Quantum Doomsday 2028: The Day Encryption Dies – Banks, HTTPS, Secrets Exposed

The race between quantum computing advancement and cryptographic security has entered a critical phase. While tech giants unveil increasingly powerful quantum processors, a disturbing question looms: how much time do we have before quantum computers can crack the encryption protecting our digital world—from banking systems to cryptocurrencies, from government communications to your personal data?

The Quantum Doomsday Clock: A Cryptographic Crisis Point

In November 2025, researchers Dr Richard Carback and Colton Dillion launched the "Quantum Doomsday Clock"—a countdown estimating when quantum computers will possess enough power to break modern public-key cryptography. Their prediction focuses on a specific milestone: 8 March 2028 [1].

According to their model, approximately 1,673 logical qubits would be sufficient to break ECDSA secp256k1—the elliptic curve standard securing Bitcoin and most cryptocurrencies. But the implications extend far beyond crypto:

• RSA-2048: Requires 2,314 logical qubits to break
• RSA-4096: Needs 3,971 logical qubits
• ECC-256: Demands just 1,673 qubits

These encryption standards protect:

• Online banking and financial transactions
• Government and military communications
• HTTPS connexions (secure web browsing)
• Email encryption
• Digital signatures and authentication
• VPNs and secure messaging
• Cryptocurrency wallets

This assessment is based on recent academic papers and public quantum hardware roadmaps from industry leaders like IBM and Google, including foundational research by Gidney & Ekerå (2021), Chevignard et al. (2024), and Hyeonhak & Hong (2023) [2].

But how realistic is this timeline? Let's examine what's actually happening in quantum computing labs around the world.

The Current State of Quantum Computing

Google's Willow: A Quantum Leap Forward

On 9 December 2024, Google announced Willow—a quantum chip that represents a genuine breakthrough in the field [3]. Here's what makes it significant:

• 105 qubits: Whilst this might sound impressive, it's nowhere near the millions needed to threaten current encryption
• Exponential error correction: For the first time, adding more qubits actually reduced error rates instead of increasing them—a historic achievement known as "below threshold" error correction
• Unprecedented speed: Willow performed a computation in under five minutes that would take today's fastest supercomputers 10 septillion years (10²⁵ years)

However, there's a massive gap between Willow's capabilities and what's needed to crack encryption. Physicist Sabine Hossenfelder notes that practical quantum computing applications are "about 1 million qubits away" and remain decades from reality [4].

IBM's Ambitious Roadmap to 2029

IBM has laid out perhaps the most concrete timeline in the industry. In June 2025, the company announced plans to deliver "IBM Quantum Starling" by 2029—a fault-tolerant quantum computer featuring [5]:

• 200 logical qubits (not physical qubits)
• Capability to execute 100 million quantum operations
• A new facility in Poughkeepsie, New York dedicated to quantum computing
• Performance 20,000 times greater than today's quantum computers

IBM's roadmap includes intermediate milestones:

• Loon (2025): Testing architectural components
• Kookaburra (2026): First modular processor
• Cockatoo (2027): Entangling multiple modules
• Starling (2029): Full-scale fault-tolerant system
• Blue Jay (2033): 2,000 logical qubits, 1 billion operations

According to IBM CTO Michael Osborne, quantum risks to cryptography are "growing faster than expected" [6].

How Quantum Computers Will Break Modern Encryption

To understand the threat, we need to grasp two key algorithms that make quantum computers dangerous to our current cryptographic infrastructure:

Shor's Algorithm: Deriving Private Keys from Public Keys

Developed by Peter Shor in 1994, this quantum algorithm can factorise large numbers exponentially faster than any classical method [7]. This threatens all public-key cryptography systems including:

RSA Encryption: Used for secure web browsing (HTTPS), email encryption, and digital signatures. RSA security relies on the difficulty of factorising large numbers—something Shor's algorithm can do efficiently.

Elliptic Curve Cryptography (ECC): Used in Bitcoin, modern TLS connexions, and many authentication systems. ECC includes algorithms like ECDSA and ECDH.

Diffie-Hellman Key Exchange: The foundation of secure communication across the internet. Quantum computers using Shor's algorithm could break the discrete logarithm problem that protects it.

Here's the attack mechanism: When you use public-key cryptography, your public key becomes visible. Shor's algorithm can then use that public key to calculate your private key—breaking the mathematical one-way function that's supposed to make this impossible.

The frightening part: whilst a classical computer would take longer than the age of the universe to derive a private key from a public key, a sufficiently advanced quantum computer using Shor's algorithm could do it in hours or days.

Real-world impact:

• Encrypted emails from years ago could be decrypted
• Banking transactions could be forged
• Digital signatures could be faked
• Cryptocurrency wallets could be emptied
• Government secrets could be exposed

Grover's Algorithm: Weakening Symmetric Encryption

Grover's algorithm provides a quadratic speedup for searching unsorted databases [8]. Whilst less dramatic than Shor's algorithm, it still impacts symmetric cryptography:

• AES-128 encryption effectively becomes AES-64 security
• SHA-256 hashing reduces to SHA-128 strength
• Bitcoin mining could be centralised with quantum advantage

However, symmetric encryption is more resistant to quantum attacks. Doubling key sizes (e.g., using AES-256 instead of AES-128) provides adequate protection against Grover's algorithm.

Timeline Predictions: Who Says What?

The quantum threat timeline varies dramatically depending on whom you ask:

Optimistic (Threat Further Away)

• Blockstream CEO Adam Back: No serious threat for at least two decades
• General consensus: Current technology is far from the scale needed
• Moore's Law projections: At least a decade or longer

Middle Ground

• Global Risk Institute (2024): 50% chance within 15 years (by 2039) [10]
• NIST recommendations: Migrate away from traditional encryption by 2030
• US and UK government agencies: Complete quantum-safe transition by 2030-2035

Pessimistic (Threat Imminent)

• Quantum Doomsday Clock: 8 March 2028
• David Carvalho (Naoris Protocol CEO): 2-3 years (by 2027-2028) [6]
• IBM CTO Michael Osborne: Risks growing faster than expected
• Craig Gidney (Google researcher): Could require 20× fewer resources than previously believed, compressing timelines to 2030-2035 [11]

Recent Alarming Development

In May 2025, Google researchers published findings suggesting that breaking RSA-2048 encryption could be achieved with fewer than 1 million noisy qubits in under a week—20 times fewer resources than previously estimated [11]. This discovery significantly accelerated threat predictions.

What Systems Are Most Vulnerable?

Not all cryptographic systems face the same level of quantum threat:

Highly Vulnerable (Broken by Shor's Algorithm)

• RSA encryption (all key sizes)
• Diffie-Hellman key exchange (DH and ECDH)
• Digital Signature Algorithm (DSA) and ECDSA
• Elliptic Curve Cryptography in general
• Bitcoin and cryptocurrency wallets with exposed public keys (30% of Bitcoin supply)

Moderately Vulnerable (Weakened by Grover's Algorithm)

• AES-128: Effectively reduced to 64-bit security
• SHA-256: Reduced to 128-bit security
• Other symmetric encryption with insufficient key lengths

Relatively Safe

• AES-256: Still secure even against quantum attacks
• SHA-512: Maintains adequate security
• One-time pads: Theoretically unbreakable
• Quantum Key Distribution (QKD): Already quantum-resistant

Special Case: Bitcoin Address Security

An interesting detail often overlooked: not all Bitcoin is equally vulnerable.

Exposed addresses (30% of Bitcoin) [9]:

• Pay-to-Public-Key (P2PK) addresses where public keys are visible
• Reused addresses from past transactions
• Approximately 6.2 million BTC sitting in vulnerable addresses

Relatively protected (until spent):

• Pay-to-Public-Key-Hash (P2PKH) where public keys remain hidden
• Never-reused addresses following best practises
• Cold storage with proper address hygiene

The "Harvest Now, Decrypt Later" Threat

Perhaps the most insidious aspect of the quantum threat is already happening: adversaries are storing encrypted data today with plans to decrypt it once quantum computers become available.

This isn't paranoia—it's confirmed by intelligence agencies worldwide:

What's being harvested:

• Encrypted government communications
• Corporate trade secrets and intellectual property
• Banking and financial transaction records
• Medical records and personal data
• Blockchain transactions and cryptocurrency holdings
• Encrypted emails spanning decades
• VPN traffic and secure messaging

Why this matters:
Even if quantum computers arrive in 2030, data encrypted in 2025 could still be valuable and sensitive. A pharmaceutical company's drug research, government diplomatic cables, or financial strategies don't lose value just because years have passed.

BlackRock acknowledged this threat in its updated Bitcoin ETF filing [12], recognising that blockchain data remains permanently accessible. Intelligence agencies have openly discussed this strategy for national security purposes.

This is why security experts call the approaching moment "Q-Day"—the day quantum computers break traditional cryptography. On that day, years or decades of stored encrypted communications could suddenly become readable.

Can Our Encryption Be Saved?

The short answer: Yes, but it requires massive global coordination and action.

Post-Quantum Cryptography (PQC)

In 2022-2023, the US National Institute of Standards and Technology (NIST) conducted a competition to standardise quantum-resistant algorithms [13]. These typically rely on mathematical problems that even quantum computers can't solve efficiently:

NIST-approved PQC algorithms:

• CRYSTALS-Kyber: For key encapsulation (replacing RSA/DH)
• CRYSTALS-Dilithium: For digital signatures (replacing RSA/ECDSA)
• FALCON: Alternative signature scheme
• SPHINCS+: Hash-based signatures

Mathematical foundations:

• Lattice-based cryptography: Based on geometric problems in high dimensions
• Hash-based schemes: Using cryptographic hash functions
• Multivariate equations: Systems of polynomial equations
• Code-based cryptography: Error-correcting codes

These algorithms are already being tested and implemented by forward-thinking organisations.

Industry Is Already Moving

Tech companies leading the charge:

• Google: Implementing hybrid encryption in Chrome and Android
• Cloudflare: Rolling out post-quantum TLS
• Signal: Testing quantum-resistant messaging protocols
• Apple: Announced plans for PQC transition
• BTQ Technologies: Demonstrated quantum-safe Bitcoin in October 2024 [14]

Government timelines:

• NIST (USA): Transition by 2030, traditional methods phased out by 2035 [13]
• UK National Cyber Security Centre: Three-phase migration by 2035 [15]
• EU and China: Developing active PQC strategies

The Migration Challenge

Transitioning the world's cryptographic infrastructure is unprecedented in scope:

What needs upgrading:

• Every HTTPS certificate and website
• All banking systems and payment processors
• Government and military communications
• Email encryption protocols
• VPN and secure messaging apps
• Cryptocurrency networks
• IoT devices and embedded systems
• Digital signature infrastructure

The timeline problem:

• Full enterprise migration: Estimated 7-10 years
• Bitcoin upgrade: 7 years based on past protocol changes [16]
• Emergency response: Could be rushed in 2 years if needed
• Quantum computers arrive: Potentially 2028-2035

If the pessimistic timeline (2028) is correct and we need 7-10 years for global transition, we should have started yesterday.

The Global Stakes

The quantum threat affects virtually every aspect of modern digital life:

Financial Systems

• Banking infrastructure: Online banking, ATMs, wire transfers
• Payment processors: Credit cards, PayPal, payment gateways
• Stock markets: Trading platforms and securities
• Cryptocurrencies: $2+ trillion ecosystem vulnerable

Government & Military

• Classified communications: Diplomatic cables, military orders
• National security: Intelligence data, defense systems
• Critical infrastructure: Power grids, water systems, transportation

Personal Privacy

• Email and messaging: Years of personal communications
• Medical records: Health information and genetic data
• Financial history: Bank statements, investment records
• Authentication: Passwords, 2FA, digital identities

Business & Industry

• Trade secrets: R&D, formulas, designs
• Intellectual property: Patents, proprietary technology
• Corporate communications: Strategic planning, M&A discussions
• Supply chain: Logistics, vendor relationships

The Expert Consensus

Despite varying timelines, there's surprising agreement on several points:

1. The threat is real: No serious expert dismisses quantum computing's potential to break current encryption
2. Timelines have accelerated: Recent breakthroughs have shortened predictions by years or even decades
3. Action is needed now: Even conservative estimates suggest transitions should begin immediately
4. It's an engineering challenge, not a physics problem: We know how to build quantum-resistant systems; implementing them is the hard part

As Bitcoin researcher Ethan Heilman notes [17]: "Bitcoin needs to protect people's funds over generational timescales. The history of cryptography is one of change and adoption to new attacks, faster computers and better algorithms."

What Does This Mean for You?

If you're a security professional or IT leader:

1. Start planning now: Inventory your cryptographic systems
2. Follow NIST guidance: Monitor post-quantum standards
3. Test PQC implementations: Begin pilot programmes
4. Assess your timeline: How long would migration take?
5. Consider hybrid approaches: Combine classical and quantum-resistant algorithms

If you hold cryptocurrencies:

1. Follow best practises: Never reuse addresses, use modern wallet types
2. Stay informed: Watch for network upgrade proposals
3. Don't panic sell: Communities have time to respond if they act decisively
4. Understand the risk: Stored value today could be vulnerable within a decade

For everyone:

1. Awareness: Understand that this affects banking, email, browsing—everything
2. Support updates: Don't ignore security updates from major platforms
3. Enable modern protocols: Use services implementing PQC where available
4. Long-term thinking: Data encrypted today may be vulnerable in 10 years

The Bottom Line

The quantum threat to modern cryptography is neither science fiction nor an immediate crisis—it's a predictable engineering challenge with a rapidly approaching deadline.

The current state:

• Google's Willow has 105 qubits
• We need roughly 1,000-2,000 logical qubits to break encryption
• IBM plans 200 logical qubits by 2029, 2,000 by 2033
• Google researchers suggest RSA could fall by 2030-2035

The timeline spectrum:

• Pessimistic: Encryption broken by 2028
• Middle ground: Critical vulnerabilities by 2030-2035
• Optimistic: Safe until late 2030s or 2040s

Here's what's certain: the gap is closing faster than most people realise. The question isn't if quantum computers will break current public-key encryption—it's when.

More importantly: will governments, corporations, and technology platforms migrate to quantum-resistant cryptography before that day arrives?

The quantum clock is ticking. The countdown has begun. Unlike past technological threats that turned out to be hype, this one is being built in state-of-the-art facilities by the world's most advanced technology companies, with public roadmaps and target dates.

The real challenge: Upgrading the world's cryptographic infrastructure is a monumental task that takes years, potentially a decade. If quantum computers arrive in 2028-2030, and we need 7-10 years to transition, the window for action is closing rapidly.

The only question left is: will we act fast enough?

This isn't just about Bitcoin or cryptocurrencies. It's about the security of our entire digital civilisation—banking, communications, privacy, national security, and commerce. The infrastructure we've built over decades relies on mathematical problems that quantum computers will solve in hours.

The transition to post-quantum cryptography isn't optional. It's inevitable. The only variable is whether it happens proactively or reactively—and that choice will determine whether we face an orderly transition or a cryptographic catastrophe.

Note: This article is based on public information available as of November 2025. Quantum computing timelines are inherently uncertain and subject to both breakthroughs and setbacks. The information presented should not be considered financial or technical advice.

References

[1] Quantum Doomsday Clock - https://quantumdoomclock.com/

[2] Bitget News (2025) - "Quantum Threat to Bitcoin Is Closer Than You Think" - https://www.bitget.com/news/detail/12560605050353

[3] Google Quantum AI Blog (2024) - "Meet Willow, our state-of-the-art quantum chip" - https://blog.google/technology/research/google-willow-quantum-chip/

[4] Finbold (2025) - "New Quantum Doomsday Clock sets date when Bitcoin's encryption will be cracked" - https://finbold.com/new-quantum-doomsday-clock-sets-date-when-bitcoins-encryption-will-be-cracked/

[5] IBM Quantum Blog (2025) - "IBM lays out clear path to fault-tolerant quantum computing" - https://www.ibm.com/quantum/blog/large-scale-ftqc

[6] BeInCrypto (2025) - "Bitcoin May Break by 2028 Without Quantum Resistance" - https://beincrypto.com/bitcoin-quantum-threat-countdown-warning/

[7] Wikipedia - "Shor's Algorithm" - https://en.wikipedia.org/wiki/Shor's_algorithm

[8] Wikipedia - "Grover's Algorithm" - https://en.wikipedia.org/wiki/Grover's_algorithm

[9] Cointelegraph Magazine (2025) - "Bitcoin vs. the quantum computer threat: Timeline and solutions" - https://cointelegraph.com/magazine/bitcoin-quantum-computer-threat-timeline-solutions-2024-2035/

[10] Digital Watch Observatory (2025) - "Quantum computers might break Bitcoin security faster than thought" - https://dig.watch/updates/quantum-computers-might-break-bitcoin-security-faster-than-thought

[11] PostQuantum (2025) - "Quantum computers might break Bitcoin security faster than thought" - Based on Craig Gidney's 2025 research suggesting 20× fewer resources needed

[12] Cointelegraph (2025) - "Bitcoin must upgrade or fall victim to quantum computing in..." - https://cointelegraph.com/news/bitcoin-quantum-computing

[13] NIST - "Post-Quantum Cryptography Project" - https://csrc.nist.gov/projects/post-quantum-cryptography

[14] BTQ Technologies Blog - "Will Quantum Computers Break Bitcoin?" - https://www.btq.com/blog/will-quantum-computers-break-bitcoin

[15] UK National Cyber Security Centre - Quantum security guidance (Referenced in industry reports)

[16] Bitcoin Magazine (2025) - "What Happens To Bitcoin When Quantum Computers Arrive?" - https://bitcoinmagazine.com/technical/what-happens-to-bitcoin-when-quantum-computers-arrive

[17] Cointelegraph Magazine (2025) - Interview with Ethan Heilman - https://cointelegraph.com/magazine/bitcoin-quantum-computer-threat-timeline-solutions-2024-2035/

Additional Resources

• IBM Quantum Computing Roadmap - https://www.ibm.com/roadmaps/quantum/
• Google Quantum AI - https://quantumai.google/
• NIST Post-Quantum Cryptography Standardisation - https://csrc.nist.gov/projects/post-quantum-cryptography
• PostQuantum.com - Industry news and analysis - https://postquantum.com/