Redazione RHC : 22 August 2025 11:15
Security experts are increasingly talking about “Q-Day,” the moment when quantum computers will be able to handle modern encryption algorithms. Predictions from major players, from IBM and Google to Gartner analysts, boil down to an alarming date: the finish line could arrive as early as 2029. The paradox is that there will be no dramatic warning signals. Servers will continue to respond to requests, browsers will open familiar pages, and enterprise systems will remain operational. Only the invisible part of the picture will change: Attackers who have been “collecting” encrypted data for years will wait for the moment when it can be read.
Earlier this summer, Keyfactor gathered scientists around a table to discuss the line between awareness and real preparedness. The meeting echoed a sentiment that security executives have long repeated privately: No one knows the exact date, so it makes sense to act as if the race has already begun. The company has published recommendations for compiling a cryptographic inventory, which is usually the starting point for any major transition. Without a thorough understanding of the protocols, keys, libraries, and devices involved in business processes, it is impossible to plan for replacement.
The quantum day, whatever it may be, will be ushered in by public keys like RSA-2048, which has been the workhorse of digital signatures, key exchange, TLS in web browsers, email encryption, and a host of embedded scripts for decades.
The National Institute of Standards and Technology has already approved a series of post-quantum algorithms, and the path is formally mapped out. The problem is scalability. Keyfactor co-founder Ted Shorter estimates that even the much smoother upgrade from SHA-1 to SHA-2/256, which began around 2007, took the industry about 12 years to complete. Organizations faced incompatibilities, the risk of breaking legacy integrations, and staffing shortages, so the migration dragged on. Nearly two decades later, there are still customers with SHA-1 lurking in the corners of their infrastructure.
The business side of the problem adds to the inertia. Technical teams have been playing whack-a-mole for years with a constant stream of incidents, and strategic cryptocurrency restructuring has been relegated to the bottom of the priority list.
When security explains risks, some managers see them as “another Y2K,” which can presumably be postponed if the threat doesn’t materialize within a couple of years. This misperception affects data with a long life cycle. Financial records are often required to be retained for at least seven years, bank account identifiers are valid for decades, satellites remain in orbit well beyond the complete depreciation of ground equipment. Tom Patterson of Accenture recalls the project for the first quantum satellite: encryption isn’t the first thing that comes to mind, but it’s impossible to “reposition” the device in space: protection must be installed before launch.
The history of Y2K makes it really difficult to clearly assess current risks. In the late 1990s, the world was bracing for a technical disruption due to the double-digit year format. Governments, banks, infrastructure—the entire ecosystem spent hundreds of billions of dollars updating and rewriting code. By New Year’s Eve, nothing collapsed, and the efforts of an army of engineers were virtually invisible. Years later, the side effects of the “windowing” became apparent: some parking meters and payment systems failed in 2020. Veterans of those events like Peter Zatko (Mudge), now CIO of DARPA, recall being on duty in contact with the White House and emphasize: “No disaster occurred” precisely because people worked. Others recall: countries with minimal preparation passed the milestone almost painlessly, which means there was more panic than action. Both versions are convenient in hindsight, but they both boil down to one point: A large-scale problem can only be prevented in advance.
In this sense, the post-quantum transition is more complex than Y2K. The date hasn’t been set yet; no one will publish a press release announcing that the key has finally given way.
Attackers will silently collect the dataset and the necessary energy, just as cryptanalysts once worked on Enigma, and will work on those arrays that will be valuable for years to come. Applied Quantum researcher Marin Ivezic draws attention to the energy balance: cracking a single RSA-2048 key can take days and megawatts, so a massive “demolition” of cryptography in one fell swoop is not in the cards.
The industry, however, is starting to move. Keyfactor’s July 30 “Digital Trust Digest: Quantum Readiness Edition” report found that half of the 450 IT security executives surveyed admitted they were unprepared, but the topic has already made it onto the agendas of boards of directors, insurers, and regulators. Compliance requirements will push large financial institutions, banks, telecommunications companies, and government agencies faster than others. Smaller companies may follow a different trajectory: some will wait for hardware and software to change and “move” directly to the new cryptography; for those who live entirely in the cloud, hyperscalers will take on part of the work.
The practical agenda for the coming years seems concrete. We need a complete registry of cryptographic environments: protocols, libraries, certification centers, key formats and their lifetimes. Then, pilot implementations of NIST algorithms where risks are highest and a compatibility plan to avoid “abandoning” obsolete integrations. Automation will be necessary, because a manual migration of this type is unsustainable. And we will have to constantly revise cryptographic policies, taking this very timing uncertainty into account.
The digital world has a difficult timetable: somewhere in the future, the “Epoch of Revelation” of 2038 looms, another bug in the UNIX universal reference system. But this is a problem for the foreseeable future. Post-quantum protection requires effort now, while threats remain theoretical and invisible. If everything is done in time, “nothing will happen”—and this will be the primary indicator of success.
Redazione