In 2004, Rupert Ursin and his team at the University of Vienna teleported a photon across 600 metres under the Danube River. It was the first time quantum teleportation had been demonstrated outside a laboratory. Three years later, the same team transmitted entangled photons between two of the Canary Islands — La Palma and Tenerife — over a distance of 144 kilometres. The experiment was run from a telescope on La Palma, at 2,400 metres above sea level, aimed at a receiver on Tenerife. It set a world record and demonstrated that long-distance quantum communication was not merely theoretically possible. It was real.
Two decades later, Ursin has founded zerothird GmbH, a Vienna-based company that is commercialising the technology he spent a career proving. The physics has not changed. But the urgency has.
Why Encryption Is Broken — and Why Most People Do Not Know It Yet
The encryption that protects most digital communication today — the RSA and elliptic curve cryptography that secures banking systems, government networks, and internet infrastructure — is based on mathematical problems that are computationally hard. Specifically, it relies on the fact that factoring large numbers or solving certain logarithm problems takes classical computers an impractically long time. A key long enough to be secure today is assumed to be secure tomorrow, because the computational cost of breaking it grows faster than the cost of generating it.
Quantum computers change this assumption fundamentally. Shor’s algorithm, developed in 1994, can factor large numbers exponentially faster on a quantum computer than on any classical machine. The practical implication is stark: a sufficiently powerful quantum computer — one that does not yet exist at scale, but that multiple national programmes and private companies are actively building — could break most of today’s public-key encryption infrastructure in hours rather than the millennia it would take a classical computer.
The most immediate threat is not the future quantum computer. It is an attack strategy that security researchers call “harvest now, decrypt later.” Adversaries with the resources and patience — nation-state intelligence agencies are the obvious candidates — are already collecting encrypted communications and storing them. When a sufficiently powerful quantum computer arrives, that stored data becomes readable. Medical records, financial transactions, diplomatic communications, infrastructure access credentials. Everything encrypted today is a potential target for tomorrow’s quantum computer. The window to act is not when quantum computers arrive. It is now.
The zerothird Approach: Security From Physics, Not Mathematics
Classical encryption secures data by making the problem of breaking it computationally expensive. Quantum key distribution secures data by making the act of eavesdropping physically detectable. This is the distinction that Ursin has spent his career establishing in the laboratory and that zerothird is now deploying in the field.
zerothird uses entanglement-based QKD. In classical QKD, a key is generated at one point and transmitted to another: if an eavesdropper intercepts the transmission, they disturb the quantum states and the intrusion is detectable. In zerothird’s entanglement-based approach, no key is ever transmitted. Instead, pairs of entangled photons are distributed to both endpoints. Each endpoint measures its photon independently, and the correlated results of those measurements generate identical keys at both locations — simultaneously, without any key having passed through the network. The entanglement is the key.
As Ursin has explained: “If a third party tries to eavesdrop, the system immediately sounds the alarm — because entanglement is gone.” Any interception attempt destroys the entanglement and is immediately detected. The security guarantee is not computational. It is a consequence of quantum mechanics. To decrypt the communication, an adversary would need to violate the laws of physics.
From the Lab to Critical Infrastructure
zerothird GmbH, founded in April 2023, is building this capability as a deployable service. The company’s Key-as-a-Service model is designed for the critical infrastructure operators whose need for quantum-secure communication is most urgent: power grid operators, financial institutions, government agencies, and the operators of autonomous vehicle networks that depend on real-time communication integrity. These are not early adopters of experimental technology. They are organisations with a security obligation that the current mathematical cryptography infrastructure cannot guarantee for the decade ahead.
Ursin brings to this commercial challenge the credibility of an academic career that includes co-authorship of a loophole-free Bell inequality test — one of the most precisely designed experiments in the history of physics, ruling out entire classes of alternative explanations for quantum behaviour. He was recognised in the 2025 Quantum 100 list of the world’s most influential quantum technology figures. His TED Talk on quantum cryptography has reached a global audience. He is, in the clearest possible sense, the person who has earned the right to say the technology works — and to explain why the transition from proof-of-concept to infrastructure is now a matter of urgency rather than optionality.
Implications
- For security decision-makers: The harvest-now, decrypt-later threat is not theoretical. Organisations holding sensitive data that must remain confidential for more than a decade need a migration plan to quantum-safe communication today — not when quantum computers arrive. zerothird’s service is designed for exactly this transition.
- For the AI and digital infrastructure ecosystem: AI systems depend on secure communication between distributed compute, between data centres, and between AI models and the infrastructure they interact with. Quantum-secure communication is not a niche concern for post-quantum cryptographers. It is a foundational requirement for trustworthy AI at scale.
- For conference attendees: Ursin will bring to Vienna one of the most technically grounded perspectives on quantum security available outside of a physics department — translated into the language of operational risk, infrastructure investment, and the strategic calculus that organisations need to act on now, not later.
Rupert Ursin joins Human × AI on May 19, 2026, in Vienna.