Harvest now, decrypt later

Harvest now, decrypt later^[a] (also known as store now, decrypt later or HNDL) is a surveillance strategy that relies on the acquisition and long-term storage of currently unreadable encrypted data awaiting possible breakthroughs in decryption technology that would render it readable in the future – a hypothetical date referred to as Y2Q (a reference to Y2K) or Q-Day.^[1]^[2]

The most common concern is the prospect of developments in quantum computing which would allow current strong encryption algorithms to be broken at some time in the future, making it possible to decrypt any stored material that had been encrypted using those algorithms.^[3] However, the improvement in decryption technology need not be due to a quantum-cryptographic advance; any other form of attack capable of enabling decryption would be sufficient.

The existence of this strategy has led to concerns about the need to urgently deploy post-quantum cryptography; even though no practical quantum attacks yet exist, some data stored now may still remain sensitive even decades into the future.^[1]^[4]^[5] As of 2022^[update], the U.S. federal government has proposed a roadmap for organizations to start migrating toward quantum-cryptography-resistant algorithms to mitigate these threats. This new version of Commercial National Security Algorithm Suite uses publicly-available algorithms and is allowed for government use up to the TOP SECRET level.^[5]^[6]

Terminology and scope

The term “harvest now, decrypt later” encompasses various surveillance or espionage operations in which ciphertext or encrypted communications are collected today with the view that they may one day be decrypted, given sufficient advances in computing power or cryptanalysis.^[7]^[8] The abbreviation HNDL is sometimes used in technical and policy documents.^[9] The “Y2Q” (or “Q-Day”) label draws an analogy to the Y2K date-change issue, emphasising a potential future point at which current cryptography may collapse.^[10] The strategy is particularly relevant for data with long confidentiality lifetimes, such as diplomatic communications, personal health records, critical infrastructure logs, or intellectual property.^[9]^[11]

References

^ ^a ^b Townsend, Kevin (16 February 2022). "Solving the Quantum Decryption 'Harvest Now, Decrypt Later' Problem". SecurityWeek. Retrieved 9 April 2023.
^ "Half of organizations worry about quantum 'harvest now, decrypt later' attacks". SiliconANGLE. 20 September 2022. Retrieved 9 April 2023.
^ "Quantum Computing and Cryptography" (PDF). European Data Protection Supervisor. 2020. Retrieved 9 April 2023.
^ "Quantum-Safe Secure Communications" (PDF). UK National Quantum Technologies Programme. October 2021. Retrieved 9 April 2023.
^ ^a ^b Liu, Nancy (27 September 2022). "'Harvest Now, Decrypt Later' Concern Boosts Quantum Security Awareness". Retrieved 10 April 2023.
^ "Prepare for a New Cryptographic Standard to Protect Against Future Quantum-Based Threats". Cybersecurity and Infrastructure Security Agency. 5 July 2022. Retrieved 10 April 2023.
^ "Frequently Asked Questions about Post-Quantum Cryptography". NIST NCCoE. Retrieved 28 October 2025.
^ "Migration to Post-Quantum Cryptography (NIST SP 1800-38B) – Preliminary Draft" (PDF). NIST NCCoE.
^ ^a ^b "Migration to Post-Quantum Cryptography (Quantum Readiness)" (PDF). CISA, NSA, NIST. 21 August 2023. Retrieved 28 October 2025.
^ ""Harvest Now, Decrypt Later": Examining Post-Quantum Cryptography and the Data Privacy Risks for Distributed Ledger Networks" (PDF). Board of Governors of the Federal Reserve System. 2025. Retrieved 28 October 2025.
^ "Market Survey on Cryptography and Quantum Computing" (PDF). German Federal Office for Information Security (BSI). 2025. Retrieved 28 October 2025.

External links

Notes

^ Also known as "store now, decrypt later", "steal now, decrypt later" or retrospective decryption.

References

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

[:0-2] Townsend, Kevin (16 February 2022). "Solving the Quantum Decryption 'Harvest Now, Decrypt Later' Problem". SecurityWeek. Retrieved 9 April 2023.

[3] "Half of organizations worry about quantum 'harvest now, decrypt later' attacks". SiliconANGLE. 20 September 2022. Retrieved 9 April 2023.

[4] "Quantum Computing and Cryptography" (PDF). European Data Protection Supervisor. 2020. Retrieved 9 April 2023.

[5] "Quantum-Safe Secure Communications" (PDF). UK National Quantum Technologies Programme. October 2021. Retrieved 9 April 2023.

[:1-6] Liu, Nancy (27 September 2022). "'Harvest Now, Decrypt Later' Concern Boosts Quantum Security Awareness". Retrieved 10 April 2023.

[7] "Prepare for a New Cryptographic Standard to Protect Against Future Quantum-Based Threats". Cybersecurity and Infrastructure Security Agency. 5 July 2022. Retrieved 10 April 2023.

[NIST-FAQ-8] "Frequently Asked Questions about Post-Quantum Cryptography". NIST NCCoE. Retrieved 28 October 2025.

[NIST-1800-38B-9] "Migration to Post-Quantum Cryptography (NIST SP 1800-38B) – Preliminary Draft" (PDF). NIST NCCoE.

[CISA-NIST-NSA-QR-10] "Migration to Post-Quantum Cryptography (Quantum Readiness)" (PDF). CISA, NSA, NIST. 21 August 2023. Retrieved 28 October 2025.

[Fed-HNDL2-11] ""Harvest Now, Decrypt Later": Examining Post-Quantum Cryptography and the Data Privacy Risks for Distributed Ledger Networks" (PDF). Board of Governors of the Federal Reserve System. 2025. Retrieved 28 October 2025.

[BSI-SNDL-12] "Market Survey on Cryptography and Quantum Computing" (PDF). German Federal Office for Information Security (BSI). 2025. Retrieved 28 October 2025.

[1] Also known as "store now, decrypt later", "steal now, decrypt later" or retrospective decryption.

[a]

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

Harvest now, decrypt later

Terminology and scope

See also

References

External links

See also

Notes

References