惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

WordPress大学
WordPress大学
The GitHub Blog
The GitHub Blog
T
Threatpost
人人都是产品经理
人人都是产品经理
大猫的无限游戏
大猫的无限游戏
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
博客园 - Franky
Recent Commits to openclaw:main
Recent Commits to openclaw:main
Apple Machine Learning Research
Apple Machine Learning Research
酷 壳 – CoolShell
酷 壳 – CoolShell
M
MIT News - Artificial intelligence
小众软件
小众软件
Hugging Face - Blog
Hugging Face - Blog
云风的 BLOG
云风的 BLOG
S
Security Affairs
P
Proofpoint News Feed
L
LINUX DO - 最新话题
宝玉的分享
宝玉的分享
S
Security @ Cisco Blogs
H
Hacker News: Front Page
Security Archives - TechRepublic
Security Archives - TechRepublic
Vercel News
Vercel News
Engineering at Meta
Engineering at Meta
Know Your Adversary
Know Your Adversary
Y
Y Combinator Blog
美团技术团队
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
月光博客
月光博客
量子位
博客园_首页
The Last Watchdog
The Last Watchdog
D
DataBreaches.Net
www.infosecurity-magazine.com
www.infosecurity-magazine.com
P
Privacy International News Feed
The Register - Security
The Register - Security
Schneier on Security
Schneier on Security
H
Help Net Security
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
V
Visual Studio Blog
Google DeepMind News
Google DeepMind News
F
Full Disclosure
C
Cyber Attacks, Cyber Crime and Cyber Security
MyScale Blog
MyScale Blog
aimingoo的专栏
aimingoo的专栏
S
Schneier on Security
L
Lohrmann on Cybersecurity
S
Secure Thoughts
Stack Overflow Blog
Stack Overflow Blog
Cloudbric
Cloudbric
Microsoft Security Blog
Microsoft Security Blog

PostQuantum – Quantum Computing, Quantum Security, PQC

Lightning Network's Quantum Problem Ethereum's Five Quantum Vulnerabilities Bitcoin's Quantum Vulnerability — Anatomy How Close Is the Quantum Threat? Resource Estimates The Quantum Threat to Cryptocurrencies: What's Real Lattice-Based PQC "Limitations" Paper — A Reality Check China's Hanyuan-2 Dual-Core Quantum Computer Pick One Layer First for Your Post-Quantum Migration Cisco Quantum Switch: Room-Temperature Qubit Routing IonQ Claims Q-Day by 2029 — Here's What They Actually Said Project Eleven's 110-Page Quantum Blockchains Report QuantWare Raises $178M Series B Q-CTRL Claims Practical Quantum Advantage Quantum Computing Simulates 12,635-Atom Protein How Quantum Snake Oil Vendors Respond to Hard Questions Simulated Quantum Entanglement | PostQuantum.com Quantum Snake Oil: Guide to Misleading Quantum Terms Quantum AI Trading — Quantum Snake Oil Dictionary Quantum-Proof — Quantum Snake Oil Dictionary Quantum-Grade Encryption — Quantum Snake Oil Dictionary Quantum-Safe Certified — Quantum Snake Oil Dictionary Military-Grade Quantum Encryption | PostQuantum.com What Is a QBOM? Quantum Bill of Materials vs CBOM Explained Quantum-Inspired Encryption — Quantum Snake Oil Dictionary What Is Trust Now, Forge Later (TNFL)? Quantum Blockchain — Quantum Snake Oil Dictionary What Is PQC Migration? The Largest Cryptographic Overhaul Quantum Financial System (QFS) | PostQuantum.com What Is QKD (Quantum Key Distribution)? What Is Quantum Error Correction (QEC)? Unhackable Quantum Encryption | PostQuantum.com Unconditionally Secure — Quantum Snake Oil Dictionary Perfect Secrecy — Quantum Snake Oil Dictionary Information-Theoretic Security | PostQuantum.com Quantum Encryption / Quantum Cryptography Quantum-Enhanced — Quantum Snake Oil Dictionary Quantum-Safe vs Quantum-Resistant vs Post-Quantum Anatomy of Quantum Denial: Bitcoin's Example What Is a Logical Qubit? The Metric That Actually Matters What Is a CRQC? Quantum Computer That Breaks Encryption What Is Q-Day? When Quantum Computers Break Encryption What Is Grover's Algorithm? What Is Shor's Algorithm? The Quantum Threat Explained What Is Quantum Safe? What the Label Means for CISOs What Is Quantum Computing Security? What Is Quantum Cyber Security? What Is Quantum Cryptography? QKD, PQC, and related? Quantum Security: A Complete Guide for Security Leaders What Is Post-Quantum Cryptography (PQC)? Crypto-Agility Is an Architecture Problem, Not a Library Swap IBM Quantum Advantage 2026: Heron + Fugaku Analyzed Aaronson Warns: CRQC by 2029 Is Plausible U.S. Quantum Policy: NQI Reauthorization and PQC Bills The Narrow Advantage: Why Quantum Computing Will Transform Five Industries and Disappoint Twenty The Error Correction Revolution Rewriting Quantum Timelines The Signature Supply Chain: How Deep Does Digital Trust Go? Quantum Chemistry's Honest Ledger: What the Resource Estimates Actually Say About Drug Discovery, Catalysis, and Materials Design Why Quantum Won't Save Wall Street (Yet): An Honest Assessment of Quantum Computing in Finance PQC Standards Fragmentation Quantum Sovereignty and the Utility Trap The Decoder Bottleneck: The CRQC Challenge Nobody Is Talking About IonQ Publishes Complete Fault-Tolerant Blueprint for Trapped Ions — The Walking Cat Architecture Quantum Computing by 2033: Which Industries Win, Which Wait, and Why Nature Reviews Publishes the Definitive CMOS–Spin Qubit Compatibility Assessment IonQ Photonic Interconnect: First Networked Commercial Quantum Computers QuEra Achieves 2:1 Physical-to-Logical Qubit Ratio With Ultra-High-Rate qLDPC Codes Grover's Algorithm vs AES - Why "Ignore It" Is Almost Right McKinsey Quantum Monitor 2026: Tipping Point? Meta PQC Migration Playbook: Lessons for CISOs NVIDIA Ising: Open AI Models for Quantum Calibration and Error Correction Harvard's Cascade Neural Decoder PQC Signature Migration Before Encryption Architecture Matters as Much as the Algorithm: Q-CTRL's Heterogeneous Quantum Computer Design Cuts RSA-2048 to 190k-381k Qubits China's Quantum Sensing Ecosystem: From Deep-Sea Diamonds to Drone-Mounted Submarine Hunters China's Quantum Sensing Ecosystem: From Deep-Sea Diamonds to Drone-Mounted Submarine Hunters China's Quantum Networking and QKD — World's Most Ambitious Quantum Communication Program Anthropic's Mythos Preview and the End of a Twenty-Year Cybersecurity Equilibrium China's Quantum Networking and QKD — World's Most Ambitious Quantum Communication Program Cloudflare Joins Google: Two Internet Giants Now Say 2029 for Post-Quantum Migration China's Quantum Computing Hardware: The Core Capability the West Keeps Misjudging China's Quantum Computing Hardware: The Core Capability the West Keeps Misjudging QuiX Quantum Achieves First Below-Threshold Error Mitigation in Photonic Quantum Computing China's Quantum Talent Ecosystem: Building a Superpower's Workforce Quantum Threat Timeline Report 2025: Record Predictions, But Can the Survey Keep Up? China's Quantum Talent Ecosystem: Building a Superpower's Workforce China's Hefei National Laboratory: The Nerve Center of a Quantum Superpower China's Hefei National Laboratory: The Nerve Center of a Quantum Superpower Gauge Theory Meets Quantum Computing China's 15th Five-Year Plan Makes Quantum an Industrial Imperative — Not Just a Research Priority China's 15th Five-Year Plan Makes Quantum an Industrial Imperative — Not Just a Research Priority QuantumShield360 AI Achieves World's First Complete Post-Quantum Cryptography Migration — Full Quantum Resilience Across All Enterprise Systems 10,000 Qubits to Run Shor's Algorithm Google Quantum AI Achieves 10x Reduction in Resources to Break Bitcoin's Cryptography The U.S. Intelligence Community Just Put Quantum on Equal Footing with AI. And Expanded the Threat Definition Google Just Drew a Line in the Sand: PQC Migration by 2029 Silicon Crosses the Logical Threshold: First Universal Logical Operations Demonstrated in a Silicon Quantum Processor The 1,000-Qubit Ceiling That Probably Isn't Science Confirms What Large Corporate Survivors Already Knew - Organizational Bullshit Makes You Worse at Your Job A New Algorithm Shrinks the Quantum Attack Surface for ECC Quantinuum Squeezes 94 Logical Qubits from 98 Physical — But What Does It Actually Mean?
What Is Harvest Now, Decrypt Later (HNDL)?
Marin Ivezic · 2026-05-04 · via PostQuantum – Quantum Computing, Quantum Security, PQC

This is part of the Quantum Security Reference Deep Dive series. For the full landscape overview, see the capstone article on quantum security.

Introduction

Harvest Now, Decrypt Later (HNDL) is the practice of intercepting and storing encrypted data today with the intention of decrypting it in the future, once a quantum computer powerful enough to break the encryption becomes available. The concept transforms the quantum threat from a hypothetical future problem into an active, present-day risk. Data encrypted with RSA or ECC that is captured today will become readable the moment a CRQC exists.

Why HNDL Is the Argument That Changed Everything

Before HNDL entered the conversation, the quantum threat could be rationalized as a problem for a later planning cycle. The reasoning was straightforward: no quantum computer can break encryption today, so the threat can wait. HNDL demolished that logic.

The insight is simple but consequential. Encrypted network traffic and stored ciphertext can be recorded cheaply and at massive scale. Storage costs continue to fall. Nation-state intelligence services already operate bulk collection infrastructure designed for exactly this purpose. If an adversary captures encrypted data today and a CRQC becomes operational in 2035, every intercepted communication, transaction, and document from the intervening decade becomes retroactively transparent.

The data does not expire. The encryption protecting it eventually will.

This is why every major quantum security mandate (NIST’s guidance, NSA’s CNSA 2.0, the EU’s recommendations) treats HNDL as the primary justification for acting now. The threat is not the CRQC itself; the threat is the combination of a future CRQC and data that was collected years before it existed.

Which Data Is at Risk

Not all data carries the same HNDL exposure. The critical variable is how long the data needs to remain confidential. A marketing email encrypted in transit and read five minutes later has negligible HNDL risk. A diplomatic cable with a 50-year classification window has enormous HNDL risk.

The highest-exposure categories include government and military communications (classified intelligence, diplomatic traffic, defense planning), healthcare records (patient data with lifelong confidentiality obligations), financial data (long-term investment strategies, M&A communications, trade secrets with multi-decade commercial value), intellectual property (pharmaceutical research, advanced technology designs, proprietary algorithms), and personal identity data (biometric records, social security numbers, and other identifiers that cannot be rotated).

Data discovery and classification is the foundation of any HNDL risk assessment. Without knowing what data you hold, how it flows, and how long it must remain protected, you cannot prioritize your PQC migration.

Mosca’s Inequality: The Math of Urgency

Mosca’s theorem provides the clearest framework for assessing HNDL urgency. It defines three variables:

x = the number of years your data must remain confidential y = the number of years it will take to migrate your cryptographic infrastructure to quantum-safe algorithms z = the number of years until a CRQC exists

If x + y > z, you are already too late. The data you need to protect will outlast your ability to protect it before a quantum computer can compromise it.

The power of this inequality is that it reframes the timeline question. Even if z is 15 years away (a moderate estimate), an organization with data that must remain confidential for 10 years (x = 10) and a migration timeline of 7 years (y = 7) faces the uncomfortable arithmetic that 10 + 7 = 17 > 15. They should have started two years ago.

For large enterprises, y is almost always longer than expected. Migration involves cryptographic inventory, vendor coordination, protocol testing, infrastructure upgrades, and regulatory compliance across hundreds or thousands of systems. I have documented why PQC migration spans upwards of 120,000 tasks in a large organization. Compressing that timeline is expensive and risky.

Who Is Harvesting

Attribution in signals intelligence is inherently uncertain, but the general picture is well understood. Nation-state intelligence agencies with bulk collection capabilities are the primary HNDL actors. The resources required (submarine cable taps, satellite intercept stations, ISP-level collection agreements, massive storage infrastructure) limit HNDL to state-level or state-sponsored operators.

The Five Eyes intelligence alliance, China’s Ministry of State Security, and Russia’s FSB and GRU all operate signals intelligence programs with the collection infrastructure to execute HNDL at scale. The question is not whether bulk encrypted data collection is occurring. It is which encrypted data flows are being prioritized by which adversaries.

For organizations in defense, diplomacy, critical infrastructure, advanced technology, or financial services, the prudent assumption is that relevant encrypted traffic is being captured today.

HNDL’s Counterpart: Trust Now, Forge Later

While HNDL targets confidentiality (the secrecy of data), its counterpart targets trust. Trust Now, Forge Later (TNFL), a concept I introduced in 2018, describes the risk that digital signatures made today with RSA or ECC could be forged retroactively once a CRQC exists. Where HNDL compromises what was said, TNFL compromises who said it.

Together, HNDL and TNFL represent the two dimensions of the pre-quantum threat: confidentiality and authenticity, both vulnerable before a CRQC is built, both requiring action now.

What to Do About It

The defense against HNDL is straightforward in concept: encrypt data with algorithms that a quantum computer cannot break. In practice, this means migrating to post-quantum cryptography.

Prioritize the systems carrying data with the longest confidentiality requirements. Classify your data by HNDL exposure window. Begin migration with the highest-risk channels and work outward. The Applied Quantum PQC Migration Framework provides the methodology, and my risk-driven strategies for quantum readiness offer a pragmatic approach when a full cryptographic inventory is not immediately feasible.

As I have argued throughout PostQuantum.com, the deadlines for action are already set by regulators and industry, independent of when a CRQC arrives. HNDL is the reason those deadlines exist.

Go Deeper

Q-Day Deadlines Are Set — why ecosystem deadlines matter more than predictions

Harvest Now, Decrypt Later (HNDL) Risk — full analysis of the HNDL threat

Mosca’s Theorem and Post-Quantum Readiness — the mathematical framework for urgency

Trust Now, Forge Later (TNFL) — the signature counterpart to HNDL

Data Discovery and Classification for Quantum Readiness — identifying your highest-risk data

Risk-Driven Strategies for Quantum Readiness — when full inventory is not feasible

Quantum Upside & Quantum Risk - Handled

My company - Applied Quantum - helps governments, enterprises, and investors prepare for both the upside and the risk of quantum technologies. We deliver concise board and investor briefings; demystify quantum computing, sensing, and communications; craft national and corporate strategies to capture advantage; and turn plans into delivery. We help you mitigate the quantum risk by executing crypto‑inventory, crypto‑agility implementation, PQC migration, and broader defenses against the quantum threat. We run vendor due diligence, proof‑of‑value pilots, standards and policy alignment, workforce training, and procurement support, then oversee implementation across your organization. Contact me if you want help.

Talk to me Contact Applied Quantum