As of 2026-03-02, the state of the art in quantum decryption has cracked a:

• 22-bit RSA key
• 6-bit elliptic curve key

https://forklog.com/en/quantum-computer-cracks-tiny-cryptographic-key

The IBM QC that cracked the 6-bit key uses 133 qubits.

Some new research suggests that RSA-2048 could be cracked with as "few" as 100,000 qubits.

https://www.newscientist.com/article/2516404-breaking-encryption-with-a-quantum-computer-just-got-10-times-easier/

(Paywall-free)

Such a machine...is not feasible to build any time soon.

So when your CISO or a vendor starts going off about "post-quantum" security, feel free to use this to remind them that we still have SMB1 in some places and Telnet in others. Plenty of work to do around the house.

@mttaggart it's crazy that this is the controversial, minority opinion in cybersec....

@mttaggart

As of today, the state of the art in quantum decryption are 0-bit RSA and ECC keys, respectively.

https://fediscience.org/@hweimer/114855882006260378

@hweimer These weren't strictly Shor's, but I take your point.

@mttaggart CISOs don't usually do priority inversion alone: it's often compliance that makes not doing PQ expensive (penatly, non-compliance), while doing telnet cheap (cOMpeNsAtiOn cOnTRol).

(Side note: PQ should be easy to implement)