Three independent research teams, working on three separate continents, just published papers that converge on the same conclusion: breaking RSA-2048 encryption requires dramatically fewer physical qubits than anyone estimated five years ago. The trajectory is exponential, and nobody in the cryptography community is calling it theoretical anymore.
The progression tells the story. In 2012, estimates for cracking RSA-2048 ran from hundreds of millions to roughly one billion physical qubits. In 2019, Google Quantum AI researcher Craig Gidney estimated 20 million qubits. In May 2025, Gidney published updated findings showing it could be done with fewer than one million noisy physical qubits in under a week, a 20-fold reduction achieved entirely through algorithmic improvements, not hardware advances.
Then in February 2026, Sydney-based startup Iceberg Quantum unveiled its Pinnacle architecture. Using quantum low-density parity-check (QLDPC) codes instead of traditional surface codes, the team showed that RSA-2048 factoring could theoretically be achieved with fewer than 100,000 physical qubits. Another tenfold reduction. The accompanying $6 million seed round validated that investors took the math seriously.
The third paper landed in March 2026. Google Quantum AI, collaborating with the Ethereum Foundation and Stanford researchers, proposed breaking the elliptic curve cryptography that protects Bitcoin and Ethereum with fewer than 500,000 physical qubits in minutes rather than days. Google made an unprecedented decision: it withheld the actual attack circuits and released only a zero-knowledge proof of validity. The researchers were confident enough in the results that they treated the work as a security risk worth managing, not a theoretical exercise worth publishing freely.
Three papers. Three different qubit architectures. Three independent sets of assumptions. All pointing the same direction. The floor is dropping, and the pace is accelerating.
The policy response is already in motion, which is itself a signal. The NSA’s CNSA 2.0 framework mandates that all new national security systems be quantum-safe by January 2027. NIST finalized its post-quantum cryptography standards in August 2024. The FBI, NIST, and CISA collectively designated 2026 the “Year of Quantum Security.” Google set an internal 2029 deadline for complete post-quantum migration. When the agencies responsible for protecting classified communications start setting hard deadlines, they are working from intelligence assessments the public does not see.
Ethereum researcher Justin Drake, a co-author on the Google paper, called it “a monumentous day for quantum computing and cryptography.” He estimates at least a 10% probability that a quantum system could recover a private key by 2032. That may sound small. It is not. A 10% chance that the encryption protecting global financial infrastructure could be broken within six years is the kind of risk that moves policy. And governments are moving.
There are caveats worth noting. Iceberg’s results are simulations, not experimental demonstrations. QLDPC codes require qubit connectivity that has not been demonstrated at scale. Google’s paper covers elliptic curve crypto (relevant to cryptocurrency), not RSA directly. And none of these papers account for the engineering challenges of building and operating a quantum computer at the required scale with the required error rates. The math is ahead of the hardware. It has always been ahead of the hardware. But the gap is narrowing.
Laterstack has covered Iceberg’s Pinnacle architecture, Google’s 2029 PQC deadline, and the wave of quantum companies going public over the past two months. Each of those stories was a data point. This article is the trend line. When three teams, independently and within months of each other, converge on the same conclusion, it stops being a research curiosity. It becomes a planning horizon.
What This Means for Everyday People
The encryption protecting your bank account, your emails, your medical records, and your cryptocurrency was designed for a world where breaking it required billions of qubits and decades of patience. That assumption is being revised downward at an accelerating rate. You will not need to do anything immediately. But if your organization stores sensitive data that needs to remain confidential into the 2030s, the window to begin transitioning to post-quantum cryptography is now. Not when Q-Day arrives. Now. Because by the time the threat is confirmed, the data that was already intercepted and stored will be the first to fall. The intelligence community calls this “harvest now, decrypt later.” If you understand that phrase, you understand the urgency.