The Quantum Clock is Ticking, and There's No Deadline
|
Q-day, the point at which quantum computers can break today's public-key encryption, is “definitely coming and no longer theoretical,” says Haw Jing Yan, a senior research fellow at the National University of Singapore’s (NUS) Centre for Quantum Technologies to GovWare. And it may arrive sooner than organisations are prepared for. A 2025 Google paper estimated that RSA 2048 could be broken by Shor’s algorithm with fewer than one million noisy qubits – down from 20 million previously; a new paper in March 2026 suggests that as few as 10,000 reconfigurable atomic qubits is enough to run the algorithm at scale. This is a dramatic collapse in the resources required. Yet many organisations haven't even begun cataloguing which of their systems are at risk. The clock is ticking. Haw warns that harvest now, decrypt later attacks, where adversaries capture encrypted data today for future quantum computers to crack, is a real and present concern. Which raises an unsettling question for any organisation handling data that needs to stay confidential for years: what if the breach has already happened? When Cryptography Fails, Trust FollowsThe quantum threat isn't just a cryptographic problem for the technologists to solve. It's also a business one. Alejandro Montblanch, Quantum Safety Lead at HSBC, explained in a separate call: “The biggest risk for commercial companies is a loss of trust. If a company was not quantum safe by the appropriate time, how can that company claim that they are upholding the appropriate cyber security standards?” And the exposure runs deeper than most realise. “One of the biggest threats from quantum computers is being able to steal digital identities,” he adds. “Public-key infrastructure (PKI) is built on asymmetric cryptography. If the cryptography underpinning your certificates can be broken, you lose trust in digital identities.” Haw paints an even wider picture. Digital signatures, VPNs, IPsec tunnels – all still rely on PKI and will need to be upgraded, he says. Even things that happen in the background, such as firmware updates, typically rely on PKI too. “Supply chain security will also be impacted,” Haw warns. And because zero trust architectures depend on continuous cryptographic authentication, they too are built on foundations that quantum computers can crack. “Zero trust needs to be not just zero trust, but also quantum safe. There's another layer,” says Haw. The technical breadth is daunting. But for Montblanch, the risk that concentrates minds isn't any single vulnerability. It's reputational. “No one wants to be the first to be hacked by a quantum computer,” he says. “The moment that happens, that organisation will be in a really bad state.” Migration is Harder Than You ThinkKnowing you're vulnerable is one thing. Doing something about it is another. “Some people might be tempted to underestimate how incredibly difficult becoming quantum safe is,” says Montblanch, who noted that the challenge isn't simply swapping out one algorithm for another. “Large organisations have many internal services. Those internal services talk to each other and they affect each other, not only internally but also externally. You depend on your vendors and your third parties, which at the same time depend on you.” If that sounds like Y2K, it is, only much worse. Montblanch agrees: “This is considerably more difficult, especially because of those interdependencies. But also because there is no fixed deadline. If we had a set deadline, that would probably encourage people to go ahead.” With Y2K, the countdown was visible. With Q-day, nobody knows when the clock hits zero. Haw sees the same problem from the technical side. “When people start to look at this issue, they realise it's definitely a years long, if not decade-long effort to migrate,” he says. And not every system can be patched. IoT devices with limited processing power may need to be replaced entirely, either at end of life or sooner. Then there's a subtlety that both speakers flag independently: the new NIST post-quantum algorithms, while the best available defence, haven't been tested by time the way RSA and Diffie-Hellman have. “It might be the case that someone comes along one day and breaks them,” Montblanch cautions. Migration, in other words, isn't a destination. It's a rolling programme. So when does it need to start? "When regulators say you need to be ready by 2030 for critical systems and 2035 for the rest, that timeline is appropriate,” says Montblanch. “But only if you move soon enough.” A Burden Worth EmbracingSo where do organisations actually start? Haw's answer is practical: get visibility first. “You definitely need visibility on how your cryptography mechanisms work in your enterprise. Which ones are the priority, what algorithms are being used, and all the dependencies. Only after you identify those can you start to perform the migration.” The next priority is making sure you never have to do this from scratch again. Both are clear on the single most important principle: make sure your systems can be upgraded again. “Cryptographic agility is definitely the most important one,” says Montblanch. “Making sure you set up the architectures, the structures, the governance and the policies to facilitate a subsequent second migration to other algorithms, if the first ones were to be broken.” Haw frames it in engineering terms: “We deploy our systems with the mindset that the algorithms underpinning them can be upgraded more easily. You can design your system to be more modular to allow for such crypto agility.” He also advocates layering defences rather than betting on a single solution. “You can have the hybrid of quantum key distribution and post-quantum cryptography. This is what we call defence in depth: multiple layers to make sure your availability and resilience are always guaranteed.” None of that is worth much, though, if the organisation treats migration as a chore to survive rather than a change to leverage. “Don't treat this as just a burden. This is going to be one of the largest technology changes over the next 10 years. You're going to go so deep into your systems, your architectures, your governance policies. Use it not only for upgrading, but to drive opportunity and innovation in your organisation.”
– Alejandro Montblanch, Quantum Safety Lead, HSBC |
