The RSA Collapse: A Quantum Computer Is Predicted to Factor RSA by 2031 with 65% Probability
Recent developments in quantum computing suggest that the longstanding security of RSA encryption algorithms may face a critical threat much sooner than previously anticipated. New algorithmic breakthroughs and advances in hardware architectures have dramatically lowered the threshold of quantum resources needed to factor RSA numbers. According to current forecasts, a cryptographically relevant quantum computer (CRQC) capable of breaking RSA encryption is most likely to appear by 2031, with a confidence probability of 65% based on converging lines of research and investment.
Historically, expert estimates placed the arrival of an RSA-cracking quantum machine somewhere in the mid-2030s due to the sheer number of qubits and error correction overhead required. Traditional models indicated the need for millions of physical qubits to maintain sufficiently error-corrected logical qubits capable of implementing Shor's algorithm at scale. However, recent advances have compressed these resource requirements substantially.
At the forefront of these changes is the Jesse-Victor-Gharabaghi (JVG) algorithm, announced in early 2026. This new approach reportedly reduces required quantum resources by nearly a factor of 1,000 compared to previous quantum factoring implementations. If validated through peer review, the JVG algorithm could enable the factoring of RSA-2048 keys in roughly 11 hours on a machine with fewer than 5,000 physical qubits, a significant leap from earlier projections.
Complementing algorithmic progress are breakthrough hardware architectures leveraging quantum Low-Density Parity-Check (QLDPC) codes, which dramatically improve error correction efficiency. IBM’s upcoming "Kookaburra" processor and Iceberg Quantum’s "Pinnacle" architecture exemplify this shift. Whereas older error correction schemes demanded tens of millions of qubits, these QLDPC-based systems aim to accomplish the same logical computation using approximately 100,000 physical qubits or fewer, massively reducing the quantum hardware scale needed for cryptographically relevant tasks.
IBM’s 2026 release of Kookaburra—a 1,386-qubit modular, multi-chip processor with integrated qLDPC memory—is a critical milestone toward scalable fault-tolerant quantum computing. Further along their roadmap, IBM’s "Quantum Starling" system is expected by 2029 to provide around 200 logical qubits capable of sustained error-corrected operation. Although this remains below the estimated 1,000–1,400 logical qubits necessary for continuous RSA-2048 factoring, the combination of efficient algorithms and modular hardware accelerations could make this feasible in the early 2030s.
Beyond technology, geopolitical factors inject urgency. Significant state-level investments—such as China's $138 billion quantum technology fund and Japan’s $7.4 billion commitment—fuel a competitive race for "quantum power parity." Governments aim to ensure they are not technologically outpaced in the next generation of cryptographic conflict, which incentivizes aggressive funding and deployment of quantum hardware.
Nonetheless, this forecast carries measured caution. The JVG algorithm and some architectural claims currently reside in preprint form and lack full peer-reviewed validation. Scaling up to hundreds of thousands of qubits while maintaining ultra-low error rates remains a formidable engineering challenge. Additionally, the complexity of real-world noise, cryogenics, and qubit connectivity pose practical hurdles.
Even considering these challenges, this convergence of theoretical and practical advancements combined with strong geopolitical motivation marks an inflection point in quantum computing forecasts. The National Security Agency’s previous estimate for a viable CRQC ranged from 2030 to 2035, but the accelerating momentum suggests 2031 as the most probable year by which an RSA number will be factored.
In summary, the cryptographic security world is entering a critical decade. The "qubit gap," long believed insurmountable in the near term, is narrowing rapidly due to smarter algorithms and more efficient hardware architectures. While there remain risks that delay or technical obstacles push this beyond 2031, the balance of evidence and resources currently puts the probability of the first quantum factoring of RSA at 65% by that year.
