We are several theoretical and engineering breakthroughs away from a scalable quantum computer with sufficiently many error-corrected, logical qubits to do something useful with Shor's algorithm. The current rate of error-correction needs to decrease by a factor of 10 - 100. The current state of the art in physical qubits needs to increase by a factor of at least 10,000.
If we assume the number of usable physical qubits doubles every year while the decoherence rate halves every year, it's plausible a quantum computer could be designed to break 2048-bit RSA in slightly under 20 years.[1] To be generous, we'll also assume the implementation and engineering work doesn't meaningfully increase that estimate once the design is finished.
This is an optimistic forecast, to put it mildly. There are credible arguments from skeptics[2][3] in the academic community that it's not actually possible to build a quantum computer capable of breaking RSA in practice. Likewise, everything I've mentioned is only in regard to the known unknowns we need to resolve. It's very probable there are a variety of unknown unknowns to contend with as well.
This is also all aside from the possibility (emphasized by the first report I cited) of a looming winter in quantum computing research. In order to actually reach a point where RSA can be broken, the field needs to start paying out the checks it's been writing. This means actually achieving quantum supremacy and developing legitimately useful quantum computers - scalable or otherwise - for industry applications.
Finally, D-Wave's progress isn't relevant here. They're building a quantum annealer, not a general-purpose quantum computer. All the foregoing is based on the idea of building a general-purpose quantum computer to implement Shor's algorithm. Annealing methods aren't applicable.
Hopefully we will see results way before we start breaking RSA. It looks like people are targeting applications in quantum chemistry [1]. Also, Dyakonov's criticisms are toothless, see comments here [2].
We are several theoretical and engineering breakthroughs away from a scalable quantum computer with sufficiently many error-corrected, logical qubits to do something useful with Shor's algorithm. The current rate of error-correction needs to decrease by a factor of 10 - 100. The current state of the art in physical qubits needs to increase by a factor of at least 10,000.
If we assume the number of usable physical qubits doubles every year while the decoherence rate halves every year, it's plausible a quantum computer could be designed to break 2048-bit RSA in slightly under 20 years.[1] To be generous, we'll also assume the implementation and engineering work doesn't meaningfully increase that estimate once the design is finished.
This is an optimistic forecast, to put it mildly. There are credible arguments from skeptics[2][3] in the academic community that it's not actually possible to build a quantum computer capable of breaking RSA in practice. Likewise, everything I've mentioned is only in regard to the known unknowns we need to resolve. It's very probable there are a variety of unknown unknowns to contend with as well.
This is also all aside from the possibility (emphasized by the first report I cited) of a looming winter in quantum computing research. In order to actually reach a point where RSA can be broken, the field needs to start paying out the checks it's been writing. This means actually achieving quantum supremacy and developing legitimately useful quantum computers - scalable or otherwise - for industry applications.
Finally, D-Wave's progress isn't relevant here. They're building a quantum annealer, not a general-purpose quantum computer. All the foregoing is based on the idea of building a general-purpose quantum computer to implement Shor's algorithm. Annealing methods aren't applicable.
_________________________
1. https://www.nap.edu/catalog/25196/quantum-computing-progress...
2. https://spectrum.ieee.org/computing/hardware/the-case-agains...
3. https://gilkalai.wordpress.com/2017/10/16/if-quantum-compute...