What does “steal now decrypt later” mean for cybersecurity?



This is part two of a three-part series on quantum security – how it works, the implications for society and business, and what it will mean for leaders of organizations that process sensitive data and rely on keeping that data secure.

Part one looked at the basics of quantum computing and cryptography. Part two focuses on understanding and preventing of so-called “steal now, decrypt later” strategies.

It’s tempting to regard quantum computing as some abstract technical challenge looming beyond the horizon. But quantum threats to data security and your business are here now, thanks in part to a hacking strategy known as “steal-now, decrypt-later” (SNDL). That demands urgent action from technology leaders, well before the quantum revolution itself arrives.

A quick quantum refresher

If you’re new to quantum computing or cryptography, you can read the brief explainers in part one of this series, or ingest this (even shorter) executive summary: quantum computers represent numeric values as the state of subatomic particles (called qubits), leveraging their weird properties – quantum superposition, for instance, a phenomenon that lets qubits represent millions of values at once. That in turn lends itself to solving certain mathematical problems in minutes that might take classical computers hundreds of years or more. 

Those capabilities will likely lead to unimaginable breakthroughs in physics, biotech, chemistry and other industries. 

But they also pose a threat to the petabytes of public and private data that are protected by cryptographic schemes based on mathematical algorithms. While these schemes make data impenetrable to hacking from today’s “classical” computers, they will be trivial to unravel for quantum computers, rendering sensitive personal, corporate and government data readable by nearly anyone.

What is “steal now, decrypt later”?

Here in the calm before the quantum storm, the reality is that both the good guys and bad guys are positioning themselves now, for success when quantum finally makes its debut.

One current hacking strategy owes a debt to more than one heist movie: the bad guys don’t just steal the jewels, they steal the safe with the jewels still in it. They can crack the safe later – almost always in an abandoned warehouse down by the docks, for some reason. 

Cliches aside, the cybersecurity version of this ‘take the safe’ strategy is known as “steal now, decrypt later”, SNDL, where hackers download encrypted data knowing they can’t read it now, but anticipating it will become readable and therefore valuable when quantum computing algorithms eventually allow decryption. 

Tempting targets for SDNL include the usual suspects, like data in transit, archived data and  email messaging, but also infrastructure, like the commands routinely sent between the cloud and the ever more numerous IoT systems proliferating on the edge.

In simple terms, quantum computing is expected to be particularly adept at breaking encryption that relies on deterministic, mathematical algorithms, rather than random or anonymized numbers to generate “keys”. The prime numbers that underlie public key encryption (PKE) are an example, so efforts to secure data must start with the most widely-used asymmetric encryption standards like RSA 2048 and ECC 512. 

Those schemes have an encryption “strength” of 128 and 256 bits respectively.  But Quantum computing will break them easily, reducing their effective strength to 0.

Pre-quantum security strategies

So what can data-driven businesses do about SDNL today? There’s every reason to be simultaneously excited and apprehensive about the looming emergence of quantum computing. And even though the bulk of today’s quantum sector literature seems to encourage the latter disposition, not every expert sees the forecast as so dark. 

Quantum physicist Christian Bauer of Lawrence Berkeley National Lab thinks we’ll stay ahead of the threat.

“It takes longer for a quantum computer to get to the point where it breaks encryption than it takes to develop a new encryption mechanism,” he said in a recent livestream.

Of course, his prediction presupposes that the good guys are tackling the most vulnerable points of encryption now. Existing PKE and other vulnerable encryptions will have to be replaced or overlaid with quantum-proof schemes. One promising approach is to layer new security on top of existing protection, negating the need to replace existing systems, which could be a disruptive and tedious affair. 

An important shift in thinking also emphasizes getting away from mathematically generated keys and emphasizing those that are truly random. Quantum-proof VPNs that encrypt communication by using perfectly random numbers (truly random as opposed to pseudo-random or mathematically derived) can blanket existing connectivity, providing a quantum-proof “wrapper” without requiring change in the underlying encryption schemes.

The bottom line is this: to avert a quantum fire drill on day zero, you must secure your data today. 

What’s it all mean?

As the volume of attacks continues to rise, some 35% of well-funded, highly sophisticated, state-sponsored attacks are directed not at other nations, but at the corporate enterprise, with intent to steal IP, disrupt supply chains, or infect infrastructure.

Bad actors are everywhere, and come in many forms – countries, NGOs, rival firms, individual criminals, and activists. Use of SNDL is widespread among all these groups. The business implications of any breach are by now well understood – they always entail a direct impact on the bottom line, reputational damage, regulatory fines and other sanctions. 

Interestingly, the “steal now” concept means as you’re reading this, your organization’s data itself exists in a kind of superposition between completely secure ciphertext and wide open plaintext. Which of those states will your valuable data ultimately resolve to? That depends little on what you do when quantum revolution arrives, and almost entirely on actions you take now. 

The new generation of quantum-proof cryptography will lean heavily on theoretically unhackable  random numbers. As we’ll see next, in the third and final part of this series, some random numbers are more random than others.