The Quantum Apocalypse Is (Not) Coming in 2026

Every few months, someone puts out a press release announcing the imminent death of public-key cryptography. The algorithm is different, the institute has a new name, but the story always goes the same way: a dramatic claim, a burst of headlines, and then quiet, as experts look at the math and find it less impressive than advertised.

The latest version is the Jesse-Victor-Gharabaghi (JVG) algorithm, from the Advanced Quantum Technologies Institute, whose press release carried the restrained title: ”Cybersecurity Apocalypse in 2026.”

Reader, we are still here.

TL;DR: The JVG “RSA is doomed in 2026” claim did not survive expert scrutiny. It’s a good reminder that PQC preparation should follow credible risk assessment, not press-release hype.

What was claimed

The JVG paper, posted to Preprints.org in late 2025, proposes a hybrid classical-quantum approach to integer factorization. The numbers look dramatic: it claims to factor RSA-2048 in roughly 11 hours using fewer than 5,000 physical qubits. Peer-reviewed estimates put the real requirement somewhere in the millions. The press release called this an “immediate threat” to global encryption infrastructure and predicted the apocalypse would arrive by 2026.

The security community responded quickly. Scott Aaronson, one of the world’s top quantum computing theorists, titled his blog post ”The ‘JVG algorithm’ is crap.” He’s not usually one for overstatement.

Why experts weren’t impressed

The technical objections cluster around a few things.

The paper’s efficiency claims come from simulating tiny numbers (factoring 15, 21, 143, and a few other small composites) and extrapolating to RSA-2048 with curve fitting. This has a long, inglorious history in the “I can break RSA” literature. Small-scale quantum circuit simulations routinely miss the catastrophic effects of noise at scale.

The 5,000-qubit claim also ignores error correction, which is the elephant in every quantum computing discussion. Running a deep quantum circuit without noise destroying it requires encoding many physical qubits into far fewer fault-tolerant logical qubits. The gap between “physical qubits in a diagram” and “physical qubits you actually need on real hardware” is where most of these claims quietly fall apart.

Then there’s the venue. Preprints.org explicitly does not do peer review. Real breakthroughs in quantum factoring don’t debut as press releases on wire services before even hitting arXiv, much less a journal. The Hacker News thread was, predictably, not kind.

The problem with crying wolf

This is where it matters beyond the entertainment value.

The quantum threat to public-key cryptography is real. Shor’s algorithm does break RSA and elliptic curve cryptography on a powerful enough quantum computer. NIST spent years standardizing post-quantum replacements for this reason. The transition is happening, it matters, and it needs sustained effort from basically every organization that depends on encrypted communications.

Hype cycles like the JVG press release muffle that signal. When “quantum will break encryption” becomes the headline that cried wolf, security teams tune it out. The organizations that most need to be quietly preparing their cryptographic infrastructure end up filing it under “sensational nonsense” and moving on.

The real timeline for a cryptographically relevant quantum computer is genuinely uncertain, and that uncertainty is part of why starting migration now makes sense rather than waiting for a specific date. Aaronson himself, who is generally skeptical of near-term timelines, has said that anyone concerned about cybersecurity should probably already be migrating to quantum-resistant cryptography, because hardware progress could surprise us.

What crypto agility actually looks like

The practical response to both the real long-term threat and the recurring noise is the same: know what cryptography you’re running, and make sure you can change it.

That means knowing which systems use RSA or elliptic curve key exchange, whether they support post-quantum hybrids like ML-KEM, and whether swapping algorithms would take six years or a config change. That ability to rotate cryptographic algorithms without rebuilding your infrastructure is what people mean by crypto agility, and it matters more than any single algorithm choice.

QCReady can show you in seconds where your public-facing endpoints stand: whether they’re already negotiating post-quantum key exchange or still on classical-only TLS. It won’t protect you from press releases, but it will tell you whether your infrastructure is ahead of the actual threat.

The quantum apocalypse probably isn’t arriving in 2026. But the migration work is real, already underway at serious organizations, and waiting for a credible headline is not a strategy.

Sources: