A new study by Google has significantly revised previous estimates about the capabilities of quantum computers, warning that these futuristic machines could break widely used encryption systems much sooner than previously anticipated.
The update has sparked concern across digital security sectors, especially among cryptocurrency investors.
Back in 2019, Google researchers predicted that it would take a quantum computer equipped with around 20 million qubits to break RSA-2048 encryption—an encryption method widely used to secure online communications and transactions.
However, in a research paper released on May 21, the same team reported that a quantum computer with just one million qubits could, in theory, crack RSA encryption within a week.
“This is a 20-fold decrease in the number of qubits from our previous estimate, published in 2019,” wrote Google researchers Craig Gidney and Sophie Schmieg in a blog post published on May 23.
RSA encryption and similar asymmetric cryptographic systems rely on mathematical problems that are easy to solve in one direction but extremely difficult to reverse without a secret key. For classical computers, factoring large numbers like those used in RSA-2048 encryption is virtually impossible within a reasonable timeframe. Quantum computers, however, have the potential to solve such problems exponentially faster using algorithms like the one proposed by mathematician Peter Shor in 1994.
Initially, it was believed that breaking RSA-2048 encryption would require a billion physical qubits. By 2012, that figure was updated to 20 million, and now it has been reduced again to one million, thanks to improvements in quantum algorithms and error correction techniques. These advancements have allowed researchers to reduce the number of required physical qubits while still accounting for the system’s inherent instability and error rates.
Despite the theoretical feasibility, current quantum machines are still far from meeting these requirements. Today’s quantum computers typically operate with only 100 to 1,000 qubits and face significant technical hurdles in scaling up to one million.
Nonetheless, the findings underscore the urgency of transitioning to post-quantum cryptography (PQC). Such a shift is necessary because encrypted data intercepted today could be stored and decrypted in the future when more powerful quantum machines become available—a strategy known as “store now, decrypt later.”
Google highlighted the importance of replacing encryption standards proactively. It noted that public signature keys, commonly used in systems like Bitcoin and other blockchain technologies, are particularly vulnerable because they are harder to replace and more attractive targets for quantum attacks.
“Asymmetric encryption standards need to be urgently replaced with post-quantum encryption standards,” the researchers warned.
In one example of how difficult it may be to adapt, a previous study from the University of Kent found that Bitcoin would need to go offline for nearly 300 days to fully integrate a post-quantum cryptographic protocol.
To address the growing threat, Google has been collaborating with the US National Institute of Standards and Technology (NIST) and other partners in academia, industry, and government to develop and promote the adoption of PQC.
“NIST recently concluded a PQC competition that resulted in the first set of PQC standards. These algorithms can already be deployed to defend against quantum computers well before a working cryptographically relevant quantum computer is built,” Google stated.