Can Shor’s Algorithm Break RSA? The Future of Encryption

Key Points

• Studies show that Shor’s algorithm might break RSA encryption. However, this is not certain because quantum computers today have limitations.
• It seems that future quantum computers could pose a threat to RSA. This leads us to consider a shift to post-quantum cryptography.
• To break RSA, experts believe we will need millions of qubits. This number is much higher than what we have now.

Explore more: What is Quantum Computing? A Complete Guide (2025)

Background on RSA Encryption

RSA stands for Rivest, Shamir, and Adleman, the people who created it. This system is key to public-key cryptography. RSA uses a pair of keys: a public key to encrypt data and a private key to decrypt it. Its security depends on how hard it is to factor large composite numbers.

For instance, it is easy to multiply 3 by 5 to get 15, but finding 3 and 5 from 15 is hard when the numbers are large. This one-way function protects RSA from attacks by regular computers, as factoring large numbers can take billions of years on current supercomputers.

Why RSA is Important

Many people use RSA to secure online transactions, emails, and more. However, its reliance on factoring makes it vulnerable to any technology that can quickly factor large numbers.

Explore more: How Does Quantum Cryptography Impact Cybersecurity?

What is Shor’s Algorithm and RSA?

Shor’s algorithm came from mathematician Peter Shor in 1994. It is a quantum algorithm that uses quantum mechanics principles, like superposition and entanglement, to factor large numbers much faster than classical methods. Quantum computers use qubits. Qubits can be in many states at once, unlike classical bits that are only 0 or 1.

This ability lets quantum computers look at many solutions at the same time. Thus, it makes factoring possible in polynomial time. This is a big improvement over the exponential time needed by classical methods.

For example, the best classical algorithm, the General Number Field Sieve, takes super-polynomial time for large numbers. Shor’s algorithm can change this to a reasonable time on a strong quantum computer. This power directly threatens RSA encryption. Factoring the large numbers used in RSA keys would reveal the private key and break the encryption.

Explore more: How Quantum Computing is Revolutionizing Drug Discovery

Theoretical Threat to RSA

Research shows that Shor’s algorithm can break RSA if run on a powerful enough quantum computer. The idea is simple. If a quantum computer can factor a 2048-bit number, which is a common RSA key size, it can decrypt any message protected by that key.

Estimates from academic papers indicate that factoring a 2048-bit number would need around 10,241 logical qubits. Since error correction needs many more, this means millions of physical qubits. A 2003 paper by Beauregard suggests about 4,099 logical qubits, which is still a large number.

By March 2025, companies like IBM and Atom Computing have made big advances in quantum computing. IBM plans to launch “Kookaburra,” which has 1,386 qubits, while Atom Computing has a machine with 1,180 qubits. These numbers break previous records. However, just having more qubits isn’t enough.

Error rates and quantum volume, a measure of a machine’s power, play important roles too. Currently, machines still face many issues. They produce noise and have high error rates, which limits their ability to carry out complex tasks like factoring large numbers.

Explore more: The Science Behind Quantum Supremacy: Google’s Sycamore Experiment

Experts point out that quantum computers might make RSA encryption unsafe by 2030. However, this prediction is uncertain. Other studies suggest the timeline may stretch longer due to the extensive resources needed for such advancements.

Given what we know now, it seems likely we’ll need another decade or so before quantum computers can actually break RSA. Still, the exact timeline is unclear.

Post-Quantum Cryptography: Preparing for the Future

The cryptographic community is aware of possible threats from quantum computers. They are creating post-quantum cryptography (PQC). These are new encryption methods that can resist quantum attacks. The methods depend on math problems that are tough for both regular and quantum computers. Examples include lattice-based and hash-based cryptography.

NIST’s Role

NIST leads this effort. In 2016, they started a standardization process. By August 13, 2024, NIST released the first set of PQC standards. These include FIPS 203 for key encapsulation, FIPS 204 for digital signatures, and FIPS 205 for another form of digital signatures.

The standards are based on algorithms like CRYSTALS-KYBER, CRYSTALS-Dilithium, and SPHINCS+. NIST added HQC as an extra option, offering a backup plan. Organizations can start using these standards right away.

Explore further: How Does AWS Support Quantum Computing?

Preparing for a Post-Quantum World

This move is important. It shows that we are getting ready for a world where quantum threats exist. Many people might expect that we will wait for a real threat before acting. However, the shift involves checking our current systems.

We need to find encryption that can be broken by quantum computers. Then, we plan to switch to PQC methods. This process can take years because of the size of our global infrastructure.

Implications for Organizations

Organizations must start planning for this transition to ensure data security in the quantum era. This includes:

First, organizations need to check their current encryption methods. They must find where RSA and other algorithms are vulnerable to quantum attacks. Next, it is important to keep up with advancements in quantum computing and developments in post-quantum cryptography.

Then, organizations should create a plan to shift to quantum-resistant algorithms that follow NIST guidelines. Using a mix of classical and post-quantum methods is a good short-term solution. This approach is crucial because quantum computers can potentially break RSA encryption.

This need for action is especially important in sectors like finance, healthcare, and government, where data security is critical. Evidence suggests that early action is key, as it can take decades to implement new standards across all systems. A NIST news release from August 2024 highlighted these points regarding NIST PQC Standards.

Final Words

Shor’s algorithm presents a theoretical threat to RSA encryption. However, technology is not advanced enough to break RSA. Still, future quantum computers may pose a risk in the next 10 to 20 years. This risk pushes the development of post-quantum cryptography.

NIST is working on standardizing algorithms like ML-KEM and ML-DSA. These developments open up a path for organizations to transition and maintain security. A careful approach is essential to prepare for the quantum future while balancing current safety needs with long-term readiness.

FAQs

Does Shor’s algorithm break RSA? 

Yes, Shor’s algorithm can break RSA encryption. It can do this by quickly factoring the large numbers that RSA relies on. However, it needs a powerful quantum computer to work.

What are the problems with Shor’s algorithm? 

Shor’s algorithm has challenges. It needs many qubits and proper error correction. These are necessary to manage quantum noise and decoherence, which current quantum computers struggle with.

Can RSA encryption be broken? 

RSA encryption can be broken if a powerful quantum computer runs Shor’s algorithm. Regular computers cannot break RSA efficiently. This is due to the difficulty of factoring large numbers.

What does Shor’s algorithm break? 

Shor’s algorithm breaks systems that depend on integer factorization and discrete logarithms. This includes RSA encryption, Diffie-Hellman key exchanges, and elliptic-curve cryptography.