Skip to content
Suggest a term
MixedTechnologyLast updated: June 1, 2026

Quantum computers will instantly break all encryption

Quantum computers capable of breaking today's encryption do not yet exist but are becoming plausible within a decade. The process would not be instant; it would target specific algorithms. NIST finalized post-quantum cryptography standards in 2024 to prepare for this transition.

What we know

Shor's algorithm, described in 1994, proves that a sufficiently powerful quantum computer could factor large numbers and solve discrete logarithm problems exponentially faster than classical computers. This would break RSA, the Diffie-Hellman key exchange, and elliptic curve cryptography, which together protect most internet communications. The crucial word is 'sufficiently powerful': implementing Shor's algorithm at the scale needed to break 2048-bit RSA requires millions of error-corrected logical qubits, and current machines have at most a few hundred physical qubits with high error rates.

Progress has accelerated. In late 2024 and early 2025, multiple research groups including from Google and a neutral-atom computing startup released results that dramatically reduced qubit estimates for breaking elliptic curve cryptography P-256 from earlier projections of 200 million physical qubits to potentially 10,000. These advances prompted Google to set a 2029 internal migration target, Cloudflare to target 2029 as well, and IBM's Quantum Safe division to warn that Q-Day could occur as early as 2029 to 2030.

However, three caveats are essential. First, 'breaking encryption' would not be instant: even with a capable quantum computer, running Shor's algorithm against a target takes hours to days of compute time, not seconds. Second, symmetric encryption (AES-256) and hashing algorithms are far more quantum-resistant and require only modest adjustments (doubling key length). Third, NIST finalized three post-quantum cryptography standards in 2024 (including CRYSTALS-Kyber for key encapsulation and CRYSTALS-Dilithium for signatures), providing quantum-resistant replacements that organizations can begin implementing now.

The 'instantly break all encryption' framing is inaccurate because it implies immediacy, universality, and current capability, none of which is true.

Common claims

  • Quantum computers can already break encryption.False. Cryptographically relevant quantum computers do not yet exist.
  • When quantum computers arrive, all encrypted data will be instantly accessible.Overstated. Breaking specific keys would take hours or days, not seconds.
  • There is nothing we can do to prepare for quantum threats.False. NIST finalized post-quantum cryptography standards in 2024.

Evidence hierarchy

01Cloudflare Targets 2029 for Full Post-Quantum SecurityCloudflare blog explaining why 2025 research breakthroughs have accelerated Q-Day timelines to 2029-2030.02What Is Q-Day? Quantum Computing and Cyber Risk - Palo Alto NetworksExplanation of Q-Day concept, current expert timelines (2030s), and NIST post-quantum standard status.03When Will Quantum Decryption Become Practical? - ResilienceTechnical timeline analysis showing qubit requirements fell from 20 million to under 1 million physical qubits for RSA-2048.

All sources

Related terms

Blockchain is completely unhackablePrivate browsing stops all trackingMore CPU cores always means a faster computer