From Quant Optimisation to Quantum Threat Models
Way back in 2015, Professor Michele Mosca, a leading expert in quantum computing research, estimated the odds of a quantum computer capable of breaking RSA-2048 (an RSA cryptosystem using 2048-bit private and public keys) to happen by 2026 and 2031 at 1/7 and 1/2 respectively.
The graphics above illustrates the urgency of early and timely migration to post-quantum secure systems, which I designed with thanks to Claude AI. When the security shelf‑life of your protected information is x years, and the migration to quantum‑safe systems requires y years, but the collapse time – the moment your adversaries gain quantum capability – is also y years, the only rational conclusion is that the countdown has already begun. And hurried implementation is expensive and disruptive. But if done right, upgrading to a post-quantum cryptography becomes part of lifecycle management, namely rebuild the foundations of cyber security to be stronger, a more robust and resilience system, namely a fit-for-purpose lifecycle management protocol, rather than crisis management.
Well, I am fortunate, because for my Oxford University Innovation start-up, we are building from scratch, rather than fixing the dangerous problem of catching obsolescence and loose bits. But way back when I managed a large quant fund, security looked different than my modern OUI start-up tech deck.
How my quant fund algorithm fits into the cryptography story
When I managed the Japan Quant Fund at Barclays Global Investors, our optimisation engines were built on convex optimisation, quadratic programming, factor models and stochastic processes, the classical mathematical machinery of quantitative finance.
That algorithm had three layers of protection:
- Model secrecy – the exact structure of our optimiser, constraints and factor exposures were proprietary.
- Data asymmetry – only we portfolio managers had the real‑time signals, risk models and covariance matrices.
- Computational difficulty – even if someone guessed the structure, they could not replicate the performance without the data, calibration and tuning.
In other words, our edge came from information advantage, mathematical structure and execution speed. This is exactly the same triad that protects modern cryptography, believe it or not.
How protected was my algorithm?
The optimiser used to manage my quant fund was protected in the same way RSA is protected today:
- Not because it was impossible to understand.
- But because it was impossible to reconstruct, replicate, or invert without the internal parameters.
My optimisation security protection was in the mapping mapping:
Inputs (signals, risk models, constraints) >> Optimal portfolio weights
An adversary observing only the outputs could not infer the internal structure (though I would like to caveat that some other market players could sort of second guess our trades). This is mathematically analogous to the one‑way functions used in cryptography.
But here is the key difference:
My algorithm was protected by secrecy and complexity. Cryptography is protected by hardness assumptions.
And hardness assumptions are exactly what Shor’s algorithm destroys.
What was my market advantage?
Our funds were successful and were sold to BlackRock. Apart from our size, our market advantage came from:
- Speed — solving a large optimisation problem faster than competitors.
- Stability — better-conditioned covariance matrices, better shrinkage, better risk control.
- Structure — constraints and factor exposures that encoded your investment philosophy.
- Execution — the ability to rebalance efficiently and systematically.
This is the same structure that gives cryptography its advantage:
- Speed of encryption
- Stability of the mathematical structure
- Difficulty of inversion
- Systematic, repeatable security guarantees
But here is the punchline:
In finance, if someone reverse‑engineered your optimiser, you lost alpha. In cryptography, if someone breaks RSA, the world loses security.
My old algorithm was a competitive edge. Cryptography is a civilisation‑level edge. Click here to download my assignment on the six things I would do differently if I were to build an algorithm today for maanging quant funds.
