Two independent research teams published papers on March 31, 2026, showing that quantum computers could break the encryption standards securing most of the internet with far fewer resources than anyone had previously estimated. Artificial intelligence helped drive the discovery. The findings have sent cybersecurity organizations scrambling to compress their post-quantum migration timelines — and raised an urgent, global question: has the window to protect the internet been quietly closing faster than experts assumed?

Two Papers, One Alarming Conclusion

The world could be caught off guard by quantum hackers before the end of this decade, much sooner than expected. This is the take-home message of two studies posted independently on March 30, one a white paper by a team at Google and the other a preprint from Oratomic, a start-up company in Pasadena, California.

Digital technologies that rely on encryption and authentication methods, such as credit-card systems, cryptocurrencies, and internet communications, have long been known to be vulnerable to future quantum computers. But the assumption among researchers and cybersecurity companies working on quantum-proof encryption technologies was that these machines would not pose a serious threat to digital security for at least 10 years.

In its whitepaper, Google showed that future quantum computers may break elliptic-curve cryptography that protects cryptocurrency and other systems with fewer qubits and gates than previously thought. Google engaged with the U.S. government and developed a new method to describe these vulnerabilities via a zero-knowledge proof so they can be verified without providing a roadmap for bad actors. With continued scientific and technological progress, cryptographically relevant quantum computers are getting closer to reality which is why Google simultaneously introduced a 2029 migration timeline.

A separate research paper from Caltech and quantum startup Oratomic found that the cryptography protecting bitcoin and ether wallets could be broken with as few as 10,000 physical qubits, far below earlier estimates of hundreds of thousands. Using Google’s quantum circuits as a baseline, the authors say a neutral-atom quantum computer with about 26,000 qubits could crack ECC-256, the standard used to secure major blockchains, in roughly 10 days, while RSA-2048 would require about 102,000 qubits and three months.
 
Estimated requirements for running Shor’s algorithm, the quantum method for breaking public-key encryption, have now fallen five orders of magnitude in two decades, from roughly 1 billion physical qubits in 2012 to about 10,000 today. The studies have created a sense of “renewed urgency,” says Jintai Ding, a mathematician at Tsinghua University in Beijing, with findings prompting discussions “ranging from academics to bankers and to people who care about cryptocurrencies.”

The Role of Artificial Intelligence

The technical reduction in qubit requirements was not achieved solely through hardware. AI was woven into the research process itself. AI was described as “instrumental” in developing the Oratomic team’s algorithm, according to the paper’s authors. “There is no question that we used AI to accelerate this development,” said Dolev Bluvstein, one of the paper’s authors.

The paper draft does not mention the use of AI in deriving its key results, but Bluvstein said the team plans to publish follow-up work detailing the role AI played. Huang, who previously worked at Google Quantum AI before co-founding Oratomic with some of the paper’s co-authors, had told a contact at Google’s quantum initiative that he had been using AI and “seeing lots of crazy results.”

Oratomic, collaborating with Caltech researchers including John Preskill, described building a quantum computer using neutral atoms trapped and moved by laser “tweezers” for flexible connections, combined with advanced error-correction codes that pack more useful computation into each group of qubits — far more efficient than conventional approaches.

The convergence of AI-assisted algorithm development with advances in neutral-atom hardware architecture marks a meaningful shift in how quantum computing progress unfolds. Researchers are no longer relying solely on incremental hardware scaling; AI is now actively compressing the mathematical and algorithmic distances between theoretical threat and practical capability.

The Industry Response: Racing the Clock

The papers triggered immediate action from organizations that protect critical internet infrastructure. Cloudflare announced it is targeting 2029 to complete post-quantum security across its entire product suite, including post-quantum authentication. The company is following a revised roadmap that Google also adopted after announcing it had improved the quantum algorithm used to break elliptic-curve cryptography. The same day, Oratomic published a resource estimate for breaking RSA-2048 and P-256 on a neutral atom quantum computer, putting the qubit requirement at roughly 10,000 a number researchers in the field described as unexpectedly low.

Cloudflare noted that while over 65% of human traffic on its network is already post-quantum-encrypted, credible new research and rapid industry developments suggest the migration deadline is much sooner than expected. These advances prompted Google to accelerate its post-quantum migration timeline to 2029, and IBM Quantum Safe’s CTO stated publicly that quantum moonshot attacks could arrive as early as that same year.

Google also warned that malicious actors are likely already preparing attacks using “store now, decrypt later” techniques — downloading and storing encrypted data now with the intention of decrypting it once quantum computers are available. Google’s multi-year migration will involve securing its infrastructure and rolling out post-quantum capabilities across its products, including testing PQC enhancements in the next Android 17 beta.

From Encryption to Authentication: A Harder Problem

The post-quantum challenge is broader than encrypting data in transit. The more difficult and more dangerous problem is authentication.

More than 65% of human-generated traffic on Cloudflare’s network is already protected using post-quantum encryption. However, encryption alone is not sufficient. The company’s new roadmap prioritizes post-quantum authentication — the systems that verify identities and establish trust across the internet. These systems are significantly harder to upgrade due to their reliance on certificates, legacy infrastructure, and complex vendor- and device-level dependencies.

Cloudflare laid out a series of milestones toward its 2029 target. The company plans to add support for post-quantum authentication using ML-DSA to origin connections by mid-2026. By mid-2027, it aims to have post-quantum connections from end users to Cloudflare using Merkle Tree Certificates. Its Cloudflare One SASE product suite is targeted for post-quantum authentication by early 2028.

Migrating to post-quantum authentication is more complex than migrating encryption. Disabling quantum-vulnerable cryptography is necessary to prevent downgrade attacks; once that is done, all previously exposed secrets, including passwords and access tokens, must be rotated.

Coordinated Disclosure and Responsible Research

Both Google and Oratomic took deliberate steps to share their findings responsibly rather than publishing full attack blueprints. To share the research responsibly, Google engaged with the U.S. government and developed a new method to describe vulnerabilities via a zero-knowledge proof, so they can be verified without providing a roadmap for bad actors.

The Oratomic team also thought carefully about which parts of their methodology were responsible for publishing, given the potential consequences of a quantum computer being developed.

Matthew Green, a computer science professor and cryptography expert at Johns Hopkins University, called the Google and Oratomic papers a good “precautionary” analysis of the long-term challenge of quantum encryption. However, he expressed skepticism that quantum computing had enough “lucrative immediate applications” to push the field beyond its foundational research stage to more practical applications.

The expert skepticism is worth noting: no new quantum computer was built during this research cycle. What changed was the theoretical estimates of how many qubits a future machine would need, which dropped sharply.

A Fractured but Urgent Global Picture

The underlying assumption had been that a fault-tolerant quantum computer capable of threatening classical encryption would require millions of qubits. The Oratomic paper suggests it may actually only need as few as 10,000. “Ultimately, we have gone from planning for a threat two decades out to one that overlaps with systems actively being deployed and funded,” said Nathaniel Szerezla, chief growth officer at Naoris Protocol.

One key concern is the ability of foreign nations and cybercriminals to collect sensitive, encrypted data today, in hopes of breaking it later with a quantum computer. This “harvest now, decrypt later” technique is one of the main reasons proponents push for faster adoption of post-quantum encryption. Advancements in neutral atom arrays have given scientists more powerful hardware, while breakthroughs in mathematics, such as those in the Google research paper, have enabled more efficient use of that hardware.

Microsoft is targeting 2033. NIST deprecates classical algorithms in 2030 and disallows them in 2035. Cloudflare’s decision to match Google’s 2029 target transforms this from a single company’s internal risk calculus into an emerging industry consensus among the companies that actually operate the internet’s infrastructure.

Outlook

The convergence of AI-assisted algorithm discovery, progress in neutral-atom quantum hardware, and a sharp drop in estimated qubit thresholds has compressed what was once considered a distant problem into a near-term operational risk. The responses from Google, Cloudflare, and IBM suggest that the largest internet infrastructure providers now treat 2029 as a planning horizon rather than a theoretical milestone. For governments, financial institutions, healthcare providers, and anyone dependent on public-key cryptography, that is, nearly every organization with a digital presence, the calculus on post-quantum migration has fundamentally changed.

For Cloudflare customers, the company states that no mitigating action is required for its services. However, the company notes that elements outside its control, such as browsers, applications, and origin infrastructure, will also need to be upgraded. Those dependencies, across thousands of vendors and billions of devices, represent the real scope of what “Q-Day preparedness” demands.