**(MITTechnologyReview)** Scientists have long been speculating quantum computers will be powerful enough to crack certain codes used to send secure messages. After that date, any information protected by this form of encryption becomes insecure. Previously the answer has always been decades.

Now, that time-line needs to be revised thanks to the work of Craig Gidney at Google in Santa Barbara and Martin Ekerå at the KTH Royal Institute of Technology in Stockholm, Sweden. These two have found a more efficient way for quantum computers to perform the code-breaking calculations, reducing the resources they require by orders of magnitude. Security experts might well have been able to justify the idea that it would be decades before messages with 2048-bit RSA encryption could be broken by a quantum computer.

Now Gidney and Ekerå have shown how a quantum computer could do the calculation with just 20 million qubits. Indeed, they show that such a device would take just eight hours to complete the calculation. “[As a result], the worst case estimate of how many qubits will be needed to factor 2048 bit RSA integers has dropped nearly two orders of magnitude,” they say.

Consequently, these machines are significantly closer to reality than anyone suspected. The result will make uncomfortable reading for governments, military and security organizations, banks, and anyone else who needs to secure data for 25 years or longer.