QRI Research Note

When Quantum Reaches Large-Scale Cryptanalysis

Quantum Threat Level 100

From one-off breaks to an industrial cryptanalytic capability

Large-scale cryptanalysis means quantum attacks are no longer rare demonstrations against isolated targets. It means a capable actor can run repeated attacks against many keys, integrate the results into operational workflows, and threaten systems that have not migrated.

Index level100 / 100
Planning windowAfter practical RSA and ECC breaks; timing depends on scale, access, and cost
Bitcoin statusUnsafe unless migration is complete

Level 100 is not about one spectacular paper. It is about repeatability, throughput, secrecy, and scale.

What this level means

A one-off RSA-2048 or ECC break is enough to prove the old cryptography is vulnerable. Large-scale cryptanalysis is worse: it means the capability can be scheduled, repeated, optimized, and used against many real targets.

At this point, un-migrated public-key infrastructure becomes structurally unsafe. The relevant question is no longer whether quantum attacks are possible, but which systems have already moved to quantum-safe algorithms and which remain exposed.

What technology needs to be developed to get here

A Level 100 capability requires quantum computing to become an operational platform. Hardware, software, facilities, people, and attack automation all have to work together.

Multiple large machines

One machine may prove a capability. Large-scale cryptanalysis needs enough capacity to run many jobs, recover from failures, and prioritize targets.

Automated attack pipelines

Target collection, circuit generation, quantum execution, classical post-processing, key verification, and exploitation must be integrated into repeatable workflows.

Cost reduction

Attacks must become cheap enough that actors can use them operationally. If each break consumes enormous resources, the threat is severe but selective.

Reliability and maintenance

Large systems need maintenance windows, spare parts, monitoring, calibration, and trained operators. Cryptanalysis at scale is an infrastructure problem.

Stealth and access

The most dangerous capabilities may not be public. Intelligence and criminal use may be inferred from unexplained compromises rather than announced benchmarks.

Defensive observability

Organizations need cryptographic inventories, certificate agility, key-rotation logs, PQC deployment evidence, and incident response plans for quantum-era compromise.

Expected timeline and development path

Level 100 comes after the first practical breaks, but the lag could be short or long. It depends on whether the technology is expensive national infrastructure or rapidly commercializing hardware.

Initial break era

A few public or private demonstrations show modern RSA and ECC can be attacked in practical time.

Operationalization

Attack software, scheduling systems, and target pipelines turn demonstrations into repeatable processes.

Large-scale era

Quantum cryptanalysis becomes a capacity question. Actors choose targets by value, exposure, and defensive migration status.

What this means in real life

For ordinary people, this level means the internet already needed to have changed before the milestone arrived.

Banking and identity

Any bank or identity system still using vulnerable key exchange or signatures would be at high risk.

Software supply chain

Unsigned or weakly signed software ecosystems could face forged updates and trust-chain failures.

Old encrypted archives

Captured traffic and archives protected by vulnerable public-key systems could be decrypted if they were not protected with PQC.

Crypto assets

Cryptocurrencies without quantum-safe migration would face wallet theft, exchange disruption, and trust loss.

Healthcare and legal records

Long-lived sensitive records would be exposed if they were harvested under old cryptography.

Consumer trust

The visible impact would be less about quantum computers themselves and more about which institutions prepared in time.

Bitcoin relevance

Bitcoin would be unsafe at Level 100 unless the ecosystem had already migrated vulnerable funds and deployed quantum-safe signature options.

The important point is that migration must happen before large-scale attacks exist. Waiting until Level 100 would mean trying to redesign a global settlement network during an active cryptographic emergency.

Signals QRI would look for

  • Repeated modern key breaks rather than one-off demonstrations
  • Attack runtimes and costs low enough for target selection
  • Evidence of private or classified capabilities beyond public machines
  • Mass migration away from remaining RSA and ECC trust chains
  • Bitcoin and other cryptographic networks completing quantum-safe transitions

Sources and framing

QRI treats these dates as planning ranges, not predictions. The references below inform the article series: NIST has finalized practical PQC standards, NIST NCCoE emphasizes inventory and migration planning, NSA/CNSA guidance says planning and budgeting should happen now, and Google has published both an accelerated PQC migration target and updated factoring-resource estimates.