What Is Really at Risk Right Now

Everything encrypted today with RSA or elliptic curve cryptography is potentially vulnerable to harvest-now-decrypt-later attacks. This includes: - Banking systems and financial transaction records - Healthcare records and medical communications - Government classified intelligence and diplomatic cables - Military command systems and weapons program designs - Corporate intellectual property and trade secrets - Legal communications and attorney-client privilege documents - Cryptocurrency wallets and private keys - Criminal investigation files and undercover operations - Personal emails going back decades The attacker does not need a quantum computer today. Hard drives and bandwidth are cheap. The collection is happening now. The decryption comes later.

The Standards Are Not Perfect Either

NIST finalized three post-quantum standards, but cryptography is a moving target. ML-KEM and ML-DSA are based on lattice problems, a mathematical foundation that has not been tested in production for decades the way RSA has. Researchers are already examining potential weaknesses. Meanwhile: - China has developed competing post-quantum algorithms incompatible with NIST standards - Russia is developing separate alternatives - If quantum computers arrive before international standards align, we face a fragmented encryption landscape that actually reduces global security

The Economic Blindspot Most Organizations Have

Post-quantum migration estimates range from hundreds of billions to trillions of dollars globally. Compare that to what organizations have actually budgeted: | Organization Type | Estimated Migration Cost | Typical Annual Security Budget | Years of Security Budget Required | |---|---|---|---| | Large bank | $50-200 million | $500 million | 0.1-0.4 years | | Mid-size hospital | $5-20 million | $10 million | 0.5-2 years | | Small city government | $500k-2 million | $800k | 0.6-2.5 years | | Rural school district | $100k-500k | $50k | 2-10 years | The organizations with the least resources are protecting some of the most vulnerable people. They will lag. They always do.

Is the quantum threat really as urgent as critics say?

Yes, and possibly worse. The March 2026 breakthroughs showed that expert projections were wrong by an order of magnitude on qubit requirements. When specialists are off by a factor of 100 on requirements, their timeline estimates deserve serious scrutiny. Organizations responsible for sensitive data should be treating this as urgent today, not in five years.

Will governments force organizations to migrate in time?

Governments can mandate, but enforcement is uneven. Large banks will upgrade because financial regulators have teeth. Small hospitals, rural governments, nonprofits, and schools will lag significantly because they lack the budget and technical staff. The people whose data is most sensitive are often the least protected.

Is it safe to assume cloud providers will handle this for you?

Partially. Major cloud providers are migrating their infrastructure and that protects data in transit and at rest on their systems. But it does not protect data in your applications, in your on-premises systems, in your legacy databases, or in data that was already stolen years ago and is sitting in an adversary's encrypted archive.

What should individuals do right now to protect themselves?

Use end-to-end encrypted messaging apps that are already implementing post-quantum encryption, such as Signal's PQXDH protocol. Store sensitive long-term documents with services that advertise quantum-resistant encryption. Do not assume your bank, hospital, or employer has solved this problem yet. Ask them directly. Pressure organizations you rely on to publish their quantum readiness timelines.

TechnologyApril 6, 202612 min read

Is Quantum Computing a Threat to Your Data Encryption?

March 2026 breakthroughs show quantum computers could crack RSA encryption much sooner than expected. Should you worry?

⇄This article presents 2 perspectives — read both to form your own view.

DSC

Dr. Sarah Chen

Cybersecurity Infrastructure Analyst

The Future of Encryption Is Already Being Built

Quantum computers pose a real threat, but we have nearly a decade to respond, and the global infrastructure is already rising to meet the challenge. Yes, March 2026 brought sobering research from Google and Oratomic suggesting quantum computers could break current encryption with just 10,000 qubits instead of millions. Yes, that is faster than expected. But here is what the doom-and-gloom narrative consistently misses: the quantum threat has been known since 1994. We have been preparing for this moment for 30 years.

The National Institute of Standards and Technology finalized three post-quantum cryptography standards in August 2024. FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA) are mathematically proven, battle-tested, and ready to deploy today. These are peer-reviewed algorithms that survived a 10-year international competition involving the world's best cryptographers. Organizations are not scrambling in the dark. They are following a published roadmap.

The Real Qubit Gap: Where We Are vs. Where Danger Begins

Let's be precise about the timeline. Here is what the numbers actually look like:

Encryption Standard	Qubits Needed to Break It	Best Quantum Processor Today	Gap Factor
P-256 (Elliptic Curve)	~10,000 qubits	~400-500 qubits	20-25x
RSA-2048	~26,000 qubits	~400-500 qubits	52-65x
AES-128 (symmetric)	~2,953 qubits (Grover)	~400-500 qubits	6-7x
AES-256 (symmetric)	Effectively immune	N/A	Safe

Most serious quantum computing experts estimate we are looking at 5 to 10 years before quantum computers pose a practical threat to today's encryption. That gives us time. Organizations do not need to rip out all existing systems overnight.

Who Is Already Migrating

The migration is happening right now, not in some distant future:

Microsoft Azure announced hybrid quantum-resistant encryption in 2025
Google Cloud is rolling out post-quantum TLS support across all regions
AWS customers can already use quantum-safe Key Management Service options
The European Union mandated quantum-safe transitions for critical sectors by end of 2026
India's National Quantum Mission invested $725 million in indigenous quantum-safe infrastructure
US federal agencies are operating under a hard 2035 migration deadline from CISA

This is coordinated, funded, scheduled action. Not panic.

Why Crypto-Agility Changes Everything

Crypto-agility, the ability to swap encryption algorithms without breaking systems, is now a core design principle for modern infrastructure. Major banks conducting cryptographic inventories are finding that only 20 to 30 percent of their systems need immediate quantum-resistant updates. The rest can be handled on a measured timeline.

The global post-quantum cryptography market grew from $420 million in 2025 to an expected $2.84 billion by 2030. That is not fear money. That is planned investment from organizations that have assessed the risk and are acting deliberately.

What About Your Data Today

Here is the most important reality check: even if a quantum computer capable of breaking RSA emerged tomorrow, your bank password and last year's medical records would not instantly become readable. Encryption is not a light switch. Attackers would need to actually possess both the encrypted data and a working quantum computer simultaneously.

The real concern is "harvest now, decrypt later," where adversaries steal encrypted data today to decrypt it in the future. This threat has been understood since at least 2015. The countermeasure is straightforward: encrypt new sensitive data with quantum-resistant algorithms now. That is exactly what responsible organizations are already doing.

The Overlooked Upside of Quantum

Media coverage fixates on the cryptanalysis threat and ignores what quantum computing actually does well today. Quantum computers are already producing breakthroughs in:

Drug discovery and molecular simulation
Materials science and battery development
Logistics optimization for supply chains
Climate modeling and financial risk analysis

Governments are investing in quantum because it solves real, immediate problems. The encryption threat is real but it is not the primary driver of quantum development anymore.

Frequently Asked Questions

No. Quantum computers capable of breaking current encryption are still 5 to 10 years away from being practical. Passwords are also protected by completely different systems, including hashing, salting, and key derivation functions, not just RSA. Even if RSA encryption were broken, properly implemented password systems would remain secure.

Yes. NIST's finalized standards are based on entirely different mathematical problems than RSA and elliptic curve cryptography. They survived a rigorous 10-year international competition with thousands of cryptographers trying to break them. They are designed to resist attacks from both classical and quantum computers.

Not necessarily. Crypto-agility means systems can be updated to support new algorithms without complete rewrites. Most organizations will run hybrid setups for a transition period, supporting both legacy and quantum-resistant algorithms simultaneously while gradually shifting over.

Estimates range from 2 to 5 percent of IT budgets for organizations with large cryptographic footprints. For most businesses, the cost is manageable when spread across a 4 to 5-year migration window. Major cloud providers are absorbing a significant portion of the cost for their customers.

🌙

Now read The Critical Take

You've read one side. Switch perspectives to get the full picture.

Editorially reviewed on April 6, 2026

Share:X LinkedIn