topic Factoring 2048-Bit RSA - Is the sky falling? in Tech Talk https://community.isc2.org/t5/Tech-Talk/Factoring-2048-Bit-RSA-Is-the-sky-falling/m-p/22765#M1324 <P>In 2015 cryptographer Michele Mosca posed the hypophoric question โ€œ<EM>How many physical qubits will we need to break RSA-2048</EM>? At the time he estimated more than a billion. Fast forward to today researchers Craig Gidney and Martin Ekera have published their findings: โ€œ<EM><A href="https://arxiv.org/pdf/1905.09749.pdf" target="_blank" rel="noopener">How to factor 2048-bit RSA integers in 8 hours using 20 million noisy qubits</A></EM>".</P><P>&nbsp;</P><P>They report that the number of qubits necessary has dropped two orders of magnitude! True that you'll still require about 20 million to factor a 2048-bit RSA modulus, but for all you skeptics out there, and I know there are a few<span class="lia-unicode-emoji" title=":winking_face:">๐Ÿ˜‰</span>the significance of the research is that now we have a precise and quantitative understanding of the performance of Shorโ€™s algorithms on a quantum computer and the physical limitations that need to be overcome to effectively factor RSA.</P><P>&nbsp;</P><P><STRONG>When will RSA no longer be safe?</STRONG> That depends on advances in the design of quantum error correcting code, the engineering of physical qubits, and the construction of quantum circuits.</P><P>&nbsp;</P><P>If your paranoid, and you should be, start using a modulus <STRONG>n = 3072</STRONG> or higher.</P> Mon, 09 Oct 2023 09:12:46 GMT AppDefects 2023-10-09T09:12:46Z Factoring 2048-Bit RSA - Is the sky falling? https://community.isc2.org/t5/Tech-Talk/Factoring-2048-Bit-RSA-Is-the-sky-falling/m-p/22765#M1324 <P>In 2015 cryptographer Michele Mosca posed the hypophoric question โ€œ<EM>How many physical qubits will we need to break RSA-2048</EM>? At the time he estimated more than a billion. Fast forward to today researchers Craig Gidney and Martin Ekera have published their findings: โ€œ<EM><A href="https://arxiv.org/pdf/1905.09749.pdf" target="_blank" rel="noopener">How to factor 2048-bit RSA integers in 8 hours using 20 million noisy qubits</A></EM>".</P><P>&nbsp;</P><P>They report that the number of qubits necessary has dropped two orders of magnitude! True that you'll still require about 20 million to factor a 2048-bit RSA modulus, but for all you skeptics out there, and I know there are a few<span class="lia-unicode-emoji" title=":winking_face:">๐Ÿ˜‰</span>the significance of the research is that now we have a precise and quantitative understanding of the performance of Shorโ€™s algorithms on a quantum computer and the physical limitations that need to be overcome to effectively factor RSA.</P><P>&nbsp;</P><P><STRONG>When will RSA no longer be safe?</STRONG> That depends on advances in the design of quantum error correcting code, the engineering of physical qubits, and the construction of quantum circuits.</P><P>&nbsp;</P><P>If your paranoid, and you should be, start using a modulus <STRONG>n = 3072</STRONG> or higher.</P> Mon, 09 Oct 2023 09:12:46 GMT https://community.isc2.org/t5/Tech-Talk/Factoring-2048-Bit-RSA-Is-the-sky-falling/m-p/22765#M1324 AppDefects 2023-10-09T09:12:46Z