Skip to main content
PQCSecurity

The Harvest Now, Decrypt Later Threat and Why Post-Quantum Cryptography Matters Today

The "harvest now, decrypt later" attack model is one of the most discussed threats in modern cybersecurity, and for good reason. The premise is simple. Adversaries intercept and store encrypted data today, with the expectation that future quantum computers will be powerful enough to break the encryption and reveal the contents. What makes this threat unique is that it is already happening, even though large-scale quantum computers don't yet exist.

Understanding the Threat Model

Traditional cyberattacks focus on exploiting vulnerabilities in real time. Harvest now, decrypt later takes a fundamentally different approach. Attackers collect encrypted traffic from networks, cloud services, and communication channels. They archive this data and wait. Once a sufficiently powerful quantum computer becomes available, they can retroactively decrypt everything they've collected.

This is not a theoretical exercise. Intelligence agencies and well-funded threat actors have the storage capacity and motivation to stockpile encrypted data at scale. Government communications, financial transactions, healthcare records, intellectual property, and trade secrets are all potential targets.

Why Current Encryption Is Vulnerable

Most of today's public-key cryptography relies on mathematical problems that are computationally difficult for classical computers but trivially solvable for quantum computers. RSA and elliptic curve cryptography (ECC) are the two most widely used algorithms, and both fall into this category. This means that RSA-2048 and ECC-256, which would take classical computers billions of years to break, could potentially be broken by a quantum computer in hours.

The question is not whether this will happen. It is when.

The Timeline Problem

Estimates for when a cryptographically relevant quantum computer (CRQC) will exist vary widely, but most experts place it somewhere between 2030 and 2040. NIST has been working on post-quantum cryptography standards since 2016 and finalized its first set of standards in 2024. The selected algorithms include ML-KEM (formerly CRYSTALS-Kyber) for key encapsulation and ML-DSA (formerly CRYSTALS-Dilithium) for digital signatures.

The important thing to understand is that the migration timeline is not measured in months. It is measured in years. Large organizations with complex infrastructure need 5 to 10 years to fully transition their cryptographic systems. If a CRQC arrives in 2035, organizations that haven't started planning by 2025 may not finish in time.

And for data that needs to remain confidential for decades, the harvest window is already open. Medical records, classified data, long-term contracts, and trade secrets all fall into this category.

What Data Is Most at Risk

Not all data carries the same risk profile. When evaluating your exposure, consider the confidentiality lifespan of the data in question. Ask yourself how long the data needs to remain secret.

  • Government and military communications often have multi-decade classification periods
  • Healthcare records are protected by regulation for the lifetime of the patient and beyond
  • Financial data including trading strategies, M&A plans, and customer records must remain private for years
  • Intellectual property such as patents, research data, and trade secrets can be valuable for decades
  • Legal communications protected by attorney-client privilege have no expiration

If the confidentiality lifespan of your data extends beyond the expected arrival of quantum computing, that data is at risk today.

Taking Stock of Your Cryptographic Exposure

The first step toward addressing this threat is understanding where cryptography is used across your infrastructure. This sounds straightforward, but most organizations significantly underestimate the scope of their cryptographic footprint.

Encryption exists in TLS certificates, VPN tunnels, SSH connections, database encryption, file-level encryption, API authentication tokens, code signing certificates, email encryption, and dozens of other places. Many of these are managed by different teams using different tools, which makes building a comprehensive inventory difficult without the right platform.

This is an area where ITVA provides significant value. ITVA's automated discovery capabilities can scan your entire network and identify cryptographic assets across devices, services, and applications. Rather than manually auditing each system, you get a unified view of every certificate, key, and encrypted connection in your environment. This kind of visibility is the foundation for any serious PQC migration effort.

Where to Start

You don't need to replace every cryptographic system overnight. A pragmatic approach involves several phases.

First, inventory your cryptographic assets. Identify every certificate, key, algorithm, and encrypted channel in your infrastructure. Understand which algorithms are in use and where.

Second, classify your data by confidentiality lifespan. Focus your initial efforts on data that will still need to be secret in 10 or 20 years.

Third, monitor NIST's post-quantum standards and your vendors' adoption timelines. ML-KEM and ML-DSA are finalized, but integration into commercial products is still ongoing.

Fourth, begin testing. Set up hybrid encryption schemes that use both classical and post-quantum algorithms in parallel. This ensures backwards compatibility while adding quantum resistance.

Fifth, build a migration roadmap. Prioritize high-risk data and systems, and plan for a multi-year transition.

The Cost of Waiting

Every day that passes with sensitive data traveling over classically encrypted channels is another day of potential harvest. The data being collected now cannot be un-collected. Once it is captured, the only question is whether the encryption protecting it will hold up against future technology.

Organizations that begin their PQC assessment today will have the time to plan carefully, test thoroughly, and migrate incrementally. Those that wait risk being forced into rushed, error-prone transitions under deadline pressure.

If you are unsure where your organization stands on post-quantum readiness, start with visibility. ITVA can help you map your cryptographic landscape and identify your exposure. Reach out to our team to learn how we can help you take the first step.