Tom Hundley🤖 Written by Claude · Curated by Tom Hundley
I'm a tech executive and software architect—not a subject matter expert in every field I write about. I'm a generalist trying to keep up with emerging technologies like everyone else. This article was researched and written by Claude (Anthropic's AI assistant), and I've curated and reviewed it for our readers.
"Harvest now, decrypt later" isn't a future threat—it's happening today. The race to quantum-safe security has already begun.
Here's a scenario that should concern every business leader:
Your company's most sensitive data—trade secrets, financial records, customer information, strategic plans—is encrypted and secure. Today's best hackers can't crack that encryption. You're safe.
But what if someone is copying and storing that encrypted data right now, waiting for a quantum computer powerful enough to decrypt it?
This isn't paranoia. Security experts call it "harvest now, decrypt later"—and there's evidence it's already happening.
To understand the threat, you need to understand how most internet encryption works.
When you send your credit card number to Amazon, check your bank balance, or email a confidential document, that data is encrypted. The encryption relies on mathematical problems that are easy to create but incredibly hard to solve.
The most common encryption (RSA) works like this: Take two very large prime numbers and multiply them together. Easy. Now take that product and figure out which two prime numbers created it. Essentially impossible for classical computers when the numbers are large enough.
This is why a 2048-bit RSA key is considered secure. A classical computer would need billions of years to crack it.
In 1994, mathematician Peter Shor discovered that a quantum computer could factor large numbers exponentially faster than any classical computer. What takes a classical computer billions of years could theoretically take a quantum computer hours or minutes.
This means that RSA, DSA, ECDSA, and Diffie-Hellman—the mathematical foundations of most internet security—will eventually be breakable by quantum computers.
The question isn't if. It's when.
Today's quantum computers, including Google's 105-qubit Willow, aren't powerful enough to break strong encryption. Breaking RSA-2048 would require thousands of error-corrected logical qubits—far beyond current capabilities.
Most experts believe a "cryptographically relevant quantum computer" (CRQC) won't arrive in 2025, and public key encryption will remain safe through this year.
According to the Global Risk Institute's Quantum Threat Timeline Report:
| Year | Probability of CRQC Breaking RSA-2048 |
|---|---|
| 2029 | Low (single digits) |
| 2034 | 17-34% |
| 2039 | Higher probability |
| 2044 | 79% |
IBM's quantum computing roadmap projects processors scaling to several thousand qubits by 2035—the range where breaking RSA-2048 becomes feasible.
NIST (National Institute of Standards and Technology) plans full deprecation of RSA-2048 and ECC-256 by 2030, with classical algorithms vulnerable to quantum attacks disallowed by 2035.
The Cloud Security Alliance recommends that enterprises achieve full quantum-readiness by April 14, 2030.
"We have until 2035" might sound reassuring. It's not, for three critical reasons:
The "harvest now, decrypt later" attack model means adversaries don't need to wait for quantum computers to collect valuable data. They can:
If your data has long-term value—intellectual property, medical records, financial data, strategic plans, government communications—it's already at risk.
The effective threat date isn't when quantum computers arrive. It's today.
Transitioning to new encryption isn't like updating an app. Enterprise cryptographic migration involves:
BCG estimates this process takes 5-10 years for large enterprises. Organizations that start in 2030 will be finishing in 2035-2040—potentially too late.
Ask yourself: How long does your sensitive data need to remain confidential?
| Data Type | Sensitivity Period | At Risk If Harvested |
|---|---|---|
| Trade secrets | Decades | Yes |
| Medical records | Lifetime | Yes |
| Financial data | 7+ years | Possibly |
| Strategic plans | 3-5 years | Possibly |
| Personal communications | Variable | Depends |
Anything with long-term sensitivity is vulnerable to harvest-now-decrypt-later attacks happening today.
After nearly a decade of evaluation, NIST released three finalized post-quantum cryptography standards in August 2024:
These algorithms are designed to resist both classical and quantum attacks. Unlike RSA, they're based on mathematical problems that quantum computers can't solve efficiently.
Post-quantum cryptography isn't quantum cryptography. It doesn't require quantum computers to work. These are new mathematical algorithms that run on regular computers but can't be broken by quantum computers.
The term "quantum-resistant" means resistant to attacks from both classical and quantum computers—not dependent on quantum technology.
You might already be using post-quantum encryption without knowing it. Google Chrome has implemented ML-KEM in its BoringSSL library, using hybrid key exchange schemes. Millions of users already benefit from quantum-resistant protection.
1. Conduct a Cryptographic Inventory
You can't protect what you don't know about. Identify:
2. Assess Data Sensitivity
For each data category, determine:
3. Evaluate Vendor Readiness
1. Develop a Migration Roadmap
Prioritize based on risk:
2. Budget for Migration
Cryptographic migration isn't free. Plan for:
3. Adopt Hybrid Cryptography
Hybrid approaches—combining classical encryption with post-quantum algorithms—provide a transition path. If the post-quantum algorithm has undiscovered weaknesses, the classical algorithm still provides protection.
1. Deploy Post-Quantum Encryption
Start with highest-risk systems:
2. Update Certificates and Keys
Migrate to quantum-resistant certificates. This may require:
3. Verify and Validate
The harvest-now-decrypt-later threat means your current data is potentially at risk. Early migration reduces the window of vulnerability.
Organizations that achieve quantum-readiness early will:
As NIST deprecates current standards, compliance requirements will follow. Organizations on government/defense contracts, in healthcare, or in financial services will face mandatory migration timelines.
Migration done methodically over 5 years costs far less than emergency migration in 2-3 years. The later you start, the more expensive and risky the transition becomes.
True, but your data is being collected now. And migration takes years. The math doesn't work if you wait.
Large-scale cryptographic migration has never been done at internet scale. There will be bugs, compatibility issues, and unforeseen problems. Organizations that wait will face a rushed, chaotic transition while adversaries are actively exploiting the window.
Are you sure? Aggregated customer data, competitive intelligence, strategic plans, and technical IP all have long-term value to adversaries.
Cryptographic migration touches every system, every vendor, and every process. It requires business prioritization, budget allocation, and executive sponsorship.
2025 is our last chance to start migration to post-quantum cryptography before cryptographically relevant quantum computers emerge.
The threat isn't theoretical. The solutions exist. The only question is whether your organization will act in time.
The organizations that start now will complete their migrations safely. Those that wait will face a dangerous scramble as deadlines approach and quantum computers advance.
Don't let your encrypted data become tomorrow's breach.
Security is foundational to digital business. At Elegant Software Solutions, we help organizations navigate technology transitions including emerging security challenges. Contact us to discuss your quantum security posture.
Sources:
Discover more content:
