up:: Quantum Computing MOC

Quantum Fidelity

Quantum fidelity is a measure of how close a real quantum operation comes to the perfect, ideal version of that operation, usually written as a number between 0 and 1 or as a percentage. It applies to a single gate, to a stored qubit sitting idle, and to the final readout, and in every case 100% means flawless while anything less measures how much the hardware corrupted the state. Fidelity is the honest scorecard of quantum hardware, and it matters far more than the qubit count in a press release, because error correction only starts working once gate fidelity clears a specific threshold. Fidelity, not raw qubits, is the real gate to a machine that could break cryptography.

The short version:

  • Fidelity scores how faithfully a real quantum operation reproduces the ideal one, on a scale where 100% is perfect and the gap below it is the error the hardware introduced.
  • It comes in flavors: gate fidelity (how clean an operation is), qubit fidelity or memory fidelity (how well an idle qubit holds its state), and readout fidelity (how accurately a measurement is read).
  • Error correction has a threshold. The surface code tolerates a per-operation error rate as high as about 1%, so gates need roughly 99% fidelity or better before adding qubits helps rather than hurts (Fowler et al. 2012).
  • Higher fidelity means fewer physical qubits per logical qubit, so cleaner gates shrink the machine you need to break RSA. Fidelity, not qubit count, sets the pace toward a CRQC.
  • Leading hardware has only recently reached 99.9% fidelity on two-qubit gates (Acharya et al. 2024), which is why a code-breaking machine is still years away even as qubit counts climb.

An everyday way to picture it

Think of a photocopier where every copy is a copy of the previous copy. If each pass reproduces the page at 99.9% faithfulness, you can run it thousands of times before the text turns to mush. If each pass is only 90% faithful, the page dissolves into gray fuzz after a handful of copies. Fidelity is that per-copy faithfulness, and a quantum algorithm is an enormous stack of copies run one after another. Breaking cryptography with Shor’s algorithm means billions of operations in sequence, so even a tiny error per operation compounds into garbage long before the answer appears. That is why a fraction of a percent of extra fidelity changes everything, and why the number the hardware teams chase hardest is not how many qubits they have but how faithful each operation is.

What is quantum fidelity?

Quantum fidelity is a quantitative measure of how close one quantum state or operation is to another, and in practice it scores how close a real, noisy operation comes to its perfect textbook version. The formal definition, the overlap between the ideal state and the state the hardware actually produced, is standard in the field and appears in the canonical reference, Nielsen and Chuang’s Quantum Computation and Quantum Information (Cambridge University Press, 2010), in the chapter on distance measures for quantum information. A fidelity of 1 (or 100%) means the operation was flawless, and the amount below 1 is the error the hardware introduced.

The word gets attached to several different things, and it helps to keep them straight:

  1. Gate fidelity. How faithfully a single operation, like a two-qubit entangling gate, matches the ideal gate. This is the number that governs whether a deep computation can survive, and it is usually the tightest constraint.
  2. Qubit or memory fidelity. How well a qubit holds its state while sitting idle, which is closely tied to decoherence and coherence time. A qubit that decoheres is a qubit whose stored-state fidelity has decayed.
  3. Readout fidelity. How accurately the final measurement reads out the qubit’s value. Even a perfect computation is worthless if the answer is misread on the way out.

For a security professional, the one to watch is two-qubit gate fidelity, because two-qubit gates are the hardest to do cleanly and they dominate the error budget of any real algorithm.

How is quantum fidelity measured?

Fidelity is measured by running an operation many times and comparing what the hardware actually produced against what the ideal operation should have produced, then reporting the average agreement as a percentage. You cannot simply look at a single run, because measuring a quantum state collapses it and any one shot is noisy, so the fidelity of a gate is an average over many repetitions. No math is needed to grasp the idea: it is a batting average for a quantum operation, the fraction of its behavior that came out right.

The standard laboratory technique for gates is called randomized benchmarking, which strings together long random sequences of operations and watches how quickly the result decays away from the expected answer. The faster it decays, the lower the per-operation fidelity. Reporting an average this way is important, because a gate can look fine on a lucky run and still be too noisy to trust across the billions of operations a real attack requires. The number that ends up in a paper, “99.9% two-qubit gate fidelity,” is this benchmarked average, and it is directly comparable across machines.

What counts as good fidelity?

Good fidelity is defined by the error-correction threshold, and the practical bar is roughly 99% or better on two-qubit gates, with the truly comfortable zone starting around 99.9%. The reason there is a hard line at all is that quantum error correction only helps when the underlying operations are already clean enough. Below a certain physical error rate, adding more qubits to a logical qubit drives its error rate down. Above that rate, piling on qubits just adds more noise, and no amount of encoding rescues the computation.

For the leading scheme, the surface code, that threshold has been pinned down. The surface code tolerates a per-operation error rate as high as about 1%, which corresponds to roughly 99% gate fidelity, and for one standard circuit-level noise model the specific threshold is 0.57% per step, or about 99.4% fidelity.

Source: Austin G. Fowler, Matteo Mariantoni, John M. Martinis, Andrew N. Cleland, “Surface codes: Towards practical large-scale quantum computation,” Physical Review A 86, 032324, 2012, arXiv:1208.0928.

Clearing the threshold by a hair is not enough, though. Fowler and colleagues note that error rates just below the threshold demand very large numbers of physical qubits per logical qubit, while error rates well under the threshold, around one-tenth of it, let you build a logical qubit far more cheaply. So the target for practical machines is not “barely 99%” but comfortably past it, which is exactly why the recent arrival of 99.9% gates is such a milestone.

Two-qubit gate fidelityError per operationRelation to the surface-code thresholdSource
~99%~1%the highest per-operation error the surface code toleratesFowler et al. 2012
~99.4%0.57% per stepthe threshold for one standard circuit-level noise modelFowler et al. 2012
99.9%~0.1%recently demonstrated on leading many-qubit hardware, comfortably below thresholdAcharya et al. 2024

Sources: Austin G. Fowler et al., “Surface codes: Towards practical large-scale quantum computation,” Physical Review A 86, 032324, 2012, arXiv:1208.0928. Rajeev Acharya et al. (Google Quantum AI), “Quantum error correction below the surface code threshold,” Nature 638, 920-926, 2025, arXiv:2408.13687.

Why does fidelity decide whether we can break encryption?

Fidelity decides the timeline because it gates the two things a code-breaking machine needs, and it gates them before qubit count matters at all. A cryptographically relevant quantum computer has to run Shor’s algorithm against a real key, which is a computation billions of operations deep, and no physical qubit stays coherent for anywhere near that long. The only way through is error correction, and error correction only works once the physical operations are above the threshold fidelity. A chip can advertise thousands of qubits, but if its gates sit below threshold, those qubits cannot be error-corrected into anything trustworthy, and a Shor’s attack is impossible no matter how many there are.

This is why the honest read of quantum risk tracks fidelity and demonstrated error correction rather than the qubit record. The milestone that actually moved the needle was not a bigger chip. In December 2024, Google’s quantum team showed for the first time that a surface code runs below threshold, meaning a larger code produced a more reliable logical qubit instead of a noisier one:

  1. They encoded one logical qubit in a distance-7 surface code built from 101 physical qubits.
  2. That logical qubit’s error rate came out to 0.143% per cycle of error correction.
  3. Growing the code suppressed the logical error rate by a factor of about 2.14 at each step up in distance, the signature of operating below threshold.
  4. The encoded qubit outlived its best individual physical qubit by a factor of 2.4, so the error-correction overhead finally paid for itself.

Source: Rajeev Acharya et al. (Google Quantum AI), “Quantum error correction below the surface code threshold,” Nature 638, 920-926, 2025, arXiv:2408.13687.

The same paper puts the fidelity bar in plain numbers, noting that state-of-the-art many-qubit platforms have only recently demonstrated 99.9% fidelity entangling gates, far short of the error rates many applications ultimately want. So the field has just barely reached the fidelity where error correction becomes efficient, and everything downstream, including the threat to RSA, follows the pace of that fidelity climbing further.

Why does higher fidelity mean a smaller machine?

Higher fidelity means fewer physical qubits per logical qubit, so cleaner gates shrink the whole machine you would need to break cryptography. When physical operations are only a little below threshold, each logical qubit has to be woven from a very large number of noisy physical ones to average their errors away. When the operations are well below threshold, each logical qubit needs far fewer physical qubits to reach the same reliability. Fidelity and machine size trade directly against each other.

Source: Austin G. Fowler et al., “Surface codes: Towards practical large-scale quantum computation,” Physical Review A 86, 032324, 2012, arXiv:1208.0928.

The resource estimates for breaking RSA show this trade in action. As the assumed engineering and fidelity improve, the physical-qubit bill for the same attack falls steeply:

EstimatePhysical qubits to break RSA-2048RuntimeSource
Gidney and Ekerå, 2021~20 million noisy qubits8 hoursarXiv:1905.09749
Gidney, 2025under 1 million noisy qubitsunder a weekarXiv:2505.15917

Sources: Craig Gidney and Martin Ekerå, “How to factor 2048 bit RSA integers in 8 hours using 20 million noisy qubits,” Quantum 5, 433, 2021, arXiv:1905.09749. Craig Gidney, “How to factor 2048 bit RSA integers with less than a million noisy qubits,” 2025, arXiv:2505.15917.

Both estimates sit far beyond the roughly one hundred physical qubits per logical qubit demonstrated so far, and both assume fidelities and control systems the field has not reached at scale. Closing that gap is mostly a fidelity problem, and it is the actual work standing between today’s hardware and a machine that threatens your encryption.

Common misconceptions

  1. “A chip with more qubits is closer to breaking encryption.” Qubit count alone says almost nothing. Without gate fidelity above the error-correction threshold, extra qubits cannot be corrected into trustworthy logical qubits, and a deep algorithm still fails.
  2. “Fidelity and coherence time are the same thing.” They are related and different. Coherence time measures how long an idle qubit survives, while gate fidelity measures how cleanly an operation is performed. A machine can have decent coherence and still have gates too noisy for fault tolerance.
  3. “99% fidelity is basically perfect, so we’re almost there.” For a single gate it sounds excellent, but a cryptographic attack chains billions of gates, so a 1% error per gate compounds into certain failure. Fault-tolerant computing needs fidelity comfortably past the threshold and error correction on top.
  4. “Fidelity is one fixed number for a quantum computer.” It varies by operation and by qubit. Single-qubit gates, two-qubit gates, idle memory, and readout each have their own fidelity, and the weakest of them tends to set the practical limit.
  5. “Better fidelity only makes the machine faster.” Its bigger effect is on size. Higher fidelity lowers the number of physical qubits each logical qubit requires, which is what shrinks a code-breaking machine from tens of millions of qubits toward something buildable.

Questions people ask

Do I need physics to understand quantum fidelity? No. The single idea is that fidelity is how close a real quantum operation comes to the perfect one, scored as a percentage where 100% is flawless. Everything that matters for security follows from the fact that operations are imperfect and the errors pile up over a long computation.

What is a good fidelity number for a quantum gate? Roughly 99% is the floor where error correction with the surface code becomes possible, and around 99.9% is where it becomes efficient. Leading hardware reached 99.9% on two-qubit entangling gates only recently (arXiv:2408.13687), which is why fault-tolerant machines are still early.

Why does gate fidelity matter more than the number of qubits? Because error correction, the only way to run a deep algorithm, only works when gate fidelity is above the threshold. Below it, more qubits add more noise instead of more capability, so fidelity gates the whole enterprise before qubit count does.

What is the difference between gate fidelity and qubit fidelity? Gate fidelity scores how clean an operation is, while qubit or memory fidelity scores how well a qubit holds its state while doing nothing, which is tied to decoherence. Readout fidelity is a third kind, covering how accurately the final measurement is read.

How is fidelity actually measured? By running an operation many times and averaging how closely the results match the ideal, usually through a technique called randomized benchmarking for gates. The reported figure is an average over many runs, not a single lucky shot, which is what makes it comparable across machines.

Does higher fidelity make a code-breaking quantum computer smaller? Yes. Higher fidelity lowers the number of physical qubits needed per logical qubit, so the estimated machine to break RSA-2048 has shrunk from about 20 million physical qubits in 2021 to under 1 million in 2025 as assumed fidelities improved (arXiv:1905.09749, arXiv:2505.15917).

Is 99.9% fidelity enough to break encryption today? No. Reaching 99.9% on gates is what makes error correction efficient, but a CRQC also needs thousands of error-corrected logical qubits running a computation billions of operations deep. Good fidelity is necessary, and scaling it up across a huge machine is the remaining work.

Where does fidelity fit in the quantum threat timeline? It is the pacing item. The quantum threat timeline tracks how fast physical fidelity climbs and how efficiently error correction turns it into reliable logical qubits, because that pace, not the qubit-count record, decides when public-key cryptography is actually at risk.


Everything here is the map, given freely. When your team needs the fidelity-and-qubit-count reality translated into a risk picture and a dated plan for your own systems, that’s the work I do. Request an alignment briefing.

Last verified 2026-07-09 · Maintained by Addie LaMarr, LaMarr Labs.