DrQuantum
Security

Harvest Now, Decrypt Later: The Looming Quantum Threat to Today's Data

As quantum computers mature, they pose a future risk to the encryption protecting our most sensitive information, prompting a race to secure data before it's too late.

Harvest Now, Decrypt Later

Imagine a spy agency, or even a sophisticated criminal organization, secretly recording all the encrypted internet traffic they can capture today. They don't need to break the encryption immediately; they can simply store the data. The threat, known as "Harvest Now, Decrypt Later" (HNDL), arises from the anticipation that future, powerful quantum computers will be capable of breaking the encryption methods we rely on for security. This means that data encrypted today, which is considered secure, could be vulnerable to decryption years or decades from now.

This isn't a distant science fiction scenario. While large-scale, fault-tolerant quantum computers capable of breaking current encryption are still some years away, the timeline for developing them is uncertain. The critical issue is that sensitive data, such as classified government information, trade secrets, financial records, and personal health data, often needs to remain secure for many years, even decades. HNDL attacks exploit this long-term requirement, creating a persistent risk that necessitates proactive solutions.

Watch

Related video, embedded from YouTube.

The Core Idea: Storing for the Future

The HNDL threat hinges on the ability of a malicious actor to intercept and store encrypted data now, with the intention of decrypting it later when more powerful decryption tools become available. Think of it like collecting physical documents that are currently locked in a secure safe. You can't open the safe now, but if you knew a future technology would allow you to pick any lock, you'd want to steal the safe itself and wait for that technology to arrive. In the digital realm, the "safe" is the encryption algorithm, and the "future technology" is a sufficiently powerful quantum computer.

Why Quantum Computers are the Game Changer

Current encryption methods, like RSA and ECC, rely on the mathematical difficulty of factoring large numbers or solving discrete logarithm problems. These problems are computationally intractable for even the most powerful classical supercomputers. However, quantum computers, leveraging principles like superposition and entanglement, can run algorithms like Shor's algorithm, which can solve these specific problems exponentially faster.

Shor's algorithm, developed by Peter Shor in 1994, is the primary reason for the HNDL concern. It can efficiently factor large numbers, thereby breaking widely used public-key cryptography systems. While current quantum computers are too small and error-prone to execute Shor's algorithm on cryptographically relevant key sizes, progress in quantum hardware is steady. The fear is that by the time a quantum computer is powerful enough, the data harvested today will already be compromised.

The Stakes: What's at Risk?

The implications of HNDL are far-reaching. Any data that needs to remain confidential for an extended period is vulnerable. This includes national security secrets, intellectual property, long-term financial contracts, patient medical records, and personal communications. A successful HNDL attack could lead to espionage, economic sabotage, identity theft on an unprecedented scale, and a complete erosion of trust in digital communications.

Governments and organizations worldwide are increasingly aware of this threat. The U.S. National Security Agency (NSA) has been vocal about the need to transition to quantum-resistant cryptography. Similarly, the European Union Agency for Cybersecurity (ENISA) has highlighted HNDL as a significant future risk that requires immediate attention and planning.

The Solution: Post-Quantum Cryptography (PQC)

The primary defense against HNDL is the development and deployment of Post-Quantum Cryptography (PQC). These are new cryptographic algorithms designed to be resistant to attacks from both classical and quantum computers. Unlike current methods that rely on number theory problems vulnerable to quantum computers, PQC algorithms are based on different mathematical problems, such as lattice-based cryptography, code-based cryptography, hash-based cryptography, and multivariate polynomial cryptography.

The National Institute of Standards and Technology (NIST) in the U.S. has been leading a multi-year process to standardize PQC algorithms. After extensive evaluation, NIST has selected several algorithms for standardization, including CRYSTALS-Kyber for key establishment and CRYSTALS-Dilithium, Falcon, and SPHINCS+ for digital signatures. The transition to these new standards is a complex and lengthy process, involving updating software, hardware, and protocols across the global digital infrastructure.

The Race is On: Current State and Challenges

The transition to PQC is a massive undertaking. It requires not only the development of new algorithms but also their integration into existing systems, which can be challenging due to performance differences (e.g., larger key sizes or slower computation times for some PQC algorithms compared to current ones) and the sheer scale of global IT infrastructure. Organizations need to inventory their cryptographic assets, assess their risk exposure, and develop migration strategies.

While NIST is leading standardization efforts, other international bodies and research groups are also working on PQC. The development of quantum-resistant solutions is an active area of research and development, with ongoing efforts to refine algorithms, improve their efficiency, and ensure their long-term security against both classical and potential future quantum cryptanalytic techniques.

Latest Developments

The urgency of the post-quantum transition is reflected in recent industry activities. QIZ Security, for instance, recently raised $17 million in seed funding to bolster its platform for cryptographic posture and Post-Quantum Cryptography (PQC) management, signaling significant investor confidence in the need for tools to navigate this complex landscape. This funding will accelerate their efforts to help organizations prepare for the post-quantum era.

Furthermore, research and development in quantum technologies continue to advance. While not directly PQC, the broader progress in quantum computing, such as Xanadu's expansion of its U.S. operations or the €3 million consortium involving Qoro to build secure control-plane foundations for distributed quantum systems (TruQuaC), underscores the accelerating pace of quantum innovation. This overall advancement in the field reinforces the need for proactive security measures like PQC to stay ahead of potential threats like HNDL.

Key terms

Harvest Now, Decrypt Later (HNDL)A threat where encrypted data is stolen today and stored to be decrypted by future quantum computers.
Quantum ComputerA type of computer that uses quantum-mechanical phenomena, such as superposition and entanglement, to perform computations.
Shor's AlgorithmA quantum algorithm that can efficiently factor large integers, posing a threat to current public-key cryptography.
Public-Key CryptographyEncryption methods that use a pair of keys: a public key for encryption and a private key for decryption.
Post-Quantum Cryptography (PQC)Cryptographic algorithms designed to be secure against attacks from both classical and quantum computers.
NISTThe National Institute of Standards and Technology, a U.S. agency leading standardization efforts for PQC algorithms.

Key takeaways