For five years, the standard line on quantum computing has been "ten to fifteen years out." It was a comfortable estimate. It let CIOs put post-quantum migration in the same mental bucket as IPv6 adoption — an inevitable but distant problem that someone else's budget would solve.
That estimate is no longer comfortable. The Trump administration's roughly $2 billion federal commitment across nine quantum companies, IBM's matching $1 billion investment in a dedicated U.S. quantum chip foundry, the CHIPS Act funding pulled in alongside it, and the parallel acceleration happening in Beijing have collectively done something the field has not seen since the 1960s space race: turned a research program into an industrial program with national-security urgency.
This article looks at why the 2030 deadline for a cryptographically relevant quantum computer (CRQC) — the threshold at which RSA-2048 and ECDH break — should now be treated as a ceiling, not a target. And why the harvest-now-decrypt-later threat against your traffic today isn't hypothetical anymore.
The QVS scanner checks any URL against 40+ quantum-vulnerable algorithms and gives you a 0-100 readiness score in 10 seconds. Use it before you read the rest.
Get your readiness score →The federal package is structured through the Department of Commerce, with the U.S. government taking equity stakes in several of the nine recipient firms rather than handing out one-way grants. That shift in mechanism is more important than most coverage has emphasized. It aligns the federal balance sheet with corporate execution. The government now has a financial incentive to keep these companies shipping working hardware.
Who got what, approximately:
| Recipient | Federal commitment | Strategic role |
|---|---|---|
| IBM | ~$1B (plus IBM's own $1B) | Anderon foundry — dedicated U.S. quantum chip fab |
| GlobalFoundries | ~$375M | Quantum-grade silicon at scale (CHIPS Act-aligned) |
| D-Wave | ~$100M | Annealing systems + gate-model hybrid R&D |
| Rigetti | ~$100M | Superconducting qubit fabrication |
| Infleqtion | ~$100M | Neutral-atom and quantum sensing |
| Four other firms | Remainder | Photonics, ion-trap, error correction, software |
The IBM Anderon foundry is the single most important line item. Quantum hardware progress has been bottlenecked for years not on physics but on manufacturing — every superconducting qubit chip in the world is fabricated in shared semiconductor facilities that were not designed for the yields, uniformity, and noise floors that a million-qubit system will require. A dedicated foundry funded with $2B of combined federal-plus-corporate money, on U.S. soil, is a structural change to the industry's bottleneck.
Chinese government investment in quantum information science over the last five years has been estimated, in public Western analyses, at multiples of the U.S. number. The Hefei National Laboratory complex alone has reportedly received funding on the order of $10B equivalent across its quantum program. The Jiuzhang photonic quantum systems and the Zuchongzhi superconducting systems are both well-publicized; what is less publicized is the supporting fabrication and cryogenic supply chain Beijing has built out alongside them.
Two things follow from this:
When two adversarial superpowers both pour state-level capital into the same physics in the same window, the timeline compresses. This is the same dynamic that took ICBMs from theory to deployment in under a decade, and integrated circuits from lab curiosity to ubiquitous product in fifteen years.
The Global Risk Institute publishes an annual "Quantum Threat Timeline Report" surveying leading academic and industry experts on when they expect a CRQC. The trend over the past five years:
| Year of survey | "≥1-in-7 chance by 2030" — % of experts | "≥1-in-2 chance by 2035" — % of experts |
|---|---|---|
| 2020 | ~22% | ~50% |
| 2022 | ~27% | ~58% |
| 2024 | ~33% | ~62% |
| 2025 | ~38% | ~67% |
The direction is monotonic. Every survey, more experts move earlier. None move later. And these are the conservative academic estimates — they explicitly exclude the kind of step-function accelerations that announcements like the Trump-IBM package tend to produce. Independent analyses from RAND, the IEEE Quantum Initiative, and several national signals-intelligence agencies have all moved their internal "plan for" date into the 2028-2032 window over the last 24 months.
Here is the part that breaks the comfortable narrative. An adversary does not need a CRQC today to compromise your data. They need a CRQC at any point before the data stops being valuable. Encrypted traffic captured today against an RSA or ECDH key exchange can be stored cheaply for decades and decrypted the moment a working quantum computer comes online.
That model is not hypothetical. Multiple Western intelligence agencies have publicly acknowledged that adversaries are already harvesting bulk encrypted traffic against this exact scenario. The U.S. National Security Memorandum 10 (NSM-10) cites harvest-now-decrypt-later explicitly as the operative threat driving federal PQC migration timelines. The NSA's CNSA 2.0 suite was published in 2022 with the same threat model in mind.
Which categories of your data are most exposed?
Run the scenario where a CRQC comes online in 2030 instead of 2034. The implications:
The good news: the standards are finalized and the libraries are ready. ML-KEM (FIPS 203), ML-DSA (FIPS 204), and SLH-DSA (FIPS 205) have been final NIST standards since August 2024. OpenSSL 3.5+ ships hybrid key exchange. BoringSSL, Rustls, and the major Go and Java crypto libraries are all there or close. Cloudflare, Apple iCloud, Google Chrome, Signal, and OpenSSH are already negotiating hybrid post-quantum key exchange in production.
The migration path looks the same as it did before the announcement — what changes is the urgency:
X25519MLKEM768 or equivalent) across edge servers and internal mTLS.The first step is a one-day exercise for an external scan and a couple of weeks for a thorough internal inventory. There is no good reason to wait.
The phrase refers to large-scale state and corporate investment in quantum computing by the U.S., China, and others, combined with the strategic incentive each has to develop a cryptographically relevant quantum computer first. Whichever side gets one first can, in principle, decrypt the historical traffic of the other.
Public Western analyses estimate Chinese government investment in quantum information science over the last five years at multiples of the U.S. figure. The Hefei National Laboratory complex alone has reportedly received funding on the order of $10B equivalent, alongside dedicated fabrication and cryogenic supply-chain build-out.
An attacker captures encrypted traffic today and stores it cheaply, intending to decrypt it once a quantum computer becomes available. The U.S. National Security Memorandum 10 cites this scenario as the operative threat driving federal post-quantum migration timelines. Anything with multi-year confidentiality is at risk now, not in the future.
$2B federal plus $1B from IBM plus CHIPS Act silicon plus equity-style government alignment plus Chinese state investment of greater magnitude is the largest single-window acceleration of quantum computing in history. The expert consensus on the CRQC arrival date was already moving earlier every year. This announcement just bent the curve again.
2030 was always the deadline NIST set for the post-quantum migration. The reasonable working assumption now is that 2030 is also approximately when the encryption you didn't migrate stops protecting you. Treat it as a ceiling, not a target.
Scan any URL against 40+ quantum-vulnerable algorithm patterns. Get a 0-100 readiness score, an A-F letter grade, and a NIST-aligned remediation report. Free, instant, no signup.
Run a free scan →Related reading: Trump Just Invested $2 Billion in Quantum Computing — Is Your Encryption Ready? · Your CEO Just Saw the Trump Quantum Headline — Here's What to Tell Them · When Will Quantum Computers Break RSA?