Education
How encrypted data is harvested (without breaking crypto today)
Harvest-now-decrypt-later does not require breaking RSA today. Adversaries copy ciphertext through paths your security team already tracks — breaches, backups, and archives.
Key terms
HNDL, ciphertext, CRQC, forward secrecy, ECDH — see definitions on the HNDL hub.
What harvesting means
Harvesting is copying and storing encrypted data — not decrypting it in real time. Storage is cheap; migration takes years. Nation-state and criminal actors treat ciphertext as a long-term asset.
The five collection paths
| Vector | What gets copied | Why it matters for HNDL |
|---|---|---|
| Breach exfiltration | DB dumps, file shares, backup appliances | Fastest path in enterprise incidents |
| Backups & archives | Tape, S3 snapshots, email archives | Long retention = long Mosca X |
| Cloud misconfiguration | Public snapshots, open prefixes | No crypto break required |
| Bulk transit capture | TLS handshakes + ciphertext | Future ECDH break unlocks sessions |
| Insider / supply chain | M&A rooms, subcontractor copies | Decades-long legal holds |
TLS nuance for practitioners
Modern TLS 1.3 with forward secrecy means passive wire capture of application data alone is not enough. Adversaries store handshake records (ECDH public keys, certificate chains) plus encrypted payloads. A future CRQC breaks the discrete-log problem in the handshake — then derives session keys.
What to do this quarter
- Inventory external TLS, JWKS, SSH, and STARTTLS — free mini-assessment
- Tag assets by data shelf-life tier
- Quantify Mosca exposure on longest-retained data classes
- Export CycloneDX CBOM for GRC integration
Honest scope: Inventory aid, not formal audit. Quantum-vulnerable ≠ broken today.
Related guides
- HNDL hub — canonical primer with interactive tools
- Mosca inequality for CISOs
- HNDL for security engineers
Continue on the Q-Day hub: Harvest now, decrypt later guide
References & further reading
Authoritative primary sources cited in this article. Summaries are our own — follow links for full context.
Last verified 2026-06-04
- What Is Post-Quantum Cryptography?NIST · 2024Official overview of NIST's PQC project, finalized standards, and the harvest-now-decrypt-later threat model.
- What Is Q-Day? Quantum Computing and Cyber RiskPalo Alto Networks · 2026CRQC definition, HNDL threat model, and migration guidance for enterprise security teams.
- Unit 42 Incident Response Report — exfiltration timelinesPalo Alto Networks Unit 42 · 2025Incident response data showing compressed exfiltration timelines — copying ciphertext is faster than breaking crypto today.
- Why Your Encrypted Data Is Already Being Stolen (Jeremy Allison, CIQ)YouTube · 2025Practitioner perspective on HNDL, PQC migration complexity, and FIPS certification for open source.
See your exposure with evidence
Run a live PQC inventory scan, export a CBOM, and verify signed reports independently.
