Summary
The piece dismantles claims that RSA-2048 or RSA-4096 has been secretly cracked. Such assertions contradict physics, engineering realities, open research, observed government behavior, and the visible state of quantum supply chains. The guidance is blunt: do not reward unverifiable claims with budget or procurement. Ask for reproducible evidence.
At the same time, the quantum threat to classical public key crypto is real. Shor’s algorithm works, hardware is progressing, and resource estimates are falling. The author estimates Q-Day around 2030 plus or minus two years, and highlights harvest-now-decrypt-later risk for data that must remain confidential for years or decades.
The mature path is prepare without panic. Prioritize long-lived sensitive data, build a crypto inventory, and plan migrations to NIST-standardized post-quantum schemes with crypto agility and staged rollouts. Pilot PQC in TLS and VPNs, update key management and governance, and set vendor requirements that emphasize transparency and verifiable roadmaps.
Read more
See the original article at: https://postquantum.com/post-quantum/no-broken-rsa-2048-4096/