The attack doesn’t wait for quantum computers to arrive. Adversaries are collecting vast amounts of encrypted data today, for future decryption from quantum computing.
Harvest Now Decrypt Later (commonly referred to as HNDL) is not a theoretical future threat. It is an active attack strategy being executed today by nation-state adversaries against governments, financial institutions, defense contractors, and critical infrastructure operators worldwide.
Ignoring HNDL is no longer optional for any organization that handles sensitive, long-lived data. The decisions made now about cryptographic architecture, data classification, and migration timelines will determine whether that data remains protected when quantum decryption becomes operationally viable.
HNDL is a two-phase attack strategy. In the first phase, adversaries intercept and collect encrypted data in transit. For example financial transactions, classified communications, medical records, or any data moving across networks. The data is currently unreadable, but that is not the point.
In the second phase, adversaries use sufficiently powerful quantum computers to decrypt the stored data retroactively. Because the data has already been captured, no future security upgrade can protect it. The attack is sometimes referred to as Store Now, Decrypt Later (SNDL), describing the same strategy from the adversary’s operational perspective.
Adversaries do not need to break encryption today. They need only to intercept and store encrypted network traffic at scale, then wait for quantum computing capability to mature, and future Quantum + AI will be especially powerful.
Intelligence agencies, including the NSA and CISA — along with allied national security organizations — have publicly confirmed that HNDL operations are already underway at scale. For further context, see the NSA CNSA 2.0 Advisory and the CISA Post-Quantum Cryptography Initiative.
Quantum-Accelerated Artificial Intelligence Drastically Increases The Threat
This Quantum+AI threat landscape is daunting: think of it metaphorically as thousands of PhD-level cryptographic scientists—each with IQs above 1600 — working 24/7 to probe vulnerabilities and devise novel quantum algorithms that significantly increase the likelihood of toppling today’s encryption standards including the new PQC standards.
Quantum and AI threats are exposing the fundamental limitations of the traditional security models. Our whitepaper explains why Harvest-Now-Decrypt-Later, large institutional cryptographic debt, and compressed PQC timelines have created a tipping point for enterprise, and outlines the steps organizations must take now to stay ahead.
Classified communications, weapons system data, personnel records
Transaction records, customer PII, interbank communications
Operational data for energy, water, and transportation systems
Source code, design files, blueprints, trade secrets
The targeting calculus is simple: adversaries prioritize data whose value will persist long enough to justify the wait.
Most enterprise security planning assumes a Q-Day window of 2030–2035 — the point at which quantum computers can break current asymmetric encryption at operational scale. Actually, that time window is compressing.
Recent algorithmic research has significantly reduced the theoretical qubit requirements for breaking RSA and ECC encryption. NIST finalized its first Post Quantum Cryptography standards in 2024, and compliance timelines under the NSA’s CNSA 2.0 framework are already in motion. Organizations that have not begun cryptographic inventory and migration planning are behind the curve.
For a deeper look at how Quantum+AI convergence is accelerating these timelines, see Understanding the Quantum+AI Threat on the EnQuanta site.
Transitioning to NIST-approved Post Quantum Cryptography algorithms is a necessary step — not a sufficient one. NIST PQC standards rest on mathematical hardness assumptions that are unproven at scale, and the history of cryptography suggests assumptions get broken.
HNDL attacks captured data before your PQC migration. They will target data transmitted during your migration. EnQuanta’s QuantaCrypt™ products address this through assumption-free, dynamic-hybrid cryptography — protection designed to remain resilient regardless of what computational advances emerge, without depending on any single algorithm or mathematical premise.
Identify all data in transit, encryption protocols in use, and key management infrastructure
Prioritize data whose value will persist five or more years
Align with NIST and CNSA 2.0 requirements and establish a phased roadmap
Ensure your architecture can update ciphers and keys without system-wide refactoring
The appropriate response is to treat data captured today as potentially at risk.
As you begin to evaluate risks and options for PQC transition compliance, we can support your process with deep insight and guidance. Contact us to explore your questions, your priorities, and next steps.
