Harvest Now, Decrypt Later (HNDL) Risk
Table of Contents
Introduction
Advances in quantum computing promise a new era in computing leading to signifiant breakthroughs in solving many scientific challenges or tackling major societal challenges such as the climate change. No, really.
However, this advancement also brings the risk of a “quantum apocalypse,” as the quantum computer’s potential to exponentially speed up the factoring of large numbers threatens to weaken various forms of modern cryptography and break public key encryption systems that secure the internet, online banking, secure messaging, military systems, and much more. Such capabilities could lead to the day ominously known as “Q-Day,” when cryptographically relevant quantum computers (CRQC) might render current encryption obsolete.
While the Q-Day is not expected any time soon (see my article “Q-Day Predictions: Anticipating the Arrival of Cryptanalytically Relevant Quantum Computers (CRQC)“) there are urgent reasons to consider the impact of quantum computing now. For instance, if you are developing systems with a lifespan expected to surpass the advent of reliable quantum computing, you should definitely start looking into quantum-resistant or post-quantum cryptography (PQC) now. Additionally, reliance on encryption to protect sensitive data in along run may be misplaced, as quantum computing could eventually lead to adversaries decrypting the sensitive data encrypted by the contemporary encryption methods.
“Harvest Now, Decrypt Later” (HNDL), also known as “Store Now, Decrypt Later” (SNDL), is a concerning risk where adversaries collect encrypted data with the intent to decrypt it once quantum computing becomes capable of breaking current encryption methods. This is the quantum computing’s ticking time bomb, with potential implications for every encrypted byte of data currently considered secure.
Quantum Computing and Encryption Vulnerability
Traditional encryption, the backbone of digital security since the 1970s, relies on the complexity of certain mathematical operations, like factoring large numbers—a task deemed secure against classical computing threats. However, a sufficiently powerful quantum computer could undermine these foundations. At the heart of quantum computing’s threat to cryptography is Shor’s algorithm, and subsequent optimizations of the algorithm developed by various other researchers. This quantum-specific approach can factor large integers exponentially faster than the best-known classical computing algorithms. Since many cryptographic systems, such as RSA and ECC, rely on the factoring difficulty for security, Shor’s algorithm poses a direct threat to their integrity. For instance, decrypting an RSA-2048 bit encryption key—a standard security protocol today—would require a classical computer billions of years to hundreds of trillion years, depending what classical computer specs were used for estimation. A quantum computer with 4,099 stable logical qubits could accomplish this task in mere seconds to minutes.
Harvest Now, Decrypt Later (HNDL)
The “Harvest Now, Decrypt Later” (HNDL) strategy is a theoretical cybersecurity threat where adversaries collect encrypted data with the expectation of decrypting it once powerful quantum computers are available. This method would likely be employed by entities like nation-states or well-funded organizations willing to wait years, or decades, for the financial and strategic return on the effort of stealing sensitive (encrypted) data today. Therefore, the type of data at risk of HNDL is any data that would remain valuable over time. And that’s a hint for your risk assessment. Data such as e.g. governmental communications, military strategies, intellectual property, sensitive personal information, financial records, mining and oil and gas exploration data for future fields developments, and various other data might be useful to the adversaries even if decrypted in five to ten years. These adversaries are counting on future quantum technologies helping them break encryption that is currently considered secure.
How Real is the Threat?
The “Harvest Now, Decrypt Later” (HNDL), while being described as a “theorethical” threat, is indeed a recognized concern within cybersecurity and national security communities. While specific instances of adversaries using this strategy are not publicly documented due to the secretive nature of such activities, the risk is well understood. Intelligence and cybersecurity agencies are aware that nation-states and other actors could be collecting encrypted data now, with the expectation that future advancements in quantum computing will allow them to decrypt this information.
The U.S. government, including agencies like the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the National Institute of Standards and Technology (NIST), has been proactive in addressing this threat. They have published guidance urging organizations to prepare for the advent of quantum computing by migrating to quantum-resistant cryptographic methods. And so have many other governments and industry organizations.
What Can You Do Today?
You can take several proactive steps to address the “Harvest Now, Decrypt Later” (HNDL) risk. Here are some key strategies they can implement:
- Assess Current Cryptographic Frameworks:
- Evaluate the vulnerability of existing encryption methods to quantum attacks. This includes reviewing the lifespan and security requirements of encrypted data to understand how long it needs to be secured against potential future threats.
- Inventory Sensitive Data
- Understand which of your sensitive data might remain valuable over time, where is it stored, how is it encrypted, etc.
- Increase the Depth of Layered Security Around Your Sensitive Data
- Before you consider changing your encryption to PQC, consider adding additional “traditional” cybersecurity controls to protect your sensitive data against exfiltration.
- Develop a Quantum Risk Strategy:
- Create a comprehensive quantum risk assessment plan that includes identifying critical assets and data that could be targeted for HNDL attacks. This plan should be updated regularly as the quantum computing landscape evolves.
- Adopt Quantum-Resistant Cryptography:
- Begin transitioning to quantum-resistant algorithms that will withstand the capabilities of quantum computers. Be careful, however. A number of vendors are already selling solutions that promise post-quantum cryptography. Before you shell out for such products, you should wait until strong, standardized commercial solutions are available that implement the upcoming NIST recommendations.
- Implement Robust Key Management Practices:
- Enhance key management processes to include quantum-safe protocols. This could involve using hybrid cryptographic systems that combine traditional and quantum-resistant algorithms to secure data transmission.
- Educate and Train Staff:
- Raise awareness about quantum threats within the organization through training programs. Ensure that IT and cybersecurity teams are educated about developments in quantum computing and quantum cryptography.
- Participate in Industry Collaborations:
- Engage with industry consortia and participate in collaborative research efforts to stay at the forefront of quantum-safe technologies and practices.
- Monitor Advances in Quantum Computing:
- Keep abreast of technological advancements in quantum computing to anticipate and prepare for changes in the threat landscape.
By taking these steps, organizations can better protect themselves against the HNDL threat and ensure their data remains secure both now and in the future as quantum technologies continue to evolve.