Back to blogLire en français
tech

Q-Day: The Cryptographic Deadline No One Is Watching

Your encrypted data is already compromised. Why the arrival of quantum computers by 2032 forces SMEs, professionals, and industrials to act now — not in 2030.

7 min

If you're reading this article over HTTPS, that traffic is probably already stored somewhere

Not from individual malice. From industrial routine. Several intelligence agencies and private actors have been capturing massive volumes of encrypted traffic for years that they cannot read today — waiting for the day they can.

That day has a name: Q-Day. It's the moment when a quantum computer powerful enough will break the cryptographic algorithms that protect 99% of the Internet today, banking transactions, medical records, and government communications.

The bad news is that for your most sensitive data, Q-Day has already happened — you just need to wait for the deferred reading.

Q-Day explained in three paragraphs

The entire security of the Internet rests on a simple idea: some mathematical problems are easy to create but nearly impossible to reverse. Multiplying two large prime numbers is trivial; finding those two numbers from the result takes billions of years on a classical computer. This asymmetry underpins RSA, ECDSA, and nearly all HTTPS protocols, signatures, and SSL certificates.

In 1994, mathematician Peter Shor published an algorithm capable of solving these problems in minutes — provided you have a quantum computer. At the time, it was a theoretical curiosity. Today, IBM, Google, Microsoft, the Chinese Academy of Sciences, and several startups (PsiQuantum, Quantinuum, IonQ) are actively building the machines capable of executing it.

Serious estimates converge: the first cryptographically relevant quantum computer (CRQC) will appear between 2030 and 2038. Not in fifty years. In the decade just starting.

Why it's urgent even if Q-Day is in 2032

The natural mistake is to think: "Well, I have ten years, I'll deal with this in 2030." That's exactly the trap.

Three durations collide:

  • Secret lifetime: how long must this data remain confidential? A medical record? 50 years. An industrial patent? 20 years. A legal file? 30 years. An M&A contract? At least 10 years.
  • Migration time: how many years does it take your organization to switch its entire cryptographic infrastructure? For an SME, 2-3 years. For a bank, 7-10 years. For a state, 15 years (the US NSA gives 2035 as its internal deadline).
  • Time before Q-Day: 6 to 12 years according to estimates.

The rule, formulated by Canadian cryptographer Michele Mosca, is mechanical: if the sum of the first two durations exceeds the third, your most sensitive data is already compromised. Not tomorrow: today.

This is called HNDL (harvest now, decrypt later). It is not a hypothetical scenario. Several national intelligence agencies have practiced it openly since 2010-2015. Archived volumes are measured in exabytes.

The three at-risk categories

1. Cryptocurrencies and blockchains

Bitcoin, Ethereum, Solana, and nearly all major blockchains use ECDSA-type signatures — directly breakable by a quantum computer. Independent estimates put about 4 million bitcoins (out of 19.8 million) immediately vulnerable because their public key has already been revealed publicly on-chain. At $100,000 per bitcoin, that represents $400 billion transferable on Q-Day.

The Bitcoin and Ethereum communities are working on post-quantum hard forks. But coordinating a protocol change on a $2 trillion infrastructure, without a central authority, is a political challenge before being a technical one.

2. Long-term archives (the invisible risk)

This is the category no one talks about, and which is in reality the most dangerous.

  • Law firms: files archived 10-30 years, privileged communications, private contracts.
  • Medical practices and hospitals: patient records kept 20-50 years depending on jurisdiction.
  • Industrials: plans, patents, manufacturing processes, trade secrets.
  • Notaries and registries: authentic deeds, wills, real estate transactions.
  • National archives and libraries: official correspondence, diplomatic archives.

All this data is currently encrypted with algorithms that Q-Day will render transparent. And much of it is already captured in network traffic or stored on clouds where we don't really know who exfiltrates what.

3. Government communications and industrial secrets

The United States published as early as 2022 their CNSA 2.0 directive requiring all classified systems to migrate to post-quantum by 2035. France, via ANSSI, published equivalent recommendations in 2024. The European Union will follow with eIDAS 2.0.

If you process data subject to government specifications, or if you provide services to large enterprises under SLA contracts, expect PQC compliance to become a market access condition by 2027-2028.

What's already moving at the giants

While most SMEs and mid-caps still ignore the topic, major players have started moving:

  • NIST published in August 2024 the official post-quantum standards: FIPS 203 (ML-KEM, formerly Kyber), FIPS 204 (ML-DSA, formerly Dilithium), FIPS 205 (SLH-DSA, formerly SPHINCS+).
  • Cloudflare deployed in 2024 hybrid post-quantum encryption (X25519MLKEM768) across its entire edge. Today, ~30% of global HTTPS traffic already passes through PQ-ready infrastructure.
  • Google Chrome and Firefox enable post-quantum hybrid for TLS 1.3 by default since 2024.
  • Apple iMessage switched in 2024 to PQ3, its post-quantum protocol.
  • Microsoft, AWS, OVH announced PQC roadmaps for 2025-2027.
  • Signal migrated its protocol to PQXDH in 2023.

The hyperscaler world has already moved. The world of SMEs, mid-caps, and regulated professions (lawyers, notaries, doctors, industrials) has not started. This gap is what's becoming critical.

The trap for SMEs, mid-caps, and professionals

The classic mistake is to think: "Q-Day is a problem for Google and the NSA, not for my 15-person firm."

This is wrong for three reasons.

1. Your data is already being harvested. Any firm hosting its files with a cloud provider is exposed. Any firm sending emails is exposed. You don't need to be a priority target — your traffic just needs to pass through the right collection points.

2. Legal liability is retroactive. If in 2032 a patient record archived in 2026 is publicly read because you didn't migrate, courts will apply the standard of the time when the risk was known — that is, now. The defense "we didn't know" won't hold, since NIST has published the official standards.

3. Migration takes time. Your suppliers (business software, host, antivirus, VPN, electronic signature) must themselves migrate before you can. If you wait until 2030 to ask them, they'll be saturated. If you ask now, you get their roadmap and can choose your suppliers accordingly.

Three concrete actions to take this week

You don't need to be a cryptographer to start. Three steps, each taking less than an hour:

1. Inventory long-lifetime data. List all data you keep for more than 10 years. For each, note where it's stored, who has access, and what algorithm encrypts it. If you don't know, that's already an answer.

2. Ask your suppliers about their PQC roadmap. Host, email provider, business software, electronic signature, cloud backup: send an email to each with a simple question: "What is your migration roadmap toward NIST FIPS 203/204/205 standards?" The answers (or non-answers) will tell you everything.

3. Check your HTTPS. Does your website already support hybrid post-quantum? Cloudflare and most modern CDNs do it automatically. If you're self-hosted, verify that your TLS server supports X25519MLKEM768.

What's really at stake

Q-Day is not a technical problem. It's a problem of asymmetric temporality: the cost of inaction is invisible today and catastrophic tomorrow. Organizations that started moving in 2026 will have a decade to prepare calmly. Those waiting until 2030 will do it in panic, paying 5 to 10 times more for a botched migration.

This is exactly the profile of technological transitions that produce lasting competitive gaps: the first know where to put their hands, the last pay the catch-up price.

At OmniRealm, we have been working for several months on post-quantum cryptography topics applied to long-term archiving and proof of anteriority. We are not selling a miracle solution. We believe that collective awareness must precede products — otherwise the market will buy anything out of fear. This article is part of that groundwork.

If Q-Day concerns you (and it concerns you), start with the inventory. It's free, it takes an hour, and it's the foundation of everything.

Sources and further reading:

  • NIST FIPS 203/204/205 — Official post-quantum standards (August 2024)
  • Cloudflare — The state of the post-quantum internet (2024)
  • Apple Security Engineering — iMessage PQ3 protocol (2024)
  • ANSSI — Post-quantum cryptographic recommendations (2024)
  • Mosca's theorem — When should we panic? (2015)
Discover the OmniRealm ecosystem