Where quantum computing actually stands across five high-complexity domains — the theoretical upside, but also an honest read on NISQ-era limits and the quantum advantage that has not yet been demonstrated. Four of the five (communications, autonomous driving, robotics, cryptography) tie directly into the post-quantum (PQC) migration business.
Fusion couples plasma dynamics, materials science, and nuclear reactions — sub-problems where classical supercomputers are already nearing their ceiling. That's the motivation for quantum approaches; it is not yet a demonstrated win.
Main directions
1. Plasma simulation & MHD. Tokamak/stellarator plasmas are highly non-linear many-body systems; classical simulation discretizes huge grids and solves coupled PDEs, with cost exploding as accuracy rises. Quantum methods could, in theory, use superposition to solve certain PDEs (e.g. the Vlasov equation) more efficiently — but most work is still algorithm design and small-scale validation.
2. Materials: first-wall & neutron damage. First-wall materials face extreme neutron flux and heat; the radiation-damage mechanisms in tungsten and tritium-bearing materials are strongly-correlated many-body problems — exactly where VQE-style algorithms hold a theoretical edge. IBM, Google and others have run exploratory work with fusion labs (e.g. UK's UKAEA) on small-system electronic structure.
3. Reaction cross-sections & heating. D-T fusion rates and neutron transport involve quantum-level scattering cross-sections; some sub-problems suit quantum acceleration, but only at simplified-model scale today.
4. Optimization: coil design & control. Stellarator coil geometry is a high-dimensional non-convex optimization; annealing/QAOA have been tried, but mostly as quantum-inspired heuristics on classical hardware rather than true quantum advantage.
Reality checkNo published result shows quantum computing solving a fusion problem classical machines cannot — most work is NISQ-era proof-of-concept, and quantum advantage is unproven. Best positioned as a mid/long-term research direction, not a near-term commercial hook.
🚗
Quantum computing in autonomous driving
exploratory
Largely exploratory today, concentrated on a handful of compute-intensive bottlenecks.
Main directions
1. Path planning & real-time optimization. A high-dimensional, dynamically-constrained combinatorial problem (multi-vehicle coordination, live traffic, energy). Annealing (D-Wave) and QAOA have been tried for fleet dispatch and route coordination — potential speedup on NP-hard combinatorics in theory, but only at small simulation scale.
2. Sensor fusion & uncertainty. Fusing camera/radar/LiDAR is high-dimensional Bayesian inference; QML has potential for some kernel computations and dimensionality reduction. Volkswagen and others explored traffic-flow and battery-materials work with D-Wave — but back-office optimization, not in-car real-time decisions.
3. NN training acceleration. Perception models (detection, trajectory prediction) need large-scale training; VQCs have seen experimental use on small subtasks (classification, feature maps), but training full perception nets is far beyond current hardware.
4. Cryptography & V2X security (directly relevant). AVs rely on V2X comms; if their authentication and encryption are broken by a quantum computer, that directly threatens safety (forged braking commands, hijacked control signals). The logic is reversed: AV systems need post-quantum crypto to defend — a vertical market for the Quantum-Safe Scanner/Migrator, not a case of "QC enabling AVs."
Reality checkAs with fusion, no public result shows a deployable quantum advantage in AV perception or real-time decisions — mostly NISQ proof-of-concept or purely quantum-inspired algorithms (not necessarily running on quantum hardware).
Business relevanceV2X PQC migration (keeping vehicle comms keys safe from a future quantum break) is far closer to the existing product line (scan + migrate + compliance) than "QC optimizing AVs," and tells a cleaner go-to-market story — especially given Chinese OEM / intelligent-connected-vehicle demand for GM (国密) standard compliance.
🤖
Quantum computing in robotics
exploratory
Mostly motion planning, control-policy training, multi-robot coordination, perception, and security.
Main directions
1. Motion planning & trajectory optimization. Inverse kinematics and obstacle avoidance for multi-joint arms are high-dimensional constraint optimization. Annealing/QAOA have been tried — potential NP-hard speedup in theory — but experiments stay at simplified-scenario scale, with no advantage shown in real-time industrial control.
2. RL & control-policy training. Legged robots and dexterous manipulation depend on heavy RL training. QML could, in theory, accelerate policy-gradient or value-function approximation, but hardware noise and qubit counts are nowhere near enough for real control networks — small-scale simulation only.
3. Multi-robot coordination & swarm. Warehouse/logistics route coordination and task allocation are classic combinatorial optimization (like fleet dispatch). The theoretical quantum edge is clearer here, on discrete optimization, than on continuous control — a comparatively more realistic early landing zone.
4. Sensor processing & SLAM. Localization and mapping involve large matrix operations and probabilistic inference; quantum linear algebra (e.g. HHL) has theoretical room on specific sub-problems, but remains far from real systems' latency and power budgets.
5. Cryptography & robot security (relevant). Industrial robots, cobots and AMRs increasingly connect to factory networks and cloud control. If their firmware updates, remote-command authentication and device identity rely on RSA/ECC, they face the same "harvest now, decrypt later" (HNDL) long-term risk. Same logic as V2X: the robot doesn't need "to use quantum computing" — its control system needs PQC to defend against future attacks.
Reality checkAs with fusion and AVs, no public evidence shows a real quantum advantage in robot motion control or perception — mostly NISQ proof-of-concept, or quantum-inspired algorithms that run on classical hardware and are merely informed by quantum theory.
Business relevanceFirmware and comms security compliance for industrial robots/AMRs is a more realistic narrative than "QC empowering robotics," and sits closer to the Quantum-Safe Scanner line — especially where China's industrial-internet / smart-manufacturing sectors carry mandatory 密评 (commercial-cryptography application security assessment) requirements, making robot makers a direct customer pool.
📡
Quantum computing in communications
three threads
Quantum and communications actually split into three very different logic lines that get conflated constantly — worth untangling first.
I. QC "enabling" classical comms
1. Network routing & resource allocation. 5G/6G spectrum allocation, base-station load balancing and network-slice scheduling are high-dimensional combinatorial problems. Operators (Vodafone, SK Telecom) have run small annealing/QAOA trials — limited scale, mostly proof-of-concept.
2. Signal processing & channel estimation. Massive-MIMO channel estimation and beamforming involve large matrix operations; quantum linear algebra has theoretical room, but no commercial deployment exists yet.
II. Quantum communication (a different track, often mistaken for "an application of QC")
1. Quantum key distribution (QKD). Uses no-cloning to distribute keys and can in principle detect eavesdropping. China has invested most (Micius satellite, Beijing–Shanghai backbone), but QKD has hard practical limits: dedicated fiber/satellite infrastructure, limited range, high cost — and it only solves key distribution, not data encryption or signatures. It cannot replace PQC.
2. Quantum internet. Entanglement-based long-distance quantum-state networks remain at the lab / small-trial stage (repeaters, error correction and other core problems unsolved) — far from practical use.
III. QC as a threat to comms security (directly tied to the business)
A communications network's cryptographic foundation — TLS/HTTPS, VPN, 5G/6G core-network authentication, satellite encryption — runs almost entirely on RSA/ECC. Once a CRQC (cryptographically relevant quantum computer) exists, Shor's algorithm breaks all of it.
Harvest now, decrypt later (HNDL): traffic intercepted today can be stored and decrypted in the future — a real threat to long-secrecy communications (diplomatic, military, financial). This makes telecom operators, satellite communications, and government/enterprise private networks the core PQC-migration customer base.
Business relevanceCommunications (especially 5G/6G core, satcom, operator private networks) is a high-priority PQC vertical. The chain is: comms depend on classical crypto → QC threatens classical crypto → the scan/migrate products provide a compliant migration path. This is a sturdier story than "QC optimizing comms networks," and aligns with a Huawei 6G quantum-security engineer background — itself a strong credibility anchor in front of telecom/operator customers.
🔐
Quantum computing in cryptography
core thesis
Quantum computing and cryptography sit at both the threat and defense ends at once — and that duality is the core thesis the entire post-quantum business rests on.
I. How QC threatens today's crypto (attack side)
1. Shor's algorithm — breaks public-key. Proposed in 1994; factors large integers and solves discrete logs in polynomial time. Once a large-enough, low-error CRQC exists, RSA, ECC and Diffie–Hellman are fully broken — not weakened: the private key can be recovered directly.
2. Grover's algorithm — weakens symmetric crypto & hashes. Quadratic speedup on unstructured search: AES-128's effective strength drops to ~64 bits (still 2^64 operations — limited real threat), AES-256 to ~128 bits (still safe). This is why NIST's PQC standardization focuses on public-key crypto, while symmetric crypto just needs moderately longer keys.
3. Harvest now, decrypt later (HNDL). Even before a CRQC exists, attackers can intercept and store encrypted traffic now and decrypt it later. That is a real threat to long-secrecy needs — state secrets, medical records, IP — and is the core driver behind national PQC-migration timelines (US NSM-10, CNSA 2.0).
II. How crypto responds (defense side / PQC)
1. Lattice-based. NIST's ML-KEM (formerly Kyber, key encapsulation) and ML-DSA (formerly Dilithium, signatures) are built on lattice problems (e.g. LWE). No efficient quantum algorithm is known to solve them — the mainstream PQC direction, and the specialty of LAC co-designer Lu Xianhui (路献辉).
2. Hash-based signatures. SLH-DSA (formerly SPHINCS+) rests on hash-function security — the most mature, conservative foundation (hash resistance to quantum attack is better understood than lattice problems) — but signatures are large.
3. Code-based. HQC (selected by NIST as a backup KEM in March 2025) and Classic McEliece rest on error-correcting-code theory — long-standing (McEliece dates to 1978) and extensively studied for quantum resistance.
4. Multivariate / isogeny — proven unreliable. Both were once candidates, but Rainbow (multivariate signatures) was "broken over a weekend on a laptop" in 2022, and SIKE (isogeny-based KEM) was broken the same year. The key lesson: a "quantum-safe" label still has to survive long public cryptanalysis — not every such algorithm is actually secure.
Core meaning for the businessThe Scanner's value is finding RSA/ECC-dependent weak points (future Shor targets); the Migrator's value is replacing them with NIST-standardized ML-KEM/ML-DSA while staying compatible with GM/T (国密) standards. The dual-compliance (NIST + GM/T) angle — the US lattice direction and China's sovereign-algorithm path converge on the same mathematical security but differ in regulation — is the core selling point for Chinese customers.
Note for the BPMathematical security is only half the PQC risk — implementation-level software bugs are the other half. For example, a June 2026 paper by Daniel J. Bernstein showed that even NIST-standardized ML-DSA had signature-forgery vulnerabilities in several official implementations. So the Scanner should detect not just "is the right algorithm used" but also "does the implementation match known vulnerability patterns" — a differentiation point worth emphasizing in the roadmap / investor materials: not only algorithm-layer compliance, but implementation-layer security.