This work addresses the classically intractable integer factorization problem for $n$-bit integers of the form $P^2 Q$, where $log Q = Theta(n^a)$ and $a in (2/3,1)$. We present the first quantum circuit achieving sublinear resource consumption. Methodologically, we integrate the Li–Peng–Du–Suter square-free factorization framework, devise the first space-efficient quantum algorithm for computing the Jacobi symbol, and incorporate optimized modular arithmetic and circuit compression techniques. Our contributions are threefold: (i) achieving $widetilde{O}(log Q)$ qubits and circuit depth, and $widetilde{O}(n)$ quantum gates; (ii) solving this classically hard factorization problem in polynomial time using sublinear qubits—the first such result; and (iii) extending the proposed Jacobi symbol algorithm to quantum GCD and modular inversion. The design combines theoretical rigor with experimental feasibility, making it one of the most practical and classically verifiable candidates for quantum advantage to date.

We present a compact quantum circuit for factoring a large class of integers, including some whose classical hardness is expected to be equivalent to RSA (but not including RSA integers themselves). Most notably, we factor $n$-bit integers of the form $P^2 Q$ with $log Q = Theta(n^a)$ for $a in (2/3, 1)$ in space and depth sublinear in n (specifically, $ ilde{O}(log Q)$) using $ ilde{O}(n)$ quantum gates; for these integers, no known classical algorithms exploit the relatively small size of $Q$ to run asymptotically faster than general-purpose factoring algorithms. To our knowledge, this is the first polynomial-time circuit to achieve sublinear qubit count for a classically-hard factoring problem. We thus believe that factoring such numbers has potential to be the most concretely efficient classically-verifiable proof of quantumness currently known. Our circuit builds on the quantum algorithm for squarefree decomposition discovered by Li, Peng, Du, and Suter (Nature Scientific Reports 2012), which relies on computing the Jacobi symbol in quantum superposition. The technical core of our contribution is a new space-efficient quantum algorithm to compute the Jacobi symbol of $A$ mod $B$, in the regime where $B$ is classical and much larger than $A$. Our circuit for computing the Jacobi symbol generalizes to related problems such as computing the greatest common divisor and modular inverses, and thus could be of independent interest.