Oxford Physicist Claims Quantum Computers Won’t Crack RSA, Citing 1,000‑Qubit Limit

•March 20, 2026

Pulse•Mar 20, 2026

Why It Matters

The paper’s central claim, that quantum computers cannot scale beyond ~1,000 qubits, directly impacts the projected timeline for breaking RSA encryption—a cornerstone of global digital security. If the limit holds, the massive industry push toward post‑quantum cryptography could be delayed, saving billions in migration costs and altering national security strategies. Conversely, a refutation would reinforce the current urgency to replace RSA, validating continued heavy investment in quantum‑resistant algorithms. Beyond cryptography, the hypothesis challenges the core assumption that quantum advantage grows exponentially with qubit count. A linear scaling model would reshape research priorities, potentially diverting funding from large‑scale quantum processors toward niche applications where modest qubit numbers already deliver value, such as quantum chemistry simulations or high‑precision metrology.

Key Takeaways

•Tim Palmer (Oxford) proposes "Rational Quantum Mechanics" limiting quantum capacity to ~1,000 qubits.
•Paper published in PNAS argues Hilbert space information grows linearly, not exponentially.
•RSA‑2048 break requires ~4,099 qubits; Palmer's limit falls far short of that threshold.
•Proposed experimental test could be run on existing quantum hardware within five years.
•If validated, the theory could delay post‑quantum cryptography adoption and shift industry investment.

Pulse Analysis

Palmer’s thesis arrives at a moment when the quantum computing sector is flush with optimism and capital. The narrative that a "quantum apocalypse" will render current encryption obsolete has driven billions of dollars into hardware development, government R&D programs, and a wave of startups promising to deliver the first cryptographically relevant quantum machine. By inserting a hard ceiling at 1,000 qubits, Palmer forces a recalibration of that optimism. Historically, breakthroughs in physics—think of the shift from classical to relativistic mechanics—have taken decades to translate into commercial technology. If the rational‑quantum model proves correct, we may be witnessing a similar inflection point where the theoretical ceiling forces the industry to pivot.

From a market perspective, the immediate fallout would be a reassessment of valuation models for quantum hardware firms. Companies that have priced their long‑term outlook on achieving 5,000‑plus qubits could see their forecasts trimmed, while firms focusing on near‑term, application‑specific quantum solutions may gain relative attractiveness. Moreover, the cybersecurity sector, which has been aggressively marketing post‑quantum encryption suites, might experience a slowdown in demand, prompting a shift toward hybrid security architectures that blend classical and quantum‑resistant techniques.

Strategically, governments that have earmarked large portions of their defense budgets for quantum‑enabled cryptanalysis may need to re‑allocate resources toward other quantum‑sensitive domains, such as quantum sensing for navigation or materials discovery. The proposed experimental validation—entangling a large number of qubits and monitoring performance degradation—will be the litmus test. A positive result could cement a new paradigm, while a negative outcome would reinforce the prevailing exponential‑scaling belief, keeping the race to break RSA alive. Either way, Palmer’s paper injects a rare dose of theoretical humility into a field that has been dominated by engineering optimism, and the next 12 months will likely determine whether that humility reshapes the quantum roadmap or remains a footnote in academic debate.