Shor, QLDPC Codes, and the Compression of RSA Resource Estimates (Part II)

The Logistics of Retiring RSA in Legacy Environments If a cryptographically relevant quantum computer capable of executing Shor’s algorithm becomes operational, the cryptographic collapse of RSA and ECC will be instantaneous. But for the systems that rely on them, migration cannot be instantaneous. Where does the real-world execution risk actually sit? Part I of this series examined how the “Pinnacle Architecture” analysis (arXiv:2602.11457) compresses the physical qubit requirement for factoring RSA-2048 to approximately 100,000 qubits—an order-of-magnitude reduction from 2024 benchmarks. While significant engineering trade-offs remain (non-local connectivity, 10-microsecond decoding latency, one-month runtime estimates), the direction of travel is clear: the hardware threshold for a cryptographically relevant quantum computer (CRQC) is descending faster than linear projection models anticipated. This compression creates a structural tension. Even if a CRQC remains years away, the systems it will break are embedded in infrastructure with replacement cycles measured in decades, not months.

The Installed Base Problem Unlike software vulnerabilities that can be patched remotely, the cryptographic foundations of legacy environments are often fixed at the hardware level. Three sectors illustrate the scope of the exposure.

Industrial Control Systems and Critical Infrastructure Power grids, pipeline networks, and water treatment facilities operate on industrial control systems (ICS) and supervisory control and data acquisition (SCADA) platforms with lifecycles of 15 to 20 years. Many of these systems use embedded RSA-2048 for three distinct purposes: authenticated firmware updates, secure remote access, and device-to-control-center communication. The migration challenge is not cryptographic but physical. A substation controller manufactured in 2015 contains a hardware security module soldered to the board. Updating its cryptographic capabilities requires board replacement, which in turn requires scheduled outages, requalification under grid reliability standards, and requalification of the entire supply chain for replacement components.

The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection standards require extensive testing before any hardware change in bulk power systems. For a typical utility, rotating through every field device for a hardware swap would require 5 to 10 years of continuous work, assuming no supply chain delays. Satellite and Space-Based Infrastructure Satellite telemetry, command links, and in-orbit firmware updates rely on asymmetric cryptography established at launch. Once a satellite is deployed, its cryptographic capabilities are locked. The average commercial satellite has a design life of 15 years; government reconnaissance and communications satellites often operate for 20 years or more. The vulnerability is compounded by the “launch and lock” model. A satellite built in 2022 using RSA-2048 for command authentication will remain in orbit until approximately 2040. If a CRQC becomes operational in the early 2030s, every satellite launched in the preceding decade becomes remotely commandeers. There is no patch mechanism for hardware already in orbit. The only mitigation is cryptographic agility designed at the outset—a requirement not included in most satellite procurements before 2025.

Government Public Key Infrastructure and Code-Signing National digital identity systems, e-passport signing keys, and government software update mechanisms are built on trust chains terminating in RSA-signed root certificates. Rebuilding these trust anchors is not a technical exercise but a governance challenge spanning multiple administrations. The U.S. federal government, for example, operates hundreds of certification authorities across civilian, defense, and intelligence agencies. Each issues certificates to thousands of endpoints. Migrating the entire federal PKI to PQC requires: Generating new root and intermediate keys under PQC algorithms Recertifying all endpoints Establishing cross-certification bridges during the transition Maintaining parallel trust stores until all legacy hardware is retired The General Services Administration estimates that a full federal PKI migration would require a minimum of five years from final standard adoption to completion, assuming uninterrupted funding and prioritization.

The Discovery Gap Before migration can begin, organizations must locate every instance of RSA and ECC in their environments. This is not a trivial exercise. Cryptographic discovery tools remain immature. Many organizations do not maintain complete inventories of embedded systems, industrial controllers, or legacy application dependencies. A 2025 survey by the Global Cyber Security Capacity Centre found that 68 percent of critical infrastructure operators could not produce a complete inventory of cryptographic modules in their operational technology environments. The discovery problem is most acute in supply chains. A defense contractor may rely on a subcontractor’s component that contains an RSA-signed bootloader. The prime contractor may not know the component exists, let alone its cryptographic specifications. The “Harvest Now, Decrypt Later” risk is therefore not limited to the systems an organization controls directly, but extends to every supplier in its ecosystem. Crypto-Agility: Concept Versus Capability Crypto-agility—the ability to replace cryptographic algorithms without disrupting operations—is frequently cited as the solution to quantum risk. In practice, true agility remains rare. Modern cloud-native applications designed with cryptographic abstraction layers can achieve algorithm flexibility. But the systems that secure the physical world—pipelines, power plants, satellites—were not designed for abstraction. Their cryptography is often implemented in firmware, embedded in real-time operating systems, or hard-coded into application-specific integrated circuits. For these environments, crypto-agility is not a software update but a hardware replacement cycle.

Strategic Observation The compression of Shor’s resource requirements documented in Part I narrows the window between theoretical capability and engineering reality. But the installed base of RSA-dependent infrastructure operates on a fundamentally different clock—one measured in physical replacement cycles, regulatory requalification, and supply chain logistics. Migration roadmaps that assume a linear progression from standardization to implementation do not account for this asymmetry. The systems most exposed to retrospective decryption—industrial controls, space assets, long-lived government archives—are precisely those that cannot be patched overnight. The relevant question for sovereign risk modeling is no longer solely “When will a CRQC exist?” but “How long will it take to replace every RSA-dependent system in the critical national infrastructure inventory?” For many sectors, that answer remains measured in decades, not years. March 13, 2026