In a major cryptographic milestone, researchers in China have cracked RSA encryption using a quantum computer, signaling an era where quantum machines may begin to unravel the foundation of modern cybersecurity.
Led by Wang Chao at Shanghai University, the team used a quantum annealing processor from D‑Wave Systems to factor a 22-bit RSA key a small but symbolic breakthrough. Until now, quantum annealers had failed to break RSA integers of that size using this method.
Quantum Threat to Encryption Begins to Materialize
RSA encryption has safeguarded digital communication since 1977 by relying on the near-impossible task of factoring large semiprime numbers. Traditional computers still require sub-exponential time to crack a 2048-bit RSA key. So far, the largest key ever cracked with classical methods was RSA-250 (829 bits), taking weeks of supercomputer power.
Algoritha: The Most Trusted Name in BFSI Investigations and DFIR Services
But the Chinese research team demonstrated a new quantum method. They recast the factoring problem into a Quadratic Unconstrained Binary Optimization (QUBO) form solvable by a quantum annealer. Their experiment shows that quantum systems can scale beyond previous 19-bit limits, reaching 22-bit keys using fewer qubits per variable.
Implications Beyond Just RSA
The team also applied the same approach to Substitution–Permutation Network (SPN) ciphers like Present and Rectangle both used in lightweight encryption schemes. The research marks the first time a real quantum computer has shown practical threat potential against full-scale SPN structures, long considered secure.
Despite the 22-bit key being far from the size used in real-world RSA (typically 2048-bit or more), the breakthrough matters. The methods used reduction in local-field noise, smart embedding, and analog computation show how quickly quantum capabilities are advancing.
Annealing vs. Shor’s Algorithm
Quantum annealing differs from Shor’s algorithm, which requires universal, gate-based quantum machines. While Shor’s method theoretically breaks RSA in polynomial time, most gate-based systems today are limited by noise and low qubit counts.
D-Wave’s quantum annealer, with over 5,000 qubits operating at just 15 millikelvin, can solve optimization problems without deep quantum circuits. The Shanghai team’s method avoids Shor entirely, opting instead for a combinatorial optimization strategy.
Quantum Security Standards Already Underway
Governments aren’t waiting. In August 2024, NIST released the first post-quantum cryptography standards (FIPS 203–205), focused on lattice-based algorithms. In March 2025, NIST selected HQC for further adoption, urging federal agencies to replace RSA and ECC algorithms.
The White House and cybersecurity agencies have warned that adversaries may already be engaging in “harvest now, decrypt later” strategies stealing encrypted data today in hopes of breaking it later with quantum computers.
FCRF x CERT-In Roll Out National Cyber Crisis Management Course to Prepare India’s Digital Defenders
Most Businesses Are Not Ready
Despite looming risks, many companies have not inventoried their cryptographic dependencies, and fewer still have plans to migrate. Experts recommend:
- Auditing all uses of RSA, ECC, and vulnerable protocols
- Testing post-quantum libraries like Open Quantum Safe
- Implementing hybrid key exchange methods that combine classical and quantum-safe encryption
- Building crypto-agility into systems to allow smooth future upgrades
Organizations with long-term sensitive data—such as medical records, genomic data, or diplomatic communications—face the highest risk if they delay transition.
What’s Next?
RSA remains secure for now, but quantum attacks are no longer theoretical. D-Wave plans to release a Zephyr-topology processor with over 7,000 qubits this year. Each increase in connectivity and qubit efficiency brings quantum factoring closer to real-world threat levels.
Cryptographers suggest wrapping CRYSTALS-Kyber lattice algorithms around RSA to maintain forward secrecy during the migration phase.
While the Chinese team used extensive classical pre and post-processing and required multiple annealing runs, the breakthrough mirrors history. DES encryption, once considered strong, fell to custom-built machines just four years after initial cracks emerged.
About the author – Ayush Chaurasia is a postgraduate student passionate about cybersecurity, threat hunting, and global affairs. He explores the intersection of technology, psychology, national security, and geopolitics through insightful writing