IBM: Q-Day Has Already Begun and the Evidence Is in How Cloudflare and Signal Are Behaving

[AJStyles]

IBM published a piece yesterday that reframes the entire Q-Day conversation and it's worth reading carefully. The headline is deliberately provocative but the argument is sound. Q-Day is not a future event. Q-Day has already begun. The reason is harvest now decrypt later. Anything encrypted today with public key cryptography is potentially being collected by nation-state actors right now with the intention of decrypting it when quantum computers mature. Shohini Ghose, quantum physicist at Wilfrid Laurier University, told IBM Think directly: "Q-Day is, in a sense, in the past."

The article's most useful framing comes from IBM's Zygmunt Lozinski who describes the challenge as having the digital equivalent of needing to change every door lock on the planet. His colleague Ray Harishankar at IBM Quantum Safe adds a distinction the mainstream discussion usually misses: the threat isn't only to privacy through encryption breaking. It's also to integrity through signature forging. Today's trusted digital signatures could be stolen now and forged later when quantum computers can break the underlying algorithms. That attacks the trust layer itself not just the confidentiality layer.

The article also adds a new term to the vocabulary: steal now forge later. Where harvest now decrypt later threatens confidentiality, steal now forge later threatens authenticity. A forged digital certificate could impersonate websites or users. A forged software update signature could deliver malware disguised as a legitimate patch. A forged contract signature could invalidate legal agreements.

Cloudflare started preparing in 2017 when NIST issued its first call for quantum-safe algorithms. They weren't waiting for Q-Day to be declared. They saw it as a foregone conclusion. A quarter of the internet flows through Cloudflare. Their motivation was upgrading default cryptography for the whole internet not just their own systems. Signal's approach to post-quantum cryptography similarly assumes the threat is present not future.

IBM's own roadmap targets 2029 for IBM Quantum Starling, a large-scale fault-tolerant quantum computer capable of running circuits with 100 million gates on 200 qubits. Starling won't be cryptographically relevant by itself but crossing the fault-tolerant threshold accelerates everything that comes after. The economic impact of a quantum-enabled cyberattack is estimated in trillions of dollars globally. The global average cost of a data breach today is already millions. Quantum-scale breaches would dwarf that.

The migration to quantum-safe cryptography is not optional and it's not future planning. It's current operations.

Q-Day has already begun. Are you ready? | IBMwww.ibm.com