The timeline for quantum computers breaking modern encryption has been a topic of intense debate. For years, the consensus was that millions of physical qubits would be required, placing the threat in the distant future. However, a groundbreaking 2023 paper from Google's quantum AI team has dramatically altered the landscape. Their research suggests that breaking the widely used RSA-2048 encryption standard may require far fewer resources than previously thought.

From 20 Million to 1 Million Qubits

Previous estimates, such as the one published in a 2019 Google paper, placed the number of stable, error-corrected qubits needed to factor a 2048-bit RSA integer at around 20 million. This immense number provided a sense of security, as building such a machine seemed decades away. The new research introduces a more efficient method for performing the quantum computations, effectively reducing the estimated number of required qubits to the low millions, or potentially even less under ideal conditions. This represents a monumental leap forward in quantum algorithm efficiency.

The Implications of a Shorter Timeline

This reduction doesn't mean RSA is broken today, but it does mean the "Harvest Now, Decrypt Later" threat is more urgent than ever. Adversaries collecting encrypted data today are now operating on a much shorter timeline for when they can expect to decrypt it. For data that needs to remain secure for more than a decade—such as government secrets, financial records, and healthcare data—the risk has become acute.

The key takeaway is that the transition to Post-Quantum Cryptography (PQC) is no longer a theoretical exercise for the future; it is a practical necessity for the present. Organizations must begin the process of identifying their cryptographic assets and planning their migration to NIST-approved PQC standards immediately.