Most people focus on “24-hour breaks.” That’s the wrong model. If a quantum attacker can derive a private key in months, not minutes, high-value targets are still exposed. This chart assumes 24 hours. Reality is more forgiving for attackers. ~50%+ probability within 10 to 15 years is already enough.