A Quantum Computer Broke RSA Encryption, But It's Not Time To Panic Yet

Quantum computing is hardly the easiest thing to understand, but put simply, it's about pushing computing beyond existing limits by using the weird physics of subatomic particles. The coming quantum computer revolution promises all manner of staggering accomplishments, with these mysterious devices set to bring the sheer spookiness of quantum mechanics to the forefront. These new generation of machines are, among other things, expected to revolutionize drug research, manufacturing, financial modeling, and cybersecurity. In the case of the latter, researchers claimed in 2024 to have used a quantum computer to break a form of encryption known as RSA.

Data encryption is widely used to protect sensitive data sent across the internet. Encryption involves concealing that data by converting it to seemingly random information. In order to unscramble the encryption, a cryptographic key is required, which essentially comprises a set of mathematical values that only the sender and recipient of encrypted data possess, allowing only those parties to decrypt it.

Encryption is used on messaging platforms, to protect banking and medical information, and even by militaries to keep sensitive information secure. But when quantum computers become widespread, they will pose a major risk to internet security by their potential to render this encryption useless. Now, researchers in China say they've actually broken a commonly used encryption method using a quantum machine.

RSA — named after its creators, Ron Rivest, Adi Shamir, and Leonard Adleman — is an asymmetric or public key encryption, whereby two separate keys are used, one for encryption and another for decryption. The most commonly used public-key algorithm, RSA, is used in web browsers, email services, VPNs, and other forms of digital communication. Needless to say, a computer capable of breaking RSA encryption would pose a significant risk to web security. But that's exactly what Chinese researchers from Shanghai University claim to have done using a quantum computer.

In May 2024, the group published their efforts in the Chinese Journal of Computers, revealing that they were able to break RSA encryptions using the D-Wave Advantage quantum computer. California-based D-Wave touts the machine on its website as "the first and only quantum computer designed for business" and a device that allows users to "solve their largest and most complex business problems." The Chinese researchers have also shown that the D-Wave Advantage and other machines like it could pose a gigantic threat to internet security.

Instead of using bits like today's standard computers, quantum machines use quantum bits or qubits. The basic unit of data in quantum computers, qubits can exist as both a 1 and a 0 simultaneously, unlike bits in classical computing, which have to either be one or the other. This is what gives quantum computers their unprecedented power and speed. In the case of the D-Wave Advantage, the machine uses more than 5,000 qubits, which proved more than enough to crack the form of RSA encryption used by the Chinese researchers at Shanghai University.

To do so, the team used a process known as quantum annealing. This refers to harnessing the power of quantum mechanics to find the optimal solution to a problem that has a significant amount of possible solutions. It essentially means that the researchers turned the task of cracking cryptographic encryption into an optimization problem, showing that quantum computers are capable of successfully attacking RSA using this method.

While cracking long-standing cryptosystems with ease sounds like an ominous portent of a future in which internet security is decimated by quantum machines, there is an important caveat to the Chinese researchers' study. Namely, the group used a 50-bit integer for the RSA encryption.

RSA encryption is partly based on factoring (breaking down into smaller terms that can be multiplied together) large prime numbers or integers (whole numbers that are not fractions). As such, the larger the integer, the more complex and secure the cryptographic encryption becomes. The Shanghai University study used a 50-bit integer, but as RSA Security, the company founded by RSA creators Ron Rivest, Adi Shamir, and Leonard Adleman, states, "The problem with these claims is that factoring a 50-bit integer is a far cry from breaking the 2048-bit encryption used in modern implementations of the RSA algorithm."

In other words, the Chinese experiment is very much the equivalent of a proof of concept. The quantum computer used in the experiment was able to break a relatively simple version of RSA encryption, but has not yet cracked the more secure type widely used today. Still, while cracking a somewhat simple form of encryption isn't exactly capable of bringing the internet down, as RSA itself notes, the RSA algorithm is used across the World Wide Web, which means that "nearly everyone has some skin in the game." Whether this latest experiment is a sign of the coming internet security crisis or not, it's at least something that everyone should be thinking about as quantum computers become increasingly advanced.