NSA, ASD, and the G7 are setting migration deadlines based on intelligence the open research community doesn’t have. A new paper in Science shows why that distinction matters.
Last week, researchers from the University of Chicago, Stanford, MIT, the University of Innsbruck, and TU Delft published a comprehensive review of quantum information hardware in Science. They call this quantum technology’s “transistor moment”—the foundational physics works, functional systems exist, and the hard engineering work of scaling begins now.
The paper uses Technology Readiness Levels to compare six quantum platforms across computing, simulation, networking, and sensing. For anyone tracking the maturation of open quantum research, it is one of the best snapshots available.
Getting the most out of it means understanding where the snapshot ends and where your planning needs to begin. Three dimensions of the paper are worth examining more closely.
TRL Measures What It Was Built to Measure
Technology Readiness Levels are a NASA framework, originally designed to track engineering programs like propulsion systems and flight hardware. A component moves from TRL-1 (basic principles observed) through TRL-9 (proven in operational environment) in a broadly predictable sequence. Each level builds on the last. For linear engineering programs, it works well.
Quantum computing follows a different pattern. Let’s look at how and why.
Error correction is a useful example. For years, adding more qubits to a quantum system increased the overall error rate—more components meant more noise. Google’s Willow chip demonstrated the opposite: error rates dropping as qubits scale up. That kind of advance does not move a platform from TRL-4 to TRL-5. It can compress multiple levels into a single result.
The paper’s own coauthor William Oliver of MIT captures this well. He notes that semiconductor chips in the 1970s were TRL-9 for their era but “could do very little compared with today’s advanced integrated circuits.” A high TRL today, he writes, “does not indicate that the end goal has been achieved, nor does it indicate that the science is done.”
This is a helpful way to calibrate expectations in both directions. TRL gives you a useful comparison across platforms at a point in time. It is less informative about when discontinuous capability jumps will occur. For migration planning, that distinction matters—the question driving most organizations is not “which platform is most mature” but “how much time do I have.”
Open Research Tells You About Open Programs
The five institutions on this paper represent the leading edge of open quantum research. The collaboration they describe across universities, governments, and industry has driven genuine progress, and the paper documents it thoroughly.
For planning purposes, it helps to understand what any open assessment covers. The programs with the strongest incentive and resources to build a cryptanalytically relevant quantum computer—national signals intelligence agencies—operate outside the academic publishing ecosystem. This is true across every domain, not just quantum. It is how classified research has always worked.
The practical takeaway is straightforward: the open research timeline and the cryptographic threat timeline may not be the same timeline. This is why regulators are not waiting for academic consensus. The G7 Cyber Expert Group, CNSA 2.0, and Australia’s 2030 RSA deprecation all set deadlines based on risk tolerance rather than published TRL scores. They are planning for the landscape that includes what cannot be assessed openly.
Organizations can use this paper to understand where open quantum science stands. The migration deadlines coming from regulators reflect a broader threat model.
The Transistor Analogy Goes Further Than Expected
The “transistor moment” framing is well-chosen, and it rewards a closer look.
The transistor was invented at Bell Labs in 1947. Within a decade, its scaling was driven substantially by defense applications—missile guidance, signals intelligence, command and control systems. The path from laboratory demonstration to deployed capability followed defense budgets and strategic urgency as much as it followed academic research timelines.
Quantum computing has a similar dual-use trajectory. The paper traces the field to Feynman’s 1982 lecture—scientific curiosity maturing into engineering. The deeper lineage runs through Norbert Wiener’s anti-aircraft fire control work in the 1940s, where trajectory prediction under uncertainty laid the mathematical foundations for what would become quantum optimization. The military application was not a later use case. It was the original context.
This fuller history actually strengthens the paper’s core argument. The transistor moment was real, and it did lead to transformative technology. It also moved faster inside classified programs than the public timeline suggested. For the organizations planning their post-quantum migration, the transistor analogy is a reason to move with urgency, not to wait patiently.
Connecting This to Your Migration
The paper is a valuable resource for understanding where open quantum platforms stand today. The planning question organizations face sits one layer beyond that assessment.
It helps to look at who is actually setting migration deadlines and what they have access to.
NSA wrote CNSA 2.0. Not a regulatory body—the largest signals intelligence operation on earth. They have visibility into adversary quantum programs that no academic institution has. When NSA says deprecate RSA by 2030 and eliminate all Shor-vulnerable algorithms by 2035, they are not working from the same published literature the Science authors are working from. They are working from classified capability assessments and collection on adversary programs. They picked those specific dates knowing things they cannot publish.
Australia’s ASD set the 2030 RSA ban—five years ahead of the US timeline. ASD is Five Eyes, the same intelligence-sharing network as NSA and GCHQ. Australia sits in the Pacific theater, closest allied signals intelligence to China’s quantum research programs. That five-year gap between the Australian and American deadlines is not bureaucratic inconsistency. It reflects a threat model shaped by geographic proximity and collection access to the programs most likely to produce a CRQC first.
The G7 Cyber Expert Group published their financial sector migration roadmap two weeks ago. The group represents central banks and financial regulators of the seven largest economies. Their roadmap does not cite TRL assessments. It cites systemic financial risk—what happens to global banking infrastructure if a CRQC arrives before the sector migrates. They are planning against consequences, not readiness scores.
There is precedent for this pattern. After POODLE and BEAST demonstrated practical attacks against SSL, the PCI Security Standards Council mandated TLS 1.1+ while most of the industry was still running SSL 3.0 and insisting it was adequate. PCI moved first because they had access to breach forensics from payment card environments—they could see what was actually being exploited before the broader industry admitted the pattern. Public consensus lagged the threat data by years.
The pattern across all four: organizations with access to non-public threat intelligence consistently act ahead of published research consensus. Not because they are more cautious by nature. Because they can see things the open research community cannot. These are not arbitrary deadlines from distant bureaucracies. They are expert assessments from the organizations closest to the actual threat.
Harvest-now-decrypt-later does not wait for a CRQC to exist. It requires only that encrypted data remain valuable longer than classical cryptography remains secure. Medical records, defense contracts, trade secrets, financial instruments—the sensitivity window on these assets extends well past any plausible timeline for quantum maturation, whether that timeline is five years or twenty-five.
Reading the paper well means appreciating what it tells you—open quantum research is real and accelerating—while recognizing that the organizations closest to the threat are already acting on a different timeline. Your migration schedule is not set by when academic consensus forms. It is set by how long your data needs to stay private.
The only readiness assessment you fully control is your own.
pqprobe tracks post-quantum migration over time. A scan tells you where you are. A trend tells you whether you’ll finish.
Sources:
- Awschalom, D.D., Bernien, H., Hanson, R., Oliver, W.D., Vuković, J. “Challenges and opportunities for quantum information hardware.” Science, 2026; 390 (6777): 1004. DOI: 10.1126/science.adz8659
- CNSA 2.0 algorithm requirements timeline, NSA, 2022
- G7 Cyber Expert Group, Post-Quantum Cryptography Transition Roadmap, January 2026
- Gidney, C. and Ekerå, M. “How to factor 2048 bit RSA integers in 8 hours using 20 million noisy qubits.” arXiv:1905.09749, 2021