China breaks RSA encryption using a quantum computer, igniting post-quantum urgency

Researchers in China have achieved a significant proof-of-concept in quantum computing, successfully decrypting an RSA encryption using a D-Wave Advantage quantum computer. While the achievement involved a relatively small 50-bit integer, far weaker than modern encryption standards, the study published in the Chinese Journal of Computers has reignited warnings about the impending threat quantum computers pose to current cryptographic technologies.

The research utilized quantum annealing, a process that leverages quantum fluctuations to optimize problem-solving. The D-Wave Advantage machine, with its 5,760 qubits, was able to break the challenged RSA encryption, demonstrating the theoretical power of quantum machines against a foundational element of modern digital security.

However, experts stress the critical distinction between this proof-of-concept and a threat to widely used encryption. Modern RSA encryption relies on 1024- to 2048-bit integers, which are exponentially more complex to break.

A 50-bit integer has approximately 9.67×1016 possible values, whereas a 2048-bit integer boasts an astronomical 3.231×10616 possible values. This vast difference in key length means that current mainstream encryption remains secure against today's quantum capabilities.

Still, the rapid progress in quantum computing is undeniable. David Carvalho, founder and CEO of decentralized post-quantum infrastructure Naoris Protocol, described the Chinese breakthrough as a wake-up call.

He noted the alarming speed of progression from 19-bit to 22-bit encryption challenges, stating, "It’s clearly only a matter of time until quantum computers can break highly secure algorithms, and that time is quickly running out. It’s complacent to assume we even have five years left before RSA encryption can be broken, it’s more like 24-36 months."

Quantum computing experts like Michele Mosca estimate a one-in-seven chance of significant encryption breaches by next year, with IBM also highlighting quantum as an "existential threat" to data encryption.

This urgency has led to a push for "post-quantum cryptography" (PQC), which employs algorithms designed to withstand attacks from quantum computers. Organizations like the National Institute of Standards and Technology (NIST) are actively developing and recommending PQC standards, with some already finalized.

"To be safe, companies looking to protect encrypted data or digital assets must already transition to post-quantum cryptography this year – this is a recommendation from the National Institute of Standards and Technology (NIST) itself," Carvalho emphasized. "Every single day this is delayed, cybercriminals are getting closer to hacking every system that matters, and once hacked, what’s lost can never be recovered. It’s getting far too close for comfort now."