Harvest Now Decrypt Later
CryptographyDefinition
A long-term threat strategy where adversaries collect and store encrypted data today, intending to decrypt it once sufficiently powerful quantum computers become available to break current public-key cryptography.
Technical Details
HNDL (also called 'Store Now Decrypt Later') is particularly dangerous for data with long-term sensitivity — state secrets, medical records, financial data, intellectual property — because quantum computers capable of breaking RSA-2048 and ECDH may arrive within 10-15 years. The 2022 NSA guidance and NIST PQC standards were partly motivated by this threat. Organizations must begin migrating to quantum-resistant algorithms now for sensitive long-lived data.
Practical Usage
Intelligence agencies and nation-state actors are already assumed to be harvesting TLS-encrypted traffic and VPN data for future decryption. Organizations handling data that must remain confidential beyond 2030 should prioritize post-quantum migration for data-at-rest encryption and key exchange protocols.
Examples
- Nation-state actors intercept and archive diplomatic TLS communications, expecting quantum computers to decrypt them within a decade.
- A healthcare organization encrypts patient records with hybrid classical + post-quantum keys to protect against future decryption.
- Financial institutions assess the 'cryptographic expiry date' of sensitive data to prioritize post-quantum migration timelines.