The Quantum Hype Cycle in Defense
Few technologies have generated as much anticipation in the defense community as quantum computing. The theoretical promise is extraordinary: computers that leverage quantum mechanical phenomena to solve certain classes of problems exponentially faster than any classical machine. The most frequently cited defense application is cryptography — a sufficiently powerful quantum computer running Shor's algorithm could break the RSA and elliptic curve cryptography that secures virtually all military and government communications.
This threat is real in the long term. The intelligence community's assessment is that a cryptographically relevant quantum computer (CRQC) will eventually be built, though timelines remain uncertain. The "harvest now, decrypt later" strategy — where adversaries collect encrypted data today for decryption once quantum capability matures — is already assumed to be active. This justifies the urgency behind post-quantum cryptography (PQC) migration, which NIST formalized with the publication of its first PQC standards in 2024.
But beyond cryptography, the defense applications of quantum computing are often discussed with a level of certainty that the technology does not yet support. Current quantum computers are noisy, error-prone, and operate at scales too small for most practical applications. The gap between quantum computing research and operational defense capability is measured in years to decades, not months.
What Quantum Can Do Today
While fault-tolerant, large-scale quantum computing remains a future capability, several quantum-adjacent technologies offer nearer-term defense applications. Quantum sensing uses quantum phenomena to achieve measurement sensitivities that classical sensors cannot match. Quantum magnetometers, gravimeters, and atomic clocks have potential applications in navigation (GPS-denied environments), submarine detection, and precision timing for communications and electronic warfare.
Quantum key distribution (QKD) leverages quantum mechanics to detect eavesdropping on communication channels, offering theoretical information-security guarantees that mathematical cryptography cannot provide. While QKD faces practical limitations — distance constraints, infrastructure requirements, and vulnerability to side-channel attacks on the implementation rather than the theory — it may offer value for specific high-security communication links.
Quantum-inspired algorithms running on classical hardware represent another near-term opportunity. Techniques developed through quantum computing research — tensor network methods, variational approaches, and quantum annealing-inspired optimization — can improve classical algorithms for logistics optimization, route planning, and resource allocation problems that are directly relevant to defense operations.
The Post-Quantum Cryptography Imperative
The most urgent quantum-related action for the defense community is not building quantum computers. It is preparing for the day when adversaries have them. The migration to post-quantum cryptographic algorithms is a massive undertaking that touches every system that uses public-key cryptography — which is to say, virtually every networked system in the Department of Defense.
NIST's published PQC standards (FIPS 203, 204, and 205) define the algorithms. But implementing the migration across the defense ecosystem is a multi-year effort involving cryptographic library updates, protocol modifications, certificate infrastructure changes, and testing to ensure that new algorithms do not introduce performance or compatibility issues. Systems with long operational lifetimes — satellites, weapons systems, infrastructure — must begin this migration well before a CRQC exists because the data they protect today must remain secure for the duration of their operational life.
NSA's Commercial National Security Algorithm Suite 2.0 (CNSA 2.0) provides the timeline and algorithm guidance for national security systems. The deadlines are aggressive relative to the scope of the work: software and firmware implementations of PQC by 2025, with full migration targets extending through 2033. Organizations that have not begun their cryptographic inventory and migration planning are already behind.
A Pragmatic Approach
The defense community should approach quantum computing with informed pragmatism. Invest in post-quantum cryptography migration now because the threat timeline is uncertain and the migration is complex. Monitor quantum sensing developments for near-term operational applications. Experiment with quantum-inspired classical algorithms for optimization problems. Maintain awareness of fault-tolerant quantum computing progress without making operational plans that depend on capabilities that do not yet exist.
The organizations that will benefit most from quantum technologies are those that build the foundational capabilities today — cryptographic agility that allows rapid algorithm changes, sensor architectures that can incorporate new modalities, and optimization frameworks that can leverage quantum-inspired and eventually quantum computational approaches. The quantum future is coming, but the defense community's near-term agenda should focus on the practical steps that deliver value regardless of when that future arrives.
