QRI Research Note
When Quantum Reaches Large-Scale Cryptanalysis
Quantum Threat Level 100
From one-off breaks to an industrial cryptanalytic capability
Large-scale cryptanalysis means quantum attacks are no longer rare demonstrations against isolated targets. It means a capable actor can run repeated attacks against many keys, integrate the results into operational workflows, and threaten systems that have not migrated.
Level 100 is not about one spectacular paper. It is about repeatability, throughput, secrecy, and scale.
What this level means
A one-off RSA-2048 or ECC break is enough to prove the old cryptography is vulnerable. Large-scale cryptanalysis is worse: it means the capability can be scheduled, repeated, optimized, and used against many real targets.
At this point, un-migrated public-key infrastructure becomes structurally unsafe. The relevant question is no longer whether quantum attacks are possible, but which systems have already moved to quantum-safe algorithms and which remain exposed.
What technology needs to be developed to get here
A Level 100 capability requires quantum computing to become an operational platform. Hardware, software, facilities, people, and attack automation all have to work together.
One machine may prove a capability. Large-scale cryptanalysis needs enough capacity to run many jobs, recover from failures, and prioritize targets.
Target collection, circuit generation, quantum execution, classical post-processing, key verification, and exploitation must be integrated into repeatable workflows.
Attacks must become cheap enough that actors can use them operationally. If each break consumes enormous resources, the threat is severe but selective.
Large systems need maintenance windows, spare parts, monitoring, calibration, and trained operators. Cryptanalysis at scale is an infrastructure problem.
The most dangerous capabilities may not be public. Intelligence and criminal use may be inferred from unexplained compromises rather than announced benchmarks.
Organizations need cryptographic inventories, certificate agility, key-rotation logs, PQC deployment evidence, and incident response plans for quantum-era compromise.
Expected timeline and development path
Level 100 comes after the first practical breaks, but the lag could be short or long. It depends on whether the technology is expensive national infrastructure or rapidly commercializing hardware.
A few public or private demonstrations show modern RSA and ECC can be attacked in practical time.
Attack software, scheduling systems, and target pipelines turn demonstrations into repeatable processes.
Quantum cryptanalysis becomes a capacity question. Actors choose targets by value, exposure, and defensive migration status.
What this means in real life
For ordinary people, this level means the internet already needed to have changed before the milestone arrived.
Any bank or identity system still using vulnerable key exchange or signatures would be at high risk.
Unsigned or weakly signed software ecosystems could face forged updates and trust-chain failures.
Captured traffic and archives protected by vulnerable public-key systems could be decrypted if they were not protected with PQC.
Cryptocurrencies without quantum-safe migration would face wallet theft, exchange disruption, and trust loss.
Long-lived sensitive records would be exposed if they were harvested under old cryptography.
The visible impact would be less about quantum computers themselves and more about which institutions prepared in time.
Bitcoin relevance
Bitcoin would be unsafe at Level 100 unless the ecosystem had already migrated vulnerable funds and deployed quantum-safe signature options.
The important point is that migration must happen before large-scale attacks exist. Waiting until Level 100 would mean trying to redesign a global settlement network during an active cryptographic emergency.
Signals QRI would look for
- Repeated modern key breaks rather than one-off demonstrations
- Attack runtimes and costs low enough for target selection
- Evidence of private or classified capabilities beyond public machines
- Mass migration away from remaining RSA and ECC trust chains
- Bitcoin and other cryptographic networks completing quantum-safe transitions
Sources and framing
QRI treats these dates as planning ranges, not predictions. The references below inform the article series: NIST has finalized practical PQC standards, NIST NCCoE emphasizes inventory and migration planning, NSA/CNSA guidance says planning and budgeting should happen now, and Google has published both an accelerated PQC migration target and updated factoring-resource estimates.