[rainsford]

> This study investigates a class of special integers that the factors differ by only two bits, and the difference is present only at the two bits with weights of 2 and 4.

So as far as I can tell from some quick skimming, the paper's title is entirely clickbait. Regardless of the size of the numbers involved, this is not really "RSA-2048" because no one would construct an actual RSA-2048 key this way. And if they did, I think it would be susceptible to classical attacks like Fermat factorization, no "quantum computer" needed.

To be fair, the paper does eventually admit this has no real impact on actual RSA-2048, but it does still try to characterize this as some sort of looming threat.

[sigotirandolas]

The difference is not only two bits, but "with weights of 2 and 4" is newspeak for the change only happening at second-to-last and third-to-last bits.

A classical computer can factor those numbers in 0 milliseconds.

[bawolff]

Skip the computer. A human can factor that by hand.

[brookst]

Yeah this is “new lockpick demonstrated that defeats high end locks with the special case of the key only having one bump”

[Polizeiposaune]

if it's really as simple as p = q xor 6 or even p|6 == q|6, I'd think that trial division starting with the first odd number less than the square root would get you there in a handful of trials.