What is SNDL?
Store Now, Decrypt Later (SNDL) – also called Harvest Now, Decrypt Later (HNDL) – describes adversaries collecting encrypted data today for decryption when quantum computers become capable enough. The RSA and ECC encryption that has protected data for nearly 50 years will become vulnerable when quantum computers arrive, and is already expired according to the latest national encryption standards.
The mechanism is straightforward: steal encrypted data now, store it, and decrypt it later when the technology catches up. Once data is exfiltrated, retroactive protection isn’t possible.
Why Post-Quantum Cryptography Matters: Data Risk Over Time
Data has a shelf life. Different sectors face different exposures based on data retention requirements and long-term value:
Financial Services: Regulatory requirements often mandate 7+ year data retention. Federal Reserve researchers note that distributed ledgers and blockchain networks are “particularly vulnerable because their entire transaction histories are public, permanent, and based on cryptographic methods that quantum computers are expected to defeat.” Banking details, transaction patterns, and proprietary trading algorithms retain value for decades.
Telecommunications: The GSMA Post-Quantum Telco Network Task Force warns that “bad actors harvest and store encrypted data for later decryption — any encrypted data stolen today could become vulnerable should a bad actor gain access to a cryptographically-relevant quantum computer in the future.” Network architecture, routing information, VPN encryption, and customer communication patterns have long-term strategic value. The telecommunications industry, connecting everything “from how we work and play, to emergency response and critical national infrastructure,” faces particular exposure.
Energy and Critical Infrastructure: Control system data, grid management protocols, and facility security information remain sensitive for decades. Industrial control systems and SCADA networks face exposure from encrypted data harvesting.
Manufacturing and R&D: Materials science, process engineering, and product development represent competitive advantages measured in patent lifecycles – typically 20 years. Trade secrets and proprietary manufacturing processes are prime targets for nation-state attacks.
Healthcare: HIPAA requires patient data retention for 6 years; OSHA mandates 30 years for certain records. Pharmaceutical intellectual property, drug development pipelines, and medical device R&D represent multi-year, multi-billion dollar investments that remain valuable well beyond compliance windows.
Research indicates that 35% of well-funded, state-sponsored attacks target corporate enterprises rather than other nations, with objectives including intellectual property theft, supply chain disruption, and infrastructure infiltration.
Federal Response: Quantum Computing Cybersecurity Preparedness Act and NIST Standards
The Quantum Computing Cybersecurity Preparedness Act (Public Law 117-260), enacted December 21, 2022, establishes specific requirements. The Act’s findings state:
“The rapid progress of quantum computing suggests the potential for adversaries of the United States to steal sensitive encrypted data today using classical computers, and wait until sufficiently powerful quantum systems are available to decrypt it.”
The law mandates:
- Within 180 days: Federal agencies must inventory all cryptographic systems vulnerable to quantum attacks
- Within 1 year: Agencies report all information technology vulnerable to quantum decryption
- Within 1 year of NIST standards: OMB issues guidance requiring agencies to develop migration plans with interim benchmarks
NIST – the National Institute of Standards and Technology—sets cryptographic standards for federal agencies and regulated industry. When NIST publishes standards, government must comply. Similarly, private industry typically follows because major customers and regulators require NIST-approved cryptography.
On August 13, 2024, NIST released three finalized post-quantum cryptography standards after an eight-year process involving cryptographers from 25 countries. These quantum-resistant algorithms are available for immediate implementation. Dustin Moody, head of NIST’s standardization project: “We encourage system administrators to start integrating them into their systems immediately, because full integration will take time.”
Specifically, major technology firms including Google, Apple, Signal, and Zoom have begun implementing these standards. In financial services, telecommunications, and healthcare, early adopters are already transitioning. Banco Sabadell’s pilot appears in SEC guidance as an example of proactive risk management.
What The Quantum Migration Looks Like
The fundamental question: What’s the value horizon of your sensitive data? If it remains valuable beyond 2030, you need quantum-safe protection starting now. Consequently, data encrypted after you implement protection is safe; data stolen before cannot be protected retroactively.
An iterative approach – discover and remediate together:
The old model was sequential: inventory everything, then plan, then remediate. That approach takes years and leaves high-value assets vulnerable while you’re still cataloging low-priority systems. On the other hand, the effective approach is iterative: identify your highest-value assets first, protect them, then expand.
First start with high-value assets. What data would cause the most damage if decrypted in 2030? Trade secrets with multi-decade competitive value. Classified information. Long-lived personal data under regulatory protection. Intellectual property that funds your next decade of R&D. Focus on the discovery of the systems protecting these assets, not comprehensive infrastructure audits.
Next remediate as you discover. Once you identify where quantum-vulnerable cryptography protects high-value data, you can implement protection without waiting to complete a full inventory. This requires cryptographic agility, the ability to update cryptographic algorithms without replacing infrastructure or rewriting applications.
What cryptographic agility means: Think of it as being able to change the locks on your doors without rebuilding the doors themselves. Traditional encryption is hardcoded into systems – changing algorithms means rewriting code, replacing hardware, or disrupting operations. Crypto agility, in contrast, means implementing protection at the network layer where you can swap algorithms, adjust key lengths, or rotate encryption methods without touching applications. As a result, when NIST releases updated standards or a vulnerability emerges, you can respond in days rather than years.
Lastly report and expand. As you protect high-value assets, maintain visibility into what’s protected, what remains vulnerable, and where gaps exist. In turn, this continuous reporting supports both operational security and regulatory compliance while informing the next phase of expansion to lower-priority systems.
What this doesn’t require:
- Waiting for quantum computers to arrive before acting
- Replacing existing infrastructure
- Application-level remediation across your entire environment
- Comprehensive inventory before any protection begins
- Pausing operations during implementation
Ultimately, organizations moving now establish protection for high-value data first, then expand iteratively. Those waiting expose their most valuable assets to harvest now, decrypt later attacks throughout the entire assessment period. Expert analysis suggests harvested data could be decrypted by 2030.
The Federal Reserve’s analysis states it directly: “The implications of HNDL are immediate, as bad actors are already gathering encrypted data.”
