Q-Day Post-Quantum, PQC, Quantum Security

Q-Day Knowledge Center & Q-Day Framework and Estimator

Marin December 2, 2025

3 minutes read

Your complete guide to understanding, forecasting, and preparing for quantum decryption risk.

Quantum decryption (“Q-Day”) is no longer a fringe topic: governments and major cloud providers now treat it as a credible near-term cybersecurity event.

This post is your structured entry point into the complete set of resources, methodologies, forecasts, and tools I developed over the years to understand when a cryptographically relevant quantum computer (CRQC) might emerge – and what to do about it.

Whether you’re a policymaker, CISO, researcher, regulator, journalist, or just deeply curious, this guide will help you navigate the landscape.

1. Start Here: The Definitive Framework

CRQC Quantum Capability Framework

The CRQC Quantum Capability Framework

This guide is a detailed, end‑to‑end map for understanding what it will actually take to reach a cryptographically relevant quantum computer (CRQC), i.e. break RSA-2048 – not just headline qubit counts. A CRQC must meet two conditions: the algorithmic requirements of the target attack and the hardware capabilities needed to execute it fault-tolerantly. The CRQC Quantum Capability Framework organizes these …

If you read only one resource, read this one. But warning – it’s a long read.

This is the master blueprint for predicting Q-Day.

It breaks quantum readiness into nine technical capabilities plus one cross-cutting engineering capability – everything from quantum error correction, to magic-state distillation, to decoder performance, to continuous multi-day operation.

Each capability has its own in-depth explainer:

Quantum Error Correction (B.1)
Syndrome Extraction (B.2)
Below-Threshold Operation (B.3)
Qubit Connectivity & Routing (B.4)
Logical Clifford Gates (C.1)
Magic-State Production (C.2)
Full Fault-Tolerant Algorithm Integration (D.1)
Decoder Performance (D.2)
Continuous Operation (D.3)
Engineering Scale & Manufacturability (E.1)

Together they form the “deep stack” of what must be achieved before any quantum computer can break RSA-2048 or ECC.

I’ve just updated this framework, but in its previous iterations it has already been used by national security analysts, industry analysts, national labs, and industry experts worldwide.

2. Executive-Level Prediction Model

CRQC Readiness Benchmark

CRQC Readiness Benchmark – Benchmarking Quantum Computers on the Path to Breaking RSA-2048

Benchmarking quantum capabilities for cryptography is both critical and challenging. We can’t rely on any single metric like qubit count to tell us how near we are to breaking RSA-2048. A combination of logical qubit count, error-corrected circuit depth, and operational speed must reach certain thresholds in unison. Existing benchmarks – Quantum Volume, Algorithmic Qubits, etc. – each address parts …

If the framework above is the foundation, this is the dashboard.

The benchmark compresses the nine capabilities into three executive levers:

LQC – Logical Qubit Capacity – How many usable logical qubits the hardware can maintain simultaneously.
LOB – Logical Operations Budget – How deep a calculation it can survive before failing.
QOT – Quantum Operations Throughput – How fast it can execute logical operations, including T-gates and lattice surgery.

These three numbers give you a single snapshot of quantum readiness.

3. The Q-Day Estimator Tool

Interactive Model: CRQC Readiness Benchmark & Q-Day Estimator

CRQC Readiness Benchmark (Q-Day Estimator)

Switch to Advanced to control 10 interdependent capabilities. Basic lets you set LQC/LOB/QOT directly.

Scenarios: Load a starting scenario, then tweak parameters to explore.

Logical Qubit Capacity (LQC)

Count of error-corrected (logical) qubits available.

Logical Operations Budget (LOB)

Exponent (10^x): 12

Reliable logical operations available (circuit depth).

Quantum Operations Throughput (QOT)

Exponent (10^x): 6

Logical operations per second (throughput).

Growth factor (× per year)

Annual capability multiplier for the composite score.

Advanced formula (optional)

LQC₀ (baseline)

LOB₀ (baseline)

QOT₀ (baseline)

Composite CRQC Readiness Score

0.00

Projected Q-Day

—

Projected CRQC Readiness score over time

Legend: Sliders represent % progress toward capability maturity for a ~1-week RSA-2048 break, relative to baseline targets. Hover or click a slider to highlight its influences.

For in-depth descriptions of the ten capabilities, see The Path to CRQC (Predicting Q-Day) and linked capability articles.

Foundational

Quantum Error Correction LQC LOB 50%

Syndrome Extraction QOT 50%

Below-Threshold Operation LQC LOB 50%

Qubit Connectivity & Routing QOT 50%

Core Operations

High-Fidelity Logical Cliffords QOT 50%

Magic-State Production LOB QOT 50%

End-to-End Execution

Fault-Tolerant Algorithm Integration 50%

Decoder Performance LOB QOT 50%

Continuous Operation LOB 50%

Enabler

Engineering Scale & Manufacturability LQC 50%

Advanced mode computes LQC/LOB/QOT from the capabilities above. The three numeric inputs will be locked while Advanced is active.

Interdependency map (capability influence on LQC / LOB / QOT)

LQC

LOB

QOT

B.1 QEC

B.2 Syndrome

B.3 Below-thr

B.4 Connect.

C.1 Clifford

C.2 Magic

D.1 Integr.

D.2 Decoder

D.3 Contin.

E.1 Scale

Dot color groups metrics (LQC blue / LOB orange / QOT purple). Hover or click a slider to highlight its row.

Capability Dependency Graph (click nodes to explore connections)

Node size reflects capability progress. Colored edges show influence strength to LQC (blue), LOB (orange), and QOT (purple). Hover or click a node to highlight its connections.

Interdependency Explorer (how improvements relax other requirements)

Impact Levels

Blocking Critical capability at <30% — holding back progress
High impact Improving this significantly boosts score
Medium impact Moderate improvement potential
Low impact Minimal gain from maximizing
Near maximum Already at 90%+ — diminishing returns

★ marks critical path capabilities

Trade-off curve (Score=1): vs

Curve shows combinations of the two capabilities that reach Score~1 (others held at current levels). If the curve leaves the [0..100%] box, other sliders must rise too.

Score 1.0 = quantum capability to factor RSA-2048 in about one week. Adjust inputs and formula to explore scenarios. Estimates are illustrative only.

This is the interactive version of the benchmark. Move the sliders – Change assumptions – Toggle between simplified and advanced modes – Run “what-if?” scenarios.

The estimator tells you what combinations of:

logical qubits
operations budget
throughput
physical-error rates
connectivity
decoder speed
manufacturability

would be sufficient to break RSA-2048 (or other crypto systems) in realistic time.

It’s a public model letting you experiment with the CRQC stack as if you were designing the quantum computer yourself.

The practical guide to how to use it is at How, You, Too Can Predict Q-Day (Without the Hype). This step-by-step guide distills the entire framework into a simple methodology anyone can follow.

It walks you through:

How to think about physical vs. logical qubits
How to map quantum capabilities to cryptographic vulnerability
How to estimate timelines without overshooting or underestimating
How to separate hype from real engineering progress
Why most public predictions are mathematically incoherent

If you want a rational, defensible way to talk about Q-Day, this is your playbook.

4. The Forecast: RSA-2048 Broken by ~2030

RSA-2048 Broken by 2030 ± 1–2 Years

Q-Day Revisited – RSA-2048 Broken by 2030: Detailed Analysis

It’s time to mark a controversial date on the calendar: 2030 is the year RSA-2048 will be broken by a quantum computer. That’s my bold prediction, and I don’t make it lightly. In cybersecurity circles, the countdown to “Q-Day” or Y2Q (the day a cryptographically relevant quantum computer cracks our public-key encryption) has been a topic of intense debate. Lately, …

This is my current best estimate based on:

Gidney-style classical and quantum cost models
The nine-capability maturity trajectories
The manufacturing trajectory
Ion-trap and superconducting roadmaps
Real experimental progress (not speculative claims)
What’s publicly visible—and plausible behind classified curtains

The conclusion is clear:

Q-Day is most likely around 2030 ± 1–2 years. Possibly earlier. Unlikely later.

The article also explores accelerators, blind spots, and real-world uncertainty distribution curves.

5. The Q-Day Domain Hub

Q-Day.org

This is the public portal consolidating all my work on:

Q-Day predictions
Cryptanalytic risk
Reporting on new quantum milestones
Guidance for CISOs, regulators, policymakers
Links to all PostQuantum.com deep-dive content
Every capability article
Media resources
The benchmark tool
The estimator
My latest commentary

Quantum Upside & Quantum Risk - Handled

My company - Applied Quantum - helps governments, enterprises, and investors prepare for both the upside and the risk of quantum technologies. We deliver concise board and investor briefings; demystify quantum computing, sensing, and communications; craft national and corporate strategies to capture advantage; and turn plans into delivery. We help you mitigate the cquantum risk by executing crypto‑inventory, crypto‑agility implementation, PQC migration, and broader defenses against the quantum threat. We run vendor due diligence, proof‑of‑value pilots, standards and policy alignment, workforce training, and procurement support, then oversee implementation across your organization. Contact me if you want help.

Talk to me Contact Applied Quantum