Harvest Now, Decrypt Later is a real threat
Nation-state actors are collecting encrypted data today to decrypt once quantum computers are available. Organizations with long-term secrets should migrate to post-quantum cryptography now.
The Claim
“Adversaries are intercepting and storing encrypted communications today, planning to decrypt them when quantum computers become available.”
The Verdict: FACT
This threat, known as “Harvest Now, Decrypt Later” (HNDL) or “Store Now, Decrypt Later” (SNDL), is well-documented and a primary driver for urgent PQC migration.
The Evidence
Intelligence Community Warnings
Multiple government agencies have warned about HNDL:
- NSA has explicitly cited this threat
- CISA includes it in their PQC guidance
- NIST’s PQC standardization was partially motivated by this threat
Technical Feasibility
- Storage is cheap and getting cheaper
- Network traffic is routinely intercepted at backbone level
- Encrypted data remains valuable for decades in some cases
Historical Precedent
Intelligence agencies have a long history of collecting encrypted communications. When encryption was later broken (or keys obtained), historical intercepts became readable.
Who Should Be Concerned
Organizations handling data that will remain sensitive for 10+ years:
- Government and military communications
- Healthcare records
- Financial data
- Trade secrets and intellectual property
- Legal communications
What This Means
- Start PQC migration now for high-value, long-term secrets
- Inventory your cryptographic usage to identify priority systems
- Consider hybrid approaches during the transition period
Verdict: FACT - This is a real, documented threat that justifies proactive migration to PQC.