New Google Research Shows RSA 2048 Could Be Broken Sooner Than Expected

Google Quantum AI has just published a new paper that sharpens the timeline for the end of RSA 2048. The researchers announced that a future quantum computer with roughly 1 million qubits and advanced error correction could break 2048-bit RSA in about one week, a significant shift from earlier estimates.

A Quantum Breakthrough with Implications

For years, the timeline for when RSA and other classical encryption methods might fail has been measured in decades. In 2019, the estimate was roughly 20 million qubits, making a quantum attack feel like a long-off threat. Today, thanks to advances in both algorithms and error correction, that estimate has shrunk to roughly 1 million qubits, a 20-fold reduction.

Here’s how this happened:

Better Algorithms: New advances in approximate modular exponentiation drastically reduce the number of qubits required for factoring.
Improved Error Correction: New error-correcting techniques, like a second-layer approach and “magic state cultivation,” sharply reduce the required overhead for calculations.

This shift is making the quantum threat to RSA far more concrete and closer than many anticipated.

What This Means for Encryption Today

RSA and elliptic curve encryption form the foundation of internet trust. They protect everything from HTTPS traffic to digital signatures that validate software and devices. As this new paper from Google Quantum AI highlights, the risk of “harvest now, decrypt later” attacks is no longer theoretical. Sensitive data captured today could be decrypted by a future quantum computer if not properly protected.

NIST’s Timelines for Action

Recognizing the growing threat, NIST has issued draft guidelines that lay out a concrete timeline:

By 2030: Vulnerable public key cryptosystems should be deprecated.
By 2035: Vulnerable systems must be completely disallowed.

These milestones aren’t arbitrary. They underscore the urgency for organizations to assess their cryptographic posture and move toward post-quantum cryptographic (PQC) standards like FIPS 203 (CRYSTALS-Kyber) and FIPS 204 (CRYSTALS-Dilithium).

How Encryption Consulting Can Help?

At Encryption Consulting, we help organizations stay ahead of these milestones with expert PQC Advisory Services. Our team works closely with you to:

Assess your quantum threat exposure and inventory cryptographic assets.
Build a tailored roadmap for PQC migration aligned with NIST and CISA standards.
Identify and implement the right post-quantum algorithms (FIPS-203, FIPS-204, FIPS-205, FIPS-206).
Perform gap analyses and proof-of-concept trials for PQC deployments.
Minimize disruption while ensuring long-term protection against quantum threats.

With the timeline for viable quantum attacks drawing closer, the shift from traditional encryption to PQC isn’t a question of “if” anymore, it’s a question of “when” and “how soon.”