Learning Library

← Back to Library

Harvest Now, Decrypt Later

19mUnknown Channelsecuritydeep-diveintermediateWatch on YouTube ↗

Key Points

  • Quantum computers exploit superposition, entanglement, and other non‑classical physics to explore many possible solutions simultaneously, giving them a huge advantage for tasks such as molecular simulation and massive data searches.
  • While this breakthrough promises breakthroughs like faster drug discovery and solving problems far beyond today’s supercomputers, it also creates a new security risk: data encrypted today could be decrypted later once quantum hardware matures.
  • The phrase “harvest now, decrypt later” captures this threat, warning that adversaries may collect currently protected information now and break the encryption with future quantum attacks.
  • Traditional cryptographic schemes rely on mathematical problems that are infeasible for classical computers, but quantum algorithms can solve many of those problems efficiently, rendering current encryption vulnerable.
  • Organizations must recognize the impending quantum risk and begin planning for quantum‑resistant cryptography to safeguard long‑term valuable data.

Sections

Full Transcript

# Harvest Now, Decrypt Later **Source:** [https://www.youtube.com/watch?v=TU9CRyAOekQ](https://www.youtube.com/watch?v=TU9CRyAOekQ) **Duration:** 00:19:03 ## Summary - Quantum computers exploit superposition, entanglement, and other non‑classical physics to explore many possible solutions simultaneously, giving them a huge advantage for tasks such as molecular simulation and massive data searches. - While this breakthrough promises breakthroughs like faster drug discovery and solving problems far beyond today’s supercomputers, it also creates a new security risk: data encrypted today could be decrypted later once quantum hardware matures. - The phrase “harvest now, decrypt later” captures this threat, warning that adversaries may collect currently protected information now and break the encryption with future quantum attacks. - Traditional cryptographic schemes rely on mathematical problems that are infeasible for classical computers, but quantum algorithms can solve many of those problems efficiently, rendering current encryption vulnerable. - Organizations must recognize the impending quantum risk and begin planning for quantum‑resistant cryptography to safeguard long‑term valuable data. ## Sections - [00:00:00](https://www.youtube.com/watch?v=TU9CRyAOekQ&t=0s) **Quantum Computing and Future Data Theft** - The speaker explains quantum computers’ unique capabilities and warns that their eventual power could decrypt today’s encrypted data, emphasizing the “harvest now, decrypt later” risk. - [00:03:09](https://www.youtube.com/watch?v=TU9CRyAOekQ&t=189s) **Quantum Threat to Modern Cryptography** - The speaker explains how future quantum computers could instantly break current encryption, urging immediate adoption of quantum‑resistant safeguards because attackers can harvest encrypted data today and decrypt it later. - [00:06:13](https://www.youtube.com/watch?v=TU9CRyAOekQ&t=373s) **Public vs Symmetric Encryption Basics** - The speaker explains how asymmetric (public‑key) and symmetric encryption operate, their mathematical foundations, common algorithms such as RSA and AES, typical key lengths, and why their security relies on difficult mathematical puzzles. - [00:09:30](https://www.youtube.com/watch?v=TU9CRyAOekQ&t=570s) **Quantum Threats and Post-Quantum Solutions** - The speaker explains how Grover weakens symmetric keys—necessitating larger key sizes—while Shor completely breaks asymmetric cryptography, prompting a shift to lattice‑based post‑quantum algorithms. - [00:12:37](https://www.youtube.com/watch?v=TU9CRyAOekQ&t=757s) **Achieving Crypto Agility Today** - The speaker explains how to future‑proof cryptographic implementations by adopting crypto‑agility, using quantum‑safe algorithms on existing hardware, and automating a NIST‑guided cryptographic inventory to discover, manage, and remediate vulnerable assets. - [00:15:39](https://www.youtube.com/watch?v=TU9CRyAOekQ&t=939s) **Planning Enterprise Encryption Migration** - An executive outlines prioritizing, tracking, and transitioning large‑scale encryption implementations toward quantum‑safe solutions, including interim crypto proxy usage. - [00:18:47](https://www.youtube.com/watch?v=TU9CRyAOekQ&t=1127s) **Building Crypto Agility Today** - The speaker stresses that although past encrypted data breaches cannot be reversed, organizations can limit future "harvest‑now‑decrypt‑later" risks by adopting crypto‑agile people, processes, and technology now. ## Full Transcript
0:00Quantum computers are coming. 0:02These systems leverage properties of physics that define logic in the conventional sense you and I know it. 0:07Superposition of states, particles acting like waves and entanglement, which Einstein, by the way, called spooky action at a distance, 0:14are just a few of the counterintuitive properties of quantum systems. 0:19Quantum computers don't follow a straight path like the computers we use today. 0:23Instead, they explore many possible answers at once and use clever quantum tricks to zero in on the right one. 0:30This makes them especially good at solving certain kinds of problems, 0:33like simulating molecules or searching through massive amounts of data that would have taken even our fastest supercomputers thousands of years to figure out. 0:43However, like any new technology, they will also introduce some new challenges. 0:48Let's take a look at one of them. 0:50I want you to remember four words. 0:53If you remember nothing else out of this video, then these four, I'll consider it a success. 0:58Here they are. 0:59Harvest now, decrypt later. 1:02What does that mean? 1:03Well, it means the future is coming to steal your data. 1:07Not in some sci-fi movie plot sort of way, but in a very realistic scenario. 1:12It means that you can encrypt all of your sensitive data today, and in the not too distant future, it suddenly won't be secret anymore. 1:20If those secrets are time-sensitive and won't mean much in a few months or years, then probably you don't need to worry. 1:26But if they do have value going forward, and please listen up as we unpack what those four words mean, harvest now, decrypt later. 1:36Okay, let's go back and give some context. 1:38Sensitive data like an organization's intellectual property or client data, 1:43we'll call it personally identifiable information or other secrets like that need to be protected from prying eyes. 1:50Only those with a need to know should have access. 1:53So we use cryptography to protect these secrets. 1:56Plain text like this goes into a crypto algorithm, 2:00and we use a randomly generated key to turn plain text that's readable into cipher text that is not. 2:08And that ciphertext can then be transmitted over a public network or stored in a database without fear that an attacker will be able to read it. 2:17Then when we need to reverse the process for an authorized user, we decrypt the cipher texts and get back to the original message. 2:25Sounds great, and it all works. 2:28In fact, we rely on this technology every day for all sorts of important personal and business transactions. 2:33Crypto works though, because there are certain hard mathematical problems built into the algorithms that we use 2:40that even the most powerful supercomputers can't solve in a thousand years. 2:46That's why your secrets are secret. 2:48But a disruptive new technology is on its way that threatens to upend this arrangement if we aren't careful to prepare for it. 2:56Quantum computers are amazing. 2:58They leverage physical properties that defy conventional logic. 3:02They will literally save lives as we're able to use them to develop more effective drug therapies to treat diseases, and that's really just the beginning. 3:10Put simply, they have the potential to solve in a few hours certain types of problems that would take many lifetimes to work out on today's classical computers. 3:19Sounds great, right? 3:20Well, one of those hard problems also just happens to be the basis for how our classical crypto works. 3:28In other words, quantum will do great things, but it also has the potential to break all of our existing cryptography. 3:36And that's gonna be a problem. 3:38Suddenly the secrets aren't secret anymore. 3:41When will it do this? 3:42Well, nobody really knows for sure. 3:44The consensus in the crypto community seems to be that it will probably be in the next five to 10 years, but it could happen tomorrow. 3:52If someone discovers a novel way to use the power of today's quantum systems, 3:56then suddenly the whole thing falls. 3:59So don't get too comfortable because unlike Y2K this could hit us at anytime without warning, 4:06but let's assume that doesn't happen, 4:08then why bother with this hypothetical now? 4:11Why not just wake you up in a few years when this becomes an actual threat? 4:16Well because of these words i mentioned at the beginning harvest now, decrypt later. 4:22In fact, a bad guy could right now make a copy of your encrypted data and just hold on to it. 4:30Can't read it, but maybe he sees this as it goes across a network. 4:35Maybe he sees an encrypted database that you have that's a backup and makes a copy of that. 4:41All he has to do is hold on to that and then wait for the future to come to him, 4:46because in the future you'll be able to use a quantum computer, feed this information in and be able to read the data, get back to the plain text that he was actually looking for. 4:59Another way of looking at it is to imagine if you had a time machine and you could travel into the future and bring back with you a super powerful quantum system. 5:09Now you would be able break all the encrypted messages at will. 5:13What would be the impact of such a scenario? 5:15Well, as I mentioned before, sensitive information like intellectual property, PII, things like that. 5:22Even national secrets would be revealed. 5:24Digital signatures could be forged, electronic records would no longer become reliable, 5:30payment systems would be broken, the security of critical infrastructure like the power grid would be impacted. 5:36A lot of bad stuff would happen to put it mildly. 5:39Let's take a brief look at the cryptography that underlies this problem in the first place. 5:44First of all, how do we use crypto today? 5:46Well, there are mainly two types of algorithms that we use. 5:50And we use them in combination all the time. 5:53They're symmetric algorithms and asymmetric algorithms. 5:57And a symmetric algorithm uses a single key. 6:01That key we're going to use to encrypt and decrypt. 6:04The key that you use to encrypt can only be the key that will decrypt if the cryptosystem is working properly. 6:10An asymmetric system, however, has two keys. 6:14It has asymmetry. 6:16Whatever you can encrypt with one key, can only be decrypted with the other key. 6:21So that's the way this works. 6:22We often refer to it as public key cryptography or PKI. 6:26That's the ways it works. 6:27There's some mathematical relationships between those two keys, more detailed than we want to get into here, that make that work. 6:34And it looks like magic, but it's not. 6:37So it's all based on math. 6:39And the most common version of a symmetric algorithm we use these days is the advanced encryption standard. 6:44Most common of the asymmetric algorithms, 6:48RSA from the first initial of the last names of the guys that created it. 6:53So these things are out there crypto key length sizes for asymmetric for AES in particular range usually most people use 128 today 256 is also possible. 7:06That's the bit length and the longer the key the stronger the crypto is the harder it is for someone to guess. 7:12The asymmetric algorithms because of the nature of the way they have to have longer keys. 7:18So they're in the range of 1024 or 2048 bit long. 7:25So that's what we're using today, 7:27and to give you an example, this stuff only works because there's a hard math problem that is difficult to solve. 7:33If those problems became easy to solve, then the crypto goes away. 7:37So think of it as a puzzle. 7:39If you want to get an answer to the question, you have to be able to solve the puzzle. 7:43What's the puzzle? 7:44Well, let's take an example of the asymmetric stuff. 7:47The RSA algorithm in particular, relies on the fact that prime factorization is a hard math problem. 7:54Now what do I mean by that? 7:55You remember that a prime number is a number that can only be divisible evenly by itself and one, so you can't divide it evenly by anything else. 8:04So let's start with a number like twenty one. 8:07And I ask you, tell me what are the two prime factors of twenty one? 8:12In other words, what two prime numbers will be multiplied together to equal 21. 8:17You say, well Jeff, it's not really very hard. 8:19It's seven and three. 8:20Seven can't be divided by anything else, but seven in itself, seven and one, so therefore it's a prime number, the same thing for three. 8:28So there, you've done a prime factorization of the number 21. 8:32Congratulations, that was an easy problem to solve. 8:35However, try to do the same with this number. 8:39Now, you're gonna need the rest of your natural life and many others in order to do it. 8:45In fact, if you want to know, it turns out it's these two numbers, just if you're interested. 8:51But that's a really hard math problem. 8:53Even our classical computers are not able to solve that very easily. 8:57So what are we going to do instead? 9:00Well, we've got to do something different in order to make this thing work. 9:04So what we do, in fact, what we found is with a quantum computer, that particular factorization problem actually isn't very hard to do. 9:13A quantum system can try lots of different possibilities and get to the answer much, much quicker than we normally would. 9:20So if we take, for instance, a key that's a symmetric key, let's say it's basically, maybe we start with 128 bits. 9:30Well, there's a thing called Grover's algorithm. 9:34And Grover will basically make this half as strong. 9:38It will essentially knock out half of the strength of that key. 9:44Well, that's with using a quantum computer of sufficient strength. 9:48Now, again, today's classical computers can't do that, but a quantum system will be able to. 9:52So what do we do to compensate for that? 9:55Well, actually, it's actually pretty easy. 9:56We just double the size of the key. 9:58We go and start using 256-bit keys, and now we've gotten back to the level of strength that we're used to. 10:04So problem sort of solved. 10:05We just have to go back and re-encrypt everything with stronger keys. 10:08However, this is a different situation when we move over here to the asymmetric. 10:13And these keys are longer. 10:15There's a thing called Shor's algorithm, and Shor's makes mincemeat of the whole thing. 10:22Shor's doesn't just make these kinds of things half as strong, it makes them really not strong at all. 10:29So in fact, we need something entirely different because Shor's breaks these asymmetric algorithms, and we depend on them for key distribution, 10:37and if you can't distribute keys, you can do any of this kind of stuff. 10:40So, what we need are new algorithms, 10:43and those new algorithms, in fact, exist. 10:46And they're based on what's known as lattice cryptography. 10:49So beyond the scope of this, but you can take a look and learn more about lattices and how they come to the rescue. 10:57The good news is that we have a solution now to this future problem. 11:01In fact, a lot of people have been working on this space for a decade already. 11:06In 2024, that work culminated in the U.S. National Institute of Standards and Technology, also known as NIST, 11:14coming out with four finalist algorithms, and these four are designed to be quantum safe cryptography, or also known, as post-quantum cryptography. 11:25And the experts believe that these will be resistant to cracking by future quantum computers. 11:30While IBM has been working hard to bring the benefits of quantum computing to the world, 11:35we're also working hard to mitigate the risks to crypto as three of those four finalist algorithms actually had IBM contributors working on them. 11:44And we hired a person who worked on the fourth. 11:47So we have people who understand this space 11:49and we've also contributed these algorithms to the open source community so that everyone can benefit from these and use these to make our system safe. 12:01But that's not the end of the story. 12:02In order for there to be a happy ending. 12:05You have to actually implement these new standards in your systems. 12:08That's not going to be easy since some organizations have literally thousands of applications that leverage cryptography that will need to be updated. 12:16In order to do this, you're gonna need people, process and technology all working together to transform to this post-quantum era. 12:26And because of the harvest now decrypt later situation I mentioned before, you need to actually start on this, well, yesterday. 12:35So remember that time machine that I mentioned? 12:37That's gonna come in handy because all you have to do is build one of those, go back in time, re-encrypt all your data with these new algorithms and you're set. 12:46Well, okay, until the time machine technology is perfected, here's what you actually can do now. 12:52The goal here is this thing we call crypto agility. 12:55In other words, I want to future proof my cryptographic implementations so that if we have to make changes again in the future, 13:02I don't have a brittle system that I have to go back and do all this pain again with that I could just snap something else in and continue going. 13:09And we're gonna need some tools in order to get there. 13:12Oh, and the great thing here that I need to underscore is that you don't need a quantum computer to use quantum cryptography. 13:19All the tools and algorithms that will make you quantum safe run on today's classical computers. 13:25So we'll take that technology and what we then need to do is apply these steps, 13:30discover, 13:31manage, 13:32and remediate. 13:33So let's start with the discovery part of this. 13:36And NIST gives us some guidance. 13:38They have said organizations should create a cryptographic inventory that offers visibility into how the organization leverages cryptography. 13:47That sounds like sound advice to me. 13:49So what that means is if I'm going to create that inventory I need a way to find it, 13:54and if you try to do it manually I guarantee you'll miss some. 13:58So what you want to do is have a system that has some automated scanning capability 14:04where it goes and looks across your source code, it looks across the network, 14:09and it looks for all implementations of cryptography in your environment. 14:13There was one major bank that when they did this type of exercise, they found that they had more than 4,000 applications with cryptography built into them. 14:24That's a lot. 14:26Stop and think for just a second. 14:27If they did a conversion, a migration, of every one of those. 14:32Let's say they could do one a day. 14:34That actually would be pretty aggressive. 14:35If they did one a today, how long is it gonna take them to get to full blown crypto agility and crypto safe, quantum safe? 14:44The number is more than 10 years. 14:46So this is why, again, the problem is a now problem that we have to start working on. 14:52We can't wait for the future on this, 14:54and then once you've done that, another thing you wanna take a look at is If I know where all of this stuff is, I wanna find out where the vulnerable crypto is. 15:03Probably it's most of it today, but I'm gonna create that list and catalog what kinds of algorithms are being used in each one of these cases, 15:11and then ultimately the goal is to create this thing, a CBOMB, a cryptographic bill of materials. 15:18That's where we're gonna have this whole list that we've now discovered, 15:21and now with that, we can move into the next step. 15:25The next step involves managing all of these. 15:28And with the management, I'm gonna start with policy. 15:31So I need to spell out as an organization, in other words, define what is our crypto policy. 15:38What levels of strength do we need? 15:39What kinds of things need to be encrypted? 15:41What kinds things need be done? 15:43That sort of thing. 15:44And I wanna be able to do some enforcement of whatever that policy is. 15:49Ultimately, this is a massive project. 15:52Again, if we're talking 4,000 implementations and yours might be smaller, but it's still gonna be a large project, I need to also figure out what are the priorities. 16:02I need prioritize each one of these, and then once I've picked out, because since I can't do all of them at once, 16:09pick the ones that are the most impactful, that have the most sensitive information in them, and then go after those. 16:15Then I need track the results of all of this. 16:19This is a massive multi-year project. 16:21I need to see where I am in fact on this journey because it is in fact going to be a journey. 16:27Then we start moving into the remediation phase. 16:30This is where we're gonna start moving from our classical crypto into the quantum safe crypto or the post-quantum crypto PQC. 16:42That's the stuff that we ultimately are trying to get to. 16:46Well, if I can't convert all of these things in an instant, I can just snap my fingers and make it happen. 16:51What could I do in order to get there? 16:53Well, one thing that would give some level of protection today would be to use a proxy, a crypto proxy that sits in and does some of this conversion for me. 17:06Now here's how it would work. 17:07Let's say we have a user who out here is on a browser and their browser, let's say it's already been updated to be crypto safe. 17:15It's using one of these new algorithms, 17:18but our backend legacy app over here as not. 17:22In fact, we might be afraid to even crack this thing open 17:25because we don't know how many lines of code are in there and they were written a million years ago and all that kind of thing, 17:30but we can't afford, this has got keys to the kingdom, we can afford just to have it vulnerable. 17:35So what I could do is stand up a proxy in the middle. 17:40This proxy would be communicating, it understands the quantum safe crypto algorithms. 17:46So it's doing quantum safe crypto between the browser and the proxy 17:51and then the proxy continues with the normal classical algorithms back to the back end application. 17:58So that way we at least encrypt if this is the part that's over the public network, we atleast have strengthened that part without having to make changes to the backend. 18:07And this part all maintains within our very private network where the risk is lower. 18:13So that's an important capability that allows us to move at least while we're in migration phase and be able to tolerate and work with these new algorithms. 18:22Another thing that we're going to want to do is test the performance. 18:26So these algorithms we believe are going to be highly performant, but it all depends on the individual implementation that you're using. 18:34And if you have a poor implementation, well you might end up in a mess. 18:38So what we need to be able to do is make sure we have something that works well. 18:43And you want to be a test and make sure that those things work. 18:47You can't go back in time to prevent past cases of harvesting of your encrypted data, but you can start now on the path to crypto agility. 18:55With the right people, process, and technology, you can mitigate the risk of harvest now decrypt later, at least until you build that time machine.