The biggest threat to your data isn’t happening tomorrow. It happened yesterday. If you haven’t heard of HNDL (Harvest Now, Decrypt Later), your long-term data strategy has a massive blind spot. Here is the reality: State actors and cybercriminals are capturing your encrypted data today. They can’t read it yet, so they’re storing it in massive data vaults, waiting for the "Qday"—the moment quantum computers become powerful enough to break current encryption. If your data needs to stay private for 5, 10, or 20 years, it’s already at risk. What’s on the line? ↳ Intellectual Property (IP) and trade secrets. ↳ Government and identity data. ↳ Long-term financial records and contracts. ↳ Sensitive customer health data. How do we solve it? 🛠️ We cannot wait for quantum supremacy to react. The fix starts now: ↳ Inventory: Identify which data has a long shelf-life. ↳ Crypto-Agility: Move toward systems that can swap encryption methods without a total overhaul. ↳ Hybrid PQC: Implement Post-Quantum Cryptography alongside classical methods to ensure traffic captured today remains a mystery tomorrow. The transition to quantum-resistant security is a marathon, not a sprint. Are you tracking HNDL on your current risk register? Let’s discuss in the comments. 👇 P.S. If you want help mapping your exposure or building a PQC migration plan, drop me a message. ♻️ Share this post if it speaks to you, and follow me for more. #QuantumSecurity #PQC
Data Migration
Explore top LinkedIn content from expert professionals.
-
-
🛡️ The Quantum Clock is Ticking quietly: Is Your Financial Infrastructure Ready? The financial industry is built on a foundation of digital trust, currently secured by #cryptographic standards like RSA and ECC. However, the rise of Cryptographically Relevant Quantum Computers (CRQC) poses an existential threat to this foundation. As we navigate this transition, here are 3 key pillars from the latest Mastercard R&D white paper that every financial leader must prioritize: 1. Addressing the 'Harvest Now, Decrypt Later' (HNDL) Threat 📥 Malicious actors are already intercepting and storing sensitive #encrypted data today, intending to decrypt it once powerful quantum computers are available. Financial Use Case: Protecting long-term assets such as credit histories, investment records, and loan documents. Unlike transient transaction data (which uses dynamic cryptograms), this "shelf-life" data requires immediate risk analysis and the adoption of quantum-safe encryption for back-end systems. 2. Quantum Resource Estimation & The 10-Year Horizon ⏳ While a CRQC capable of breaking RSA-2048 in hours might be 10 to 20 years away, the migration process itself will take years. Financial Use Case: Developing Agile Cryptography Plans. Financial institutions should set "action alarms" for instance, once a quantum computer reaches 10,000 qubits, a pre-prepared 10-year migration plan must be triggered to ensure infrastructure is updated before the "meteor strike" occurs. 3. Hybrid Implementations: The Bridge to Security 🌉 The transition won't happen overnight. The paper highlights the importance of Hybrid Key Encapsulation Mechanisms (KEM), which combine classical security with PQC. Financial Use Case: Enhancing TLS 1.3 and OpenSSL 3.5 protocols. By implementing hybrid models now, banks can protect against current quantum threats (like HNDL) while maintaining compatibility with existing classical systems, ensuring a smooth and safe transition. The Bottom Line: A reactive approach is no longer an option. Early adopters who evaluate their data's "time value" and begin the migration today will be the ones to maintain resilience and protect global financial assets tomorrow. #QuantumComputing #PostQuantumCryptography #FinTech #CyberSecurity #DigitalTrust #MastercardResearch
-
Quantum computing is moving from "science fiction" to "business reality" faster than most predicted. Two recent papers have fundamentally shifted the timeline for when we need to care about Quantum-Safe security: 1️⃣ The "10,000 Qubits" Milestone: New research shows that we can execute Shor’s algorithm—the math that breaks today’s encryption—with far fewer resources than previously thought. By using reconfigurable atomic qubits, the hardware requirements for cracking RSA-2048 have dropped by nearly 20x. 2️⃣ The "9-Minute" Crypto Warning: Google’s latest whitepaper highlights a terrifying reality for digital assets. Under advanced quantum scenarios, the encryption protecting a cryptocurrency wallet could be cracked in under 10 minutes. This puts billions in "dormant" assets at immediate risk of "at-rest" attacks. The Bottom Line: The "Q-Day" window is shrinking. It’s no longer about if a quantum computer can break your encryption, but when your current migration timeline will run out. How do we respond? We can't just flip a switch on "Q-Day." For many organizations, becoming quantum safe is a multi-year journey. This is where Palo Alto Networks Quantum-Safe Security comes in. Instead of a manual, multi-year overhaul, we provide a path to Agentic Resilience: - Continuous Discovery: It automatically maps your "cryptographic bill of materials" (CBOM), identifying exactly where vulnerable RSA and ECC algorithms are hiding in your network. - Risk Prioritization: It correlates your encryption strength with business criticality, telling you exactly which high-value assets need to move to Post-Quantum Cryptography (PQC) first. - Real-Time Remediation: For legacy systems that can’t be easily upgraded, a "Quantum-Safe Proxy" re-encrypts vulnerable traffic into post-quantum algorithms (like ML-KEM) at the network edge. The transition to a quantum-safe future is a marathon, but the starting gun has already fired. Learn how to take your first steps at the link in the comments.
-
🚨 NEW PEER-REVIEWED RESEARCH: PQC Migration Timelines Excited to share my latest paper published in MDPI Computers: "Enterprise Migration to Post-Quantum Cryptography: Timeline Analysis and Strategic Frameworks." The transition to Post-Quantum Cryptography (PQC) represents a watershed moment in the history of our digital civilization. Organizations planning for a 3-5 year "upgrade" will fail. The reality is a 10-15-year systemic transformation. Key Contributions: 📊 Realistic Timeline Estimates by Enterprise Size: Small (≤500 employees): 5-7 years Medium (500-5K): 8-12 years Large (>5K): 12-15+ years ⚠️ Critical Finding: With FTQC expected 2028-2033, large enterprises face a 3-5 year vulnerability window—migration may not complete before quantum computers break RSA/ECC. 🔬 Novel Framework Analysis: Causal dependency mapping (HSM certification, partner coordination as critical paths) "Zombie algorithm" maintenance overhead quantified (20-40%) Zero Trust Architecture implications for PQC 💡 Practical Guidance: Crypto-agility frameworks and phased migration strategies for immediate action. Strategic Recommendations for Leadership: 1. Prioritize by Data Value, Not System Criticality: Invert the traditional triage model. Systems protecting long-lived data (IP, PII, Secrets) must migrate first, regardless of their operational uptime criticality, to mitigate SNDL. 2. Fund the "Invisible" Infrastructure: Budget immediately for the expansion of PKI repositories, bandwidth upgrades, and HSM replacements. These are long-lead items that cannot be rushed. 3. Establish a Crypto-Competency Center: Do not rely solely on generalist security staff. Invest in specialized training or retain dedicated PQC counsel to navigate the mathematical and implementation nuances. The talent shortage will only worsen. 4. Demand Vendor Roadmaps: Contractual language must shift. Procurement should require vendors to provide binding roadmaps for PQC support. "We are working on it" is no longer an acceptable answer for critical supply chain partners. 5. Embrace Hybridity: Accept that the future is hybrid. Design architectures that can support dual-stack cryptography indefinitely, viewing it not as a temporary bridge but as a long-term operational state. 6. Implement Automated Discovery: You cannot migrate what you cannot see. Deploy automated cryptographic discovery tools to continuously map the cryptographic posture of the estate, identifying shadow IT and legacy instances that manual surveys miss. The quantum clock is ticking. Start planning NOW. https://lnkd.in/eHZBD-5Y 📄 DOI: https://lnkd.in/ejA9YpsG #PostQuantumCryptography #Cybersecurity #QuantumComputing #PQC #InfoSec #NIST #CryptoAgility
-
🔐Word o’ the Day | Year | Decade: Crypto-agility, Baby! Yesterday morning, I did a fun fireside chat with Bethany Gadfield - Netzel at the FIA, Inc. Expo in Chicago. We talked about cyber resilience, artificial intelligence, Rubik’s cubes, and that thing called quantum! A question came up at the end, “What can firms actually do today to begin transitioning to post-quantum cryptography?” So thought I would take the opportunity to share my thoughts more broadly on this important, but not super well understood, topic: 1. Don’t wait. The clock for quantum-safe cryptography is already ticking. NIST released its first set of post-quantum standards last year (https://lnkd.in/esTm8uPw) and CISA put out a “Strategy for Migrating to Automated Post-Quantum Discovery and Inventory Tools” last year as part of its broader Post Quantum Cryptography (PQC) Initiative (https://lnkd.in/evpF4umv). h/t Garfield Jones, D.Eng.! 2. Inventory & prioritize. Map all cryptographic usage: what keys, certificates, protocols, and data streams exist today? Which assets hold long-lived value and are at risk of “harvest-now, decrypt-later”? Build a migration roadmap that prioritizes highest-risk systems (e.g., financial settlement platforms, inter-bank links, legacy encryption). 3. Establish crypto-agility. Ensure your architecture supports swapping algorithms, updating certificates, & layering classical + post-quantum primitives without a full system rebuild. This kind of flexibility is key for resilience. 4. Pilot and migrate. Use the new NIST-approved algorithms; experiment first on less time-sensitive systems, validate performance and interoperability, then scale to mission-critical applications. NIST’s IR 8547 report provides a framework for this transition. 5. Vendor & supply-chain alignment. Ask your vendors & service providers: “What’s your PQC transition plan? When will you support NIST-approved post-quantum algorithms? Are your update paths crypto-agile?” If the answer isn’t clear or (as a former boss of mine used to say) they look at you like a “pig at a wristwatch,” you’ve got a potentially serious third-party risk. 6. Board and Exec engagement. Position this not as an IT problem but a fiduciary risk and resilience imperative. The transition to quantum-safe cryptography is multi-year and multi-layered—waiting until it’s urgent means it will be too late.
-
Google just showed that breaking Bitcoin's cryptography requires 20x fewer qubits than we thought. https://lnkd.in/gtwBeJ3N If you work in crypto infrastructure, this should change your roadmap. Their latest paper optimizes quantum circuits for ECDLP-256 - the elliptic curve discrete logarithm problem that underpins Secp256k1 (Bitcoin, Ethereum). The same class of attack (Shor's algorithm) breaks Ed25519 (Solana, Cardano, Cosmos) equally. The new estimate: under 500,000 physical qubits, executable in minutes. Google's own migration timeline target is 2029. That is not theoretical. That is an engineering schedule. Any wallet address where the public key is exposed on-chain, early P2PK addresses, reused addresses, Taproot outputs becomes vulnerable the moment a sufficiently powerful quantum computer comes online. No exploit needed just math. Google recommends "refraining from exposing or reusing vulnerable wallet addresses" as a short-term mitigation. NIST has already standardized replacements: ML-DSA (FIPS 204), SLH-DSA (FIPS 205), and FN-DSA (FIPS 206 draft). The algorithms exist. The real challenge for blockchains is signature bloat. Ed25519 uses 96 bytes for a key and signature combined. The most compact quantum-safe candidate, FN-DSA-512, uses 1,563 bytes. That is a 16x increase — which directly impacts block size, transaction throughput, and fee economics. What this means: every wallet provider and every chain needs to start planning hybrid signature support now. Not after quantum hardware arrives. Not after an incident. Now. Migration takes years, and cryptographic agility cannot be retrofitted overnight. At Fystack, we are actively researching post-quantum signature integration for ourMPC implementation, designing for a transition that does not require ripping out your entire signing stack. Join our Telegram for engineering updates and discussion about web3 engineering, security: https://lnkd.in/gg3ZSj4A #QuantumComputing #Cryptocurrency #PostQuantumCryptography #Bitcoin #Blockchain #CryptoSecurity #MPC #Fystack #Web3Infrastructure #NIST
-
Transitioning to post-quantum cryptography (PQC) is one of the largest and most impactful changes #industrial organizations can implement to improve their security posture. Through a series of activities to map cryptographic dependencies and develop crypto-agile architectures, organizations can prepare to get ahead of the threat curve rather than respond to it. Leaders have more to gain than mere #compliance, as they shift the organizational focus toward operational confidence, #supplychain trust, and enduring cyber resilience that can be a true competitive advantage. With the tools, standards, and regulatory frameworks in place, industrial leaders willing to act now will look at the post-quantum era as not a threat to manage, but more of an architecture to build. Industrial Cyber reached out to experts to gauge the urgency of the post-quantum threat in OT environments. They also look into what industrial security leaders should understand about the likely timeline before today’s cryptographic protections become insufficient. “The quantum threat is significant because of the ‘harvest now, decrypt later’ risk,” Dustin Moody, a mathematician in the Computer Security Division at the U.S. (National Institute of Standards and Technology (NIST) and head of its PQC standardization project, said. “While a cryptographically relevant quantum computer (CRQC) doesn’t exist yet, data with long-term sensitivity intercepted today could be decrypted in the future. For any environment with long-lived assets, the time to begin planning is now, as the transition to quantum-resistant algorithms will likely take years to fully implement across an enterprise.” “For OT, the post‑quantum problem is less about ‘Q‑day’ and more about asset useful life versus how long it will take to migrate to quantum-resistant #cryptography,” Jen Sovada, general manager for public sector at Claroty, said. “Many control systems deployed today will run for 10–30 years, well into when cryptanalytically relevant quantum computers (CRQC) are expected to be operational. Even conservative estimates place them in the 2030-2035 range.” Michael Hoffman, technical leader at Dragos, Inc. said that the post-quantum threat in OT is real but not immediate, and its impact is uneven across OT verticals and across their network architectures. “Most ICS/OT protocols already lack native cryptography, or if they do include it, it is rarely enabled, so the risk is concentrated in higher-level systems, such as OT-to-IT communications, remote access, and identity services.” “The post-quantum threat is not immediate. It will take years before quantum computing can break widely used cryptographic algorithms at scale,” according to Anton Shipulin, an industrial cybersecurity evangelist at Nozomi Networks. “However, OT organisations should not delay action. Industrial systems have long lifecycles, often 10–15 years, and are difficult to modify due to limited maintenance windows and operational constraints.”
-
While current quantum computers are not yet powerful enough to break widely used cryptographic systems, progress is accelerating. This puts financial institutions on notice: many commonly used public-key cryptographic systems, particularly RSA and ECC, could eventually be compromised, posing systemic risks to confidentiality, integrity, and authentication in financial transactions. To manage this risk, the Bank for International Settlements – BIS’ report proposes a three phases transition framework: 1️⃣ preparing for quantum risk awareness and inventory mapping, 2️⃣ migrating to post-quantum cryptography (PQC) standards once finalized (notably by NIST), and 3️⃣ continuously validating and adapting systems to maintain resilience. Key players (central banks, financial market infrastructures (FMIs), and regulated entities) are advised to act immediately in assessing vulnerabilities and developing mitigation strategies. Cross sector coordination is emphasized as critical to ensure a synchronized and effective transition. The report also highlights the need to prioritize migration in critical areas, such as #payments, #settlement systems, #authentication, and #digitalidentities, all of which rely heavily on cryptographic standards that will become obsolete within a quantum powered processing context. Key conclusions: ➡️ Early experimentation and engagement with standards bodies (e.g., NIST, ETSI) are encouraged to reduce transition friction. ➡️ Financial authorities and central banks should lead by example, upgrading their own systems and setting expectations for regulated entities and financial infrastructures. ➡️ Priority areas for quantum readiness include payment and settlement systems, digital identity schemes, secure communications, and authentication frameworks. ➡️ The risk is not just technical , interdependencies across systems mean that even a single weak link could jeopardize broader financial stability. ➡️ While large-scale quantum attacks may still be a decade away, “harvest now, decrypt later” threats are already plausible, making early action essential. While a full quantum threat may may not be (very) short term, the long lead times required for cryptographic system migration, the high interdependency of financial networks, and the regulatory implications make it imperative to act now. BIS calls for global alignment and proactive leadership to ensure that the transition to quantum-resilient systems is orderly, inclusive, and secure. #technology #ditigal #risk #banking
-
🚨𝗬𝗼𝘂’𝗿𝗲 𝗣𝗿𝗼𝘁𝗲𝗰𝘁𝗶𝗻𝗴 𝗗𝗮𝘁𝗮 𝗳𝗼𝗿 𝘁𝗵𝗲 𝗣𝗮𝘀𝘁, 𝗡𝗼𝘁 𝗳𝗼𝗿 𝘁𝗵𝗲 𝗤𝘂𝗮𝗻𝘁𝘂𝗺 𝗙𝘂𝘁𝘂𝗿𝗲 Your data may already be compromised. You just don’t know it yet. Most security strategies assume yesterday’s threats. Quantum changes the timeline, not just the technology. Quantum computing doesn’t need to exist at scale to break today’s security. 'Harvest now and Decrypt later has already changed the risk equation. This paper by Mastercard is a wake-up call for #governments, #enterprises, #CISOs and #boards preparing for a post-quantum world. 𝗧𝗵𝗲 𝗞𝗲𝘆 𝗜𝗻𝘀𝗶𝗴𝗵𝘁𝘀 𝗨𝗻𝗱𝗲𝗿𝘀𝘁𝗮𝗻𝗱𝗶𝗻𝗴 𝘁𝗵𝗲 𝗤𝘂𝗮𝗻𝘁𝘂𝗺 𝗧𝗵𝗿𝗲𝗮𝘁 The real risk is time. • Encrypted data can be stolen today and decrypted later • Long-life data (health, defence, IP, identity) is most exposed • Quantum resource estimates show this is not theoretical anymore 𝗧𝗿𝗮𝗻𝘀𝗶𝘁𝗶𝗼𝗻𝗶𝗻𝗴 𝘁𝗼 𝗤𝘂𝗮𝗻𝘁𝘂𝗺-𝗦𝗮𝗳𝗲 𝗦𝘆𝘀𝘁𝗲𝗺𝘀 Risk management must start before quantum arrives. • Crypto agility is now a strategic requirement • Post-Quantum Cryptography (PQC) emerges as the most scalable path • Quantum safety is about migration planning, not last-minute swaps Security teams must plan for years, not upgrades. 𝗠𝗮𝗻𝗱𝗮𝘁𝗲𝘀 & 𝗥𝗲𝗴𝘂𝗹𝗮𝘁𝗶𝗼𝗻𝘀 𝗔𝗿𝗲 𝗖𝗮𝘁𝗰𝗵𝗶𝗻𝗴 𝗨𝗽 Governments are already moving. • Global mandates now require quantum-safe migration plans • Clear guidance is emerging on PQC vs QKD use cases • Public sector action will soon cascade into enterprise obligations • Compliance pressure will arrive faster than most expect. 𝗣𝗲𝗿𝗳𝗼𝗿𝗺𝗮𝗻𝗰𝗲 & 𝗜𝗺𝗽𝗹𝗲𝗺𝗲𝗻𝘁𝗮𝘁𝗶𝗼𝗻 𝗥𝗲𝗮𝗹𝗶𝘁𝘆 Quantum-safe doesn’t mean business-safe by default. • PQC algorithms vary widely in performance impact • TLS needs redesign, not patching • Hybrid approaches are becoming the practical bridge strategy • Security teams must balance safety, latency, and scale. 𝗣𝗤𝗖 𝗠𝗶𝗴𝗿𝗮𝘁𝗶𝗼𝗻 𝗜𝘀 𝗮 𝗣𝗿𝗼𝗴𝗿𝗮𝗺𝗺𝗲, 𝗡𝗼𝘁 𝗮 𝗣𝗿𝗼𝗷𝗲𝗰𝘁 Migration is the hardest part. • Inventory cryptographic assets first • Prioritise systems with long data retention • Test, phase and monitor continuously • There is no “one-and-done” quantum fix. 𝗞𝗲𝘆 𝗧𝗮𝗸𝗲𝗮𝘄𝗮𝘆𝘀 ✅ Quantum risk is a present-day governance issue ✅ Waiting for quantum computers is already too late ✅ PQC migration will define future cyber resilience ✅ Security leaders must act before regulators force the move 𝗕𝗼𝘁𝘁𝗼𝗺 𝗟𝗶𝗻𝗲 Quantum security is no longer about cryptography. It’s about foresight, governance, and timing. Those who migrate early will set the standard and who delay will inherit the risk. 👉 If data is harvested today, when does the liability actually begin? #Quantum #QuantumSecurity #PostQuantumCryptography #CyberRisk #AIandQuantum #Governance #CISO #Board #DigitalTrust #TechforGood
-
NIST – Migration to Post-Quantum Cryptography Quantum Readiness outlines a comprehensive framework for transitioning cryptographic systems to post-quantum cryptography (PQC) in response to the emerging threat of quantum computers. Quantum technology is advancing rapidly and poses a significant risk to current public-key cryptographic methods like RSA, ECC, and DSA. This guide aims to assist organizations in preparing for and implementing PQC to safeguard sensitive data and critical systems. Key Points The Quantum Threat Quantum computers are expected to disrupt cryptography by efficiently solving mathematical problems that underpin widely used encryption and key exchange methods. This would render current public-key systems ineffective in protecting sensitive data, emphasizing the need for cryptographic agility. NIST PQC Standards NIST is spearheading efforts to standardize quantum-resistant algorithms through an open competition and evaluation process. These algorithms, designed to withstand quantum attacks, focus on two primary areas: 1. Key Establishment: Protecting methods like Diffie-Hellman and RSA key exchange. 2. Digital Signatures: Securing authentication processes. Migration Framework The document provides a phased approach to migrating cryptographic systems to PQC: 1. Assessment Phase: - Inventory cryptographic dependencies in current systems. - Evaluate systems at risk from quantum threats based on sensitivity and lifespan. 2. Preparation Phase: - Conduct pilot testing of candidate PQC algorithms in existing infrastructure. - Develop a hybrid approach that combines classical and post-quantum algorithms to ensure interoperability during transition. 3. Implementation Phase: - Replace vulnerable cryptographic methods with PQC in a phased manner. - Ensure scalability, performance, and compatibility with existing systems. 4. Monitoring and Updates: - Continuously monitor the effectiveness of implemented solutions. Challenges in PQC Migration - Performance Impact: PQC algorithms often have larger key sizes, increased latency, and greater computational demands compared to classical algorithms. - Interoperability: Ensuring smooth integration with legacy systems poses significant technical challenges. Best Practices - Use hybrid encryption to maintain compatibility while testing PQC algorithms. - Engage in collaboration with vendors, industry groups, and government initiatives to align with best practices and standards. Conclusion The transition to post-quantum cryptography is a proactive measure to secure data and communications against future threats. NIST emphasizes the importance of starting preparations immediately to mitigate risks and ensure a smooth, efficient migration process. Organizations should focus on inventorying dependencies, piloting PQC solutions, and developing cryptographic agility to adapt to this transformative technological shift.