DEV Community

Quantum Sequrity
Quantum Sequrity

Posted on • Originally published at quantumsequrity.com

What Is Q-Day? The Date Quantum Computers Break Classical Encryption

#postquantumcryptography #harvestnowdecryptlater #cybersecurity #security

What Is Q-Day? The Date Quantum Computers Break Classical Encryption

Category: Education

What Is Q-Day? The Date Quantum Computers Break Classical Encryption

7 min read

What Q-Day Means

Q-Day (sometimes Y2Q) is industry shorthand for the moment a Cryptographically Relevant Quantum Computer (CRQC) exists. A CRQC can run Shor's algorithm on real-world cryptographic parameters like RSA-2048 or ECDH P-256. Q-Day is not a fixed date; it is a probability distribution estimated by expert surveys.

Why the Term Is Useful

Q-Day gives non-technical stakeholders a concrete handle for an otherwise abstract threat. It also communicates urgency: Q-Day is already inside the Mosca threshold for most regulated data.

Current Expert Estimates

Global Risk Institute Quantum Threat Timeline 2025: 10-year likelihood of CRQC between 28 percent (pessimistic) and 49 percent (optimistic), the highest 10-year range in the survey's seven-year history.

NSA CNSA 2.0 (September 2022): sets 2035 as the planning deadline for US National Security Systems. Not a prediction; a conservative target.

NIST IR 8547 (November 2024 draft): proposes disallowing classical algorithms after 2035 for US federal use.

What Arrives With Q-Day

  1. Every classically-encrypted archive stockpiled via Harvest Now Decrypt Later becomes decryptable.
  2. RSA certificates issued before the migration deadline become trivially forgeable.
  3. ECDH-protected TLS sessions recorded between now and Q-Day are exposed.
  4. Non-migrated signature systems (ECDSA code signing, Ed25519 SSH host keys) lose trust.

What You Should Do Before Q-Day

  1. Inventory classical cryptography in your stack.
  2. Deploy hybrid ML-KEM for new systems.
  3. Re-encrypt long-lived archives with Post Quantum Cryptography.
  4. Migrate signature algorithms on the NIST IR 8547 timeline.

Frequently Asked Questions

Frequently Asked Questions

When is Q-Day?

Unknown. Global Risk Institute 2025 puts 10-year probability at 28 to 49 percent. NSA uses 2035 as a planning target for NSS. Experts disagree on exact timing.

Is Q-Day a sudden event?

Probably not. The arrival of a CRQC will likely be a progression (first single-digit logical qubit demos, then 100 logical qubits, then thousands). But Harvest Now Decrypt Later means data is already at risk.

Will Q-Day break AES?

No. AES-256 remains secure at effective 128-bit post-quantum strength under Grover's algorithm. Public-key cryptography (RSA, ECC) is the target of Q-Day attacks.

How do I know my organization is Q-Day ready?

Cryptographic inventory plus hybrid ML-KEM deployment for new systems plus PQC re-encryption of long-lived archives. Use NIST IR 8547 as your maturity checklist.

Sources

  1. GRI Quantum Threat Timeline 2025
  2. NSA CNSA 2.0
  3. NIST IR 8547

Related Articles

Protect Your Data Before Q-Day Arrives

QNSQY's NIST-standardized post-quantum encryption protects files against both current and quantum-era threats.

Originally published at quantumsequrity.com.

Top comments (0)