with scientific research value by 2028. The executive order also requires the heads of the Department of Commerce, the Department of Energy, the National Science Foundation, and NASA to lead the development of a five-year “Quantum Sensing and Networking Advancement Plan.”

The second executive order, “Defending National Security Against Advanced Cryptographic Attacks,” directly addresses the crypto industry’s core concern regarding encryption security. The executive order states: “Ongoing cyber activities against our nation pose a risk that adversaries will collect U.S. information today and decrypt it later once large-scale quantum computers are operational.” This wording formally incorporates the “Harvest Now, Decrypt Later” attack pattern into the national policy framework. The executive order requires the Office of Management and Budget (OMB) and the national cyber director to “lead an accelerated national migration to post-quantum cryptography to ensure the security of the nation and its data as quantum technology evolves.”

The two executive orders were not issued in isolation. In May 2026, the U.S. Department of Commerce announced that it would allocate $2 billion in grants and equity investments from the CHIPS and Science Act to nine quantum companies—this is the largest single quantum R&D investment in U.S. history. IBM received about $1 billion of that to build the Anderon quantum chip foundry, and IBM itself will also invest about $1 billion. GlobalFoundries received $375 million, and D-Wave Quantum, Rigetti Computing, and Infleqtion each received about $100 million. As the government’s return for equity investments, this structure differs from traditional federal research funding models.

From a policy logic perspective, these two executive orders form a complete closed loop: the front end accelerates technological breakthroughs with the goal of quantum computers by 2028, and the back end uses the 2031 post-quantum cryptography migration milestone to compel upgrades to the cryptographic system. For the crypto industry, this means quantum computing is no longer a distant technological narrative, but has been placed on a national policy track with clear timelines and resource commitments.

Technical Assessment of the Quantum Threat: The Distance from Theory to Engineering

The threat of quantum computing to encryption systems is often summarized as “being able to break encryption algorithms,” but this description obscures the fundamental differences between two quantum algorithms.

Shor’s algorithm targets the integer factorization and discrete logarithm problems in public-key cryptography, directly impacting ECDSA and Schnorr signatures—both are core authorization mechanisms for transactions in Bitcoin and other mainstream cryptocurrencies. A fault-tolerant quantum computer with enough logical qubits running Shor’s algorithm could, in theory, reverse-engineer the corresponding private key from the public key exposed on the blockchain.

Grover’s algorithm targets the SHA-256 hash function, and in theory can reduce the effective computational work required for brute force from 2²⁵⁶ to 2¹²⁸. However, this optimization still remains infeasible in engineering practice, and the threat to Proof of Work (PoW) mining is offset by quantum error correction overhead and the massive parallel computing capabilities of existing ASIC mining rigs.

The key issue lies in the gap between “theoretically” and “engineering-wise.” On March 31, 2026, Google released a 57-page white paper showing that the resources required for a quantum computer to break the 256-bit elliptic curve discrete logarithm problem are about one order of magnitude lower than previously estimated—approximately 500,000 physical qubits could complete the attack within minutes. This finding led Google to disclose it using zero-knowledge proofs rather than publicly releasing the specific attack algorithm.

However, there is a huge error-correction overhead from physical qubits to usable logical qubits. In a report published by Bernstein in 2026, it was noted that scaling from the current dozens of logical qubits to the thousands of logical qubits required to threaten ECDSA is “a multi-dimensional engineering challenge that requires years of breakthrough progress.” In January 2026, an Amazon CTO cited research indicating that the number of qubits needed to break 2,048-bit RSA encryption has dropped from the 20 million qubits estimated six years ago to fewer than 1 million—an approximately 95% reduction. While this reduction is significant, it is still far from engineering realization.

Academia’s assessment of the probability distribution for the emergence of a “cryptographically relevant quantum computer” (CRQC) is even more cautious. The research paper “Quantum Horizon,” using a Monte Carlo model that integrates multiple factors—including hardware scaling, decreasing resource requirements, lag in fault-tolerance readiness, and expert surveys—yields the following distribution: the probability of CRQC appearing before 2035 is about 1/6, nearly 30% before 2040, and about 60% before 2050.

Exposure in the Crypto Industry: Which Assets Truly Face Risk

Quantum risk in the Bitcoin network is distributed extremely unevenly; not all holdings face the same level of threat.

From the perspective of address type, risk follows a pyramid-shaped distribution:

P2PK (Pay-to-Public-Key) addresses: Public keys are directly exposed on-chain with no hash protection, making them the most fragile type. This portion contains about 1.7 million BTC, representing about 8% of the total supply, including early holdings of about 1.1 million BTC by Satoshi Nakamoto.

P2PKH (Pay-to-Public-Key-Hash) addresses: Public keys are protected by hashing and are only exposed when the assets are spent. As long as an address has never had a spending transaction, its public key has not been disclosed, leaving quantum attackers with no target to attack.

P2SH (Pay-to-Script-Hash) and Taproot addresses: They also benefit from the isolation effect provided by hash protection.

According to estimates from research in June 2026, about 6 million BTC in the Bitcoin network face quantum exposure risk, of which about 2.3 million BTC falls under “non-reducible risk.” Other analyses suggest that about 6.9 million Bitcoin could be threatened, including legacy wallets and Taproot outputs—where Taproot accounted for more than 21% of all Bitcoin transactions in 2025. In the case of Ethereum, about 50% to 65% of ETH is held in accounts whose keys are already exposed, but these accounts can avoid risk by adopting post-quantum signatures.

A more covert structural risk comes from the “Harvest Now, Decrypt Later” attack pattern. Both the NSA and the UK’s National Cyber Security Centre have listed HNDL as a threat that needs to be addressed currently. For Bitcoin, transaction data is already public and transparent, making the “harvest” cost almost zero. This means that once CRQC becomes a reality at some point in the future, all addresses whose public keys have ever been exposed will face retrospective attacks. This is not a distant theoretical concern; it is already a real issue included in parts of institutional risk-modeling frameworks.

Market Reaction and Industry Response

After the executive orders were signed, the crypto market’s reaction showed characteristics of “a forward-looking narrative driving in the long term, with short-term sentiment splitting.”

As of June 26, 2026, Bitcoin (BTC) was quoted at $60,275.5. Its 24-hour change was -2.47%, its 7-day change was -7.63%, its 30-day change was -10.73%, and its one-year change was -33.74%. Its market capitalization was approximately $1.20 trillion, and market sentiment was in a neutral range. Whether quantum computing, as a long-term structural risk, will be amplified by the market into a short-term narrative under the current price environment remains to be seen.

Industry institutions are accelerating their responses. In May 2026, NIST concluded its 18-month second round of evaluation and selected 9 candidate algorithms to enter the third round from the PQC additional digital signature standardization process. NIST has finalized three PQC algorithms, and two more algorithms are under review; it also plans to retire and remove quantum-vulnerable algorithms from its standards by 2035.

In June 2026, Coinbase convened a cryptography advisory board—members included experts such as Scott Aaronson from The University of Texas at Austin, Dan Boneh from Stanford University, and Justin Drake of the Ethereum Foundation. The board concluded that quantum computers currently do not pose a threat to blockchains, but that the Bitcoin community should begin technical planning for post-quantum signatures immediately. The board noted that Bitcoin’s risk is concentrated in early addresses, and the constraints on migration lie in governance mechanisms rather than the technology itself.

Bitcoin Improvement Proposal BIP-360 was assigned a number in February 2026 and entered the testnet, introducing a new post-quantum-resistant output type. This development indicates that the Bitcoin community has started addressing quantum threats at the protocol level, even though a long consensus process is still needed to move from the testnet to mainnet activation.

In June 2026, BlackRock released a report titled “Quantum Computing and Blockchain,” warning that future quantum computing breakthroughs may threaten the cryptography that secures Bitcoin and Ethereum. Before that, BlackRock had already formally listed quantum computing as a risk factor in its IBIT prospectus.

Conclusion

The real significance of IBM’s quantum computing executive orders is not how much government funding or stock price increase they bring to a technology company, but that they push quantum computing from academic preprints and laboratory demonstrations onto a national policy-driven acceleration track.

The target for quantum computers in 2028 and the PQC migration deadline for 2031 set a clear time window for the crypto industry. The length of this window is approximately 5 to 10 years—precisely matching the mid-term predictions from academia about the probability of CRQC emergence. Whether quantum computers truly reach a level that threatens existing cryptographic systems in 2028 or 2031, the policy itself has already changed the game: federal agencies, financial institutions, and operators of critical infrastructure must complete PQC migration within the specified timeframe. This will drive a generational upgrade of the entire cryptographic infrastructure, and since the crypto industry is one of the largest application areas for public-key cryptography, it cannot stand aside.

For the crypto industry, the real challenge is not that quantum computers will “tomorrow” crack private keys, but how a globalized, decentralized network can complete an upgrade of its underlying cryptographic infrastructure within a fragmented governance structure. The progress of BIP-360 on the testnet, the acceleration of the NIST standardization process, and risk disclosures from major institutions all show that the industry has entered a “preparation phase.” The length of this phase and the quality of final execution will determine whether the crypto ecosystem can uphold its core promise—trustless security—when the quantum era arrives.

The policy window is already open. Next, what will be tested is the industry’s consensus efficiency and execution capability.

FAQ

Q: What are the specific contents of the 2026 IBM quantum computing executive orders?

On June 22, 2026, Trump signed two executive orders: one requires the construction of research-grade quantum computers by 2028; the other requires federal agencies to complete migration to post-quantum cryptography by 2031. IBM received $1 billion in CHIPS Act funding to build Anderon, America’s first quantum chip foundry.

Q: When will quantum computing pose a substantial threat to Bitcoin?

Academic research indicates that the probability of CRQC appearing before 2035 is about 1/6, close to 30% before 2040, and about 60% before 2050. Google’s March 2026 white paper states that approximately 500,000 physical qubits could break ECC-256 within minutes. The industry generally believes that 10 to 20 years are still needed to move from current technology to a threat-level quantum computer.

Q: How does Bitcoin respond to the threat of quantum computing?

The Bitcoin community has already started technical preparations. BIP-360 entered the testnet in February 2026, introducing post-quantum-resistant output types. The cryptography advisory board convened by Coinbase recommends starting post-quantum signature planning immediately. The key constraint for migration lies in governance mechanisms rather than technology itself.

Q: What is a “Harvest Now, Decrypt Later” attack?

An attacker captures encrypted data today and decrypts it later once quantum computers mature. Both the NSA and the UK’s National Cyber Security Centre have listed it as a threat that needs to be addressed now. Since Bitcoin transaction data is publicly transparent, the “harvest” cost is almost zero, meaning that addresses whose public keys were exposed in the past will face retrospective risk.

Q: What is the progress on NIST’s post-quantum cryptography standards?

NIST has finalized three PQC algorithms, and two more algorithms are under review. In May 2026, 9 digital signature algorithm candidates entered the third round of evaluation. NIST plans to remove quantum-vulnerable algorithms from its standards by 2035.