"I use a FIPS-140 approved cryptographic module, so my communications are safe." This is a statement we hear quite often and it is true - as long as those communications only need to remain secret for a short time. There is an attack methodology that we are dubbing “Harvest then Decrypt” in which sensitive data is collected and stored today awaiting decryption once quantum computers become available. This attack can potentially expose today’s secrets in a few short years. With the Harvest then Decrypt attack, an outside group records and stores (Harvests) encrypted data that is streaming through the internet or cloud today. This outside group could be storing data to or from a specific website, server, email client, or whatever target they deem worthy of attack. Or, given sufficient motivation and resources, the harvesters could be recording petabytes of data each hour from general internet traffic. Only nation-states would likely embark on this type of mass storage, although it is possible for ISPs and other communication companies to be doing this on a limited basis as well. You might dismiss this as overly paranoid, but there are plenty of publically exposed governmental programs aimed at mass surveillance and data storage. Here are a few examples that have been reported on over the years:

  • The NSA’s $1.5 billion Utah Data Center data storage center that is designed to store exabytes (1018 bytes) or more of data. The NSA’s Intelligence-gathering unit called Tailored Access Operations reportedly collects approximately 1 Million Gigabytes of data each hour.
  • China’s military hacking unit called APT1 (or Unit 61398 of the People’s Liberation Army) has allegedly hacked into American companies including U.S. Steel, Alcoa, and Westinghouse.
  • The British intelligence agency GCHQ has a mass surveillance program called Mastering the Internet (MTI) to capture the content of email messages, social network postings and web browsing history. The UK also has developed the Interception Modernisation Programme to intercept and store communications data in a central database. • The Federal Security Service of Russia has a program called SORM that is already monitoring internet and telephone communications.
  • India’s Research and Analysis Wing built the DRDO NETRA which tracks online communications from Skype and Google Talk, among others. India also owns a Central Monitoring System that tracks Google searches, stores e-mails and text messages, monitor posts on social networking services and listens to phone conversations.
  • Germany and France have data collection programs called Project 6 and Frenchelon, respectively.

So it is quite feasible that governments around the world are collecting and storing vast amounts of internet traffic. It’s also possible that criminal groups are storing targeted financial data. But if you are using strong encryption, then they probably can’t do anything with that data today.

The threat lies in the fact that quantum computers will be able to break the asymmetric encryption that protect your private keys, giving the outside groups completely unfettered access to your stored data. This is the “Decrypt” part of Harvest then Decrypt. Optimists are predicting that quantum computers will be able to break RSA and Elliptic Curve (the two most popular crypto algorithms) within 5 years, with the consensus opinion being less than 10 years. See my earlier blog for a discussion on who is predicting what.

In 5-10 years, outside parties could have access to your customer account numbers and passwords, your company’s most sensitive IP and internal communications, and any other secrets that you hoped would remain confidential for more than a decade.

If you don’t want this to happen to your data, there are solutions available today that can protect you. If you purchase cryptography, ask your vendor what protections they have (or are planning to offer) against quantum computing attacks. If you build your own encrypted applications, then ask your security team about the actions they are taking.  Your secrets should remain secret for more than the next ten years.