Quantum Resource Requirements for Breaking Elliptic Curve Cryptography: How NISQ-Era Innovations Accelerate the Path to Fault-Tolerant Attacks

We present a comprehensive synthesis of how innovations developed during the Noisy Intermediate-Scale Quantum (NISQ) era are reducing the resource requirements for future fault-tolerant quantum attacks on elliptic curve cryptography (ECC). While pure Shor’s algorithm requires NL = 2, 330 logical qubits and ∼ 1.29 × 1011 Toffoli gates (or ∼ 9.0 × 1011 T-gates) for NIST P-256—well beyond current NISQ capabilities—we demonstrate that hybrid quantum-classical techniques, AI-driven error correction decoders, and full-stack co-optimization pioneered today are creating a bridge to more efficient fault-tolerant quantum computers (FTQC). A critical engineering challenge remains: the memory-to-computation gap. While Google’s Willow processor (2025) demonstrates exponential error suppression for quantum memory, translating this to the ∼ 1011 fault-tolerant logical gate operations required for Shor’s algorithm involves fundamentally different engineering requirements and unresolved architectural complexity. This gap represents the primary technical uncertainty qualifying our projections. Recent developments provide critical but incomplete progress: Google’s Willow processor experimentally demonstrates exponential error suppression with 2.14× improvement per code distance for quantum memory, though logical gate operations remain undemonstrated. IBM’s roadmap projects 200 logical qubits by 2029 and scaling to 2,000 qubits on Blue Jay by 2033+, though the roadmap does not specify whether all 2,000 are logical qubits—a critical distinction given error correction overhead. Recent breakthroughs have achieved 3,000-6,100 qubit arrays proving physical scale is feasible, though computational capabilities await demonstration. The IBM-HSBC quantum bond trading trial (September 2025) confirms industrial deployment of hybrid quantum-classical systems for optimization, though these techniques do not directly apply to fault-tolerant implementations of Shor’s algorithm. Our analysis—the first to synthesize these convergent breakthroughs into a unified threat model—reveals that NISQ-era engineering innovations could reduce future FTQC requirements by factors of 1.5-2.3×. We present projections with varying probabilities of technological success: Conservative (high probability): NL ∈ [1,2,200,800] with timeline 2033-2035; Realistic (moderate probability): NL ∈ [1, 200, 1, 600] with timeline 2031-2033; Optimistic (lower probability): NL ∈ [900, 1, 100] with timeline 2029-2031. These engineering-based projections represent the predictable component of progress.We separately analyze an Algorithmic Breakthrough scenario based on Litinski’s work suggesting 2,580× gate reduction, whichcould accelerate timelines to 2027-2029. We emphasize that such algorithmic innovations, while unpredictable, have historically dominated incremental improvements and represent a critical uncertainty in quantum threat assessment. We acknowledge the reflexive nature of such analysis—credible threat projections can influence investment, policy, and migration decisions in ways that may accelerate or decelerate actual progress toward cryptographically-relevant quantum computers. Our projections thus serve not merely as predictions but as potential catalysts within the quantum ecosystem.