TaggartMar 3

As of 2026-03-02, the state of the art in quantum decryption has cracked a:

  • 22-bit RSA key
  • 6-bit elliptic curve key

https://forklog.com/en/quantum-computer-cracks-tiny-cryptographic-key

The IBM QC that cracked the 6-bit key uses 133 qubits.

Some new research suggests that RSA-2048 could be cracked with as "few" as 100,000 qubits.

https://www.newscientist.com/article/2516404-breaking-encryption-with-a-quantum-computer-just-got-10-times-easier/

(Paywall-free)

Such a machine...is not feasible to build any time soon.

So when your CISO or a vendor starts going off about "post-quantum" security, feel free to use this to remind them that we still have SMB1 in some places and Telnet in others. Plenty of work to do around the house.

Quantum Computer Cracks ‘Tiny’ Cryptographic Key | ForkLog

forklog.media
Show threadMerospit

@mttaggart Plenty of other issues to look into.

However, my query, as a non cryptographer, is whether the hybrid Q/non-Q encryption that seems to be popular gives valuable defense-in-depth, or does it add another attack surface through the extra software code.

Mar 6 at 9:12pmWeb
Show threadmike805Mar 6

@merospit @mttaggart There should be double encryption of the shared AES key, with post-quantum and ECC. And two different signatures, with post-quantum and ECDSA. If the developer does that and doesn't do something really dumb in the code, the result is at least as secure as regular ECC.

There was a proposal to allow post-quantum only. That is a Very Bad Idea. RSA and ECC have been studied for decades. These new PQ algos (excepting Merkle sigs) have not. Merkle sigs have huge re-use gotchas.