The Quantum Apocalypse Is (Not) Coming in 2026

Every few months, the cybersecurity world receives a new press release announcing the imminent death of public-key cryptography. The algorithm has changed, the institute has a different name, but the arc of the story is always the same: a dramatic claim, a flurry of headlines, and then — silence, as experts quietly examine the math and come to rather less exciting conclusions.

The latest entry in this genre is the Jesse–Victor–Gharabaghi (JVG) algorithm, presented by the Advanced Quantum Technologies Institute in a press release with the understated title: “Cybersecurity Apocalypse in 2026.”

Reader, we are still here.

TL;DR: The JVG “RSA is doomed in 2026” claim did not survive expert scrutiny. It is a useful reminder that PQC preparation should be driven by credible risk, not press-release hype.

What Was Claimed

The JVG paper, posted to Preprints.org in late 2025, proposes a hybrid classical-quantum approach to integer factorization. The headline numbers are striking: it claims to factor RSA-2048 in approximately 11 hours using fewer than 5,000 physical qubits. For context, mainstream peer-reviewed estimates put the real-world qubit requirement at somewhere in the millions. The press release helpfully noted that this posed an “immediate threat” to global encryption infrastructure, and that the apocalypse would arrive by 2026.

The security community’s response was swift, and, shall we say, collegial. Scott Aaronson — one of the world’s foremost quantum computing theorists — titled his blog post on the subject “The ‘JVG algorithm’ is crap.” Aaronson is not typically given to hyperbole.

Why Experts Were Unmoved

The technical criticisms converge on a few points.

First, the paper’s jaw-dropping efficiency claims rest on simulations of tiny numbers — factoring 15, 21, 143, and a handful of other small composites — and then extrapolating to RSA-2048 via curve fitting. This is a move with a long and undistinguished history in the “I can break RSA” literature. Small-scale simulation results for quantum circuits routinely fail to reflect the catastrophic effects of noise at scale.

Second, the claim of 5,000 physical qubits ignores the elephant in every quantum computing room: error correction. Running a deep quantum circuit without noise tearing it apart requires encoding many physical qubits into a much smaller number of fault-tolerant logical qubits. The gap between “physical qubits in a diagram” and “physical qubits you actually need to run this reliably on real hardware” is where most of these claims go to die, usually quietly.

Third, there is the matter of venue. The manuscript was hosted on Preprints.org, which explicitly does not conduct peer review. Genuine breakthroughs in quantum factoring do not typically debut as press releases on wire services before passing through arXiv, let alone through a journal. The Hacker News thread on this was, predictably, not kind.

The Problem with Crying Wolf

Here is where it gets worth caring about beyond the entertainment value.

The actual quantum threat to public-key cryptography is real. Shor’s algorithm genuinely breaks RSA and elliptic curve cryptography on a sufficiently powerful quantum computer. NIST spent years standardizing post-quantum replacements for exactly this reason. The transition is happening, it is important, and it requires sustained effort from essentially every organization that relies on encrypted communications.

What hype cycles like the JVG press release do is muffle the signal. When “quantum will break encryption” becomes the headline that cried wolf, security teams start tuning it out. The organizations that most need to be quietly preparing their cryptographic infrastructure are instead filing it under “sensational nonsense” and moving on.

The real timeline for a cryptographically relevant quantum computer remains genuinely uncertain — that uncertainty is part of why migration now makes sense, rather than waiting for a definitive date. Scott Aaronson himself, generally skeptical of near-term timelines, has noted that anyone concerned about cybersecurity should probably already be looking at migrating to quantum-resistant cryptography, because hardware progress could surprise us.

What “Crypto Agility” Actually Looks Like

The practical response to all of this — both the genuine long-term threat and the recurring noise — is the same thing: know what cryptography you are running, and make sure you can change it.

That means understanding which of your systems use RSA or elliptic curve key exchange, whether they support post-quantum hybrids like ML-KEM, and whether a future algorithm rotation would require a six-year project or a configuration change. That property — the ability to swap cryptographic algorithms without rebuilding your infrastructure — is what the industry calls crypto agility, and it is more valuable than any single algorithm choice.

QCReady can tell you in seconds where your public-facing endpoints stand today: whether they’re already negotiating post-quantum key exchange, or still running classical-only TLS. It won’t protect you from press releases, but it will tell you whether your actual infrastructure is ahead of the real threat curve.

The quantum apocalypse may not be arriving in 2026. But the migration work is real, it is already underway in serious organizations, and waiting for a credible headline is not a strategy.

Sources: