If you logged into your bank account this morning, everything may still seem secure. But the pace of technological change is accelerating, and a recent breakthrough in China signals a potential paradigm shift in data security. Researchers in Shanghai have demonstrated that RSA encryption—the backbone of global cybersecurity—is beginning to falter under the pressure of quantum computing.
Quantum Leap: Cracking RSA with D-Wave
Using a quantum annealing processor developed by D-Wave Systems, researchers led by Wang Chao at Shanghai University have successfully factored a 22-bit RSA integer—an achievement that had eluded previous efforts on the same class of hardware. This result, while modest in numerical scale, marks a significant step forward in quantum cryptanalysis.
“When RSA encryption launched in 1977, it revolutionised digital security by tying its strength to the difficulty of factoring large semiprime numbers,” the researchers noted. “Now, using the D-Wave Advantage, we have successfully factored a 22-bit RSA integer, demonstrating the potential for quantum machines to solve cryptographic problems.”
The math behind the breakthrough
The team transformed the factorisation task into a Quadratic Unconstrained Binary Optimization (QUBO) problem. This type of problem can be tackled by the D-Wave Advantage system, which operates by letting qubits "tunnel" through energy barriers to find the lowest energy state—a process known as quantum annealing.
Not stopping with RSA, the team applied the same quantum optimisation approach to cryptographic schemes known as Substitution–Permutation Network (SPN) ciphers, specifically Present and Rectangle. They described this as "the first time that a real quantum computer has posed a substantial threat to multiple full-scale SPN structured algorithms currently in use."
Why 22 Bits matter?
While a 22-bit RSA key is minuscule compared to the 2048-bit keys used in modern encryption, this breakthrough still matters. Earlier quantum demonstrations had stalled at 19 bits and required more qubits per variable. The Shanghai researchers improved noise reduction by fine-tuning the local-field and coupling coefficients in their Ising model, allowing more consistent success and hinting at the feasibility of scaling up.
Prabhjyot Kaur, an analyst at Everest Group not involved in the study, warned, “The advancement of quantum computers can seriously threaten data security and privacy for various enterprises.”
Also Read: Clean up your inbox to start the new year right
Annealing vs. Shor's Algorithm
Most quantum encryption threats have been theoretical, tied to Shor’s algorithm, which runs on universal, gate-based quantum computers. Shor’s method can, in theory, crack RSA keys by finding the period of modular exponentiation in polynomial time. But such machines are still limited by error correction and small qubit counts.
In contrast, D-Wave’s quantum annealers aren’t universal but are far more mature. The current Advantage system uses over 5,000 qubits and avoids deep circuits by operating at just 15 millikelvin in an analog evolution environment. Though it pays an exponential scaling cost—limiting it, for now, to cracking a 22-bit modulus—it bypasses the limitations that gate-based machines face.
The global race toward post-quantum security
Governments and standards bodies are already reacting. In August 2024, NIST issued the first federal standards for post-quantum cryptography—FIPS 203, 204, and 205—centered on lattice-based encryption. By March 2025, the agency selected HQC (Hamming Quasi-Cyclic) for the next implementation wave.
The urgency was underscored at a White House event earlier this year, where officials warned that adversaries may already be stockpiling encrypted data in anticipation of a “harvest now, decrypt later” scenario.
The Wall Street Journal’s CIO Briefing echoed that urgency: “Businesses must treat cryptographic renewal like a multi-year infrastructure project.” Despite this, many companies haven’t even conducted a basic audit of which algorithms their systems rely on.
Preparing for the Quantum Era
Security experts recommend starting with an internal inventory of all uses of RSA, ECC, and other quantum-vulnerable algorithms. From there, organizations can test post-quantum cryptography libraries like Open Quantum Safe or begin deploying hybrid encryption models that combine classical and quantum-resistant elements.
One key strategy is crypto-agility—designing systems that can switch algorithms without requiring full-scale redevelopment. This approach makes transitions to future standards smoother and less expensive.
Also Read: 15 lakh cyber attacks by Pak hackers on India, only 150 succeeded
What’s next?
RSA-2048 remains unbroken, for now. But this experiment signals the direction the future may take. D-Wave is planning to launch a new Zephyr-topology quantum processor later this year with over 7,000 qubits. Each architecture upgrade improves connectivity and reduces the number of physical qubits needed per logical variable.
Meanwhile, cryptographers advocate hybrid methods—such as combining lattice-based algorithms like CRYSTALS-Kyber with RSA signatures—to maintain forward secrecy during the transition period. For institutions holding data that must remain secure for decades—like healthcare records, genomic databases, and diplomatic communications—the stakes are especially high.
Skeptics may note that the Shanghai team relied heavily on classical pre- and post-processing and needed numerous runs to factor the 22-bit number. But history has shown that cryptographic breakthroughs rarely stay small for long. The Data Encryption Standard (DES), once considered unbreakable, fell to a $250,000 cracking machine just four years after the first theoretical vulnerabilities appeared.
Also Read: 16 billion passwords leaked in largest-ever data breach
Follow us
