New Google Research Shows RSA 2048 Could Be Broken Sooner Than Expected

Google Quantum AI has just published a new paper that sharpens the timeline for the end of RSA 2048. The researchers announced that a future quantum computer with roughly 1 million qubits and advanced error correction could break 2048-bit RSA in about one week, a significant shift from earlier estimates.
For years, the timeline for when RSA and other classical encryption methods might fail has been measured in decades. In 2019, the estimate was roughly 20 million qubits, making a quantum attack feel like a long-off threat. Today, thanks to advances in both algorithms and error correction, that estimate has shrunk to roughly 1 million qubits, a 20-fold reduction.
Here’s how this happened:
This shift is making the quantum threat to RSA far more concrete and closer than many anticipated.
RSA and elliptic curve encryption form the foundation of internet trust. They protect everything from HTTPS traffic to digital signatures that validate software and devices. As this new paper from Google Quantum AI highlights, the risk of “harvest now, decrypt later” attacks is no longer theoretical. Sensitive data captured today could be decrypted by a future quantum computer if not properly protected.
Recognizing the growing threat, NIST has issued draft guidelines that lay out a concrete timeline:
These milestones aren’t arbitrary. They underscore the urgency for organizations to assess their cryptographic posture and move toward post-quantum cryptographic (PQC) standards like FIPS 203 (CRYSTALS-Kyber) and FIPS 204 (CRYSTALS-Dilithium).
At Encryption Consulting, we help organizations stay ahead of these milestones with expert PQC Advisory Services. Our team works closely with you to:
With the timeline for viable quantum attacks drawing closer, the shift from traditional encryption to PQC isn’t a question of “if” anymore, it’s a question of “when” and “how soon.”
Read More: https://security.googleblog.com/2025/05/tracking-cost-of-quantum-factori.html