The Quantum Threat Hiding in Plain Sight
Ongoing efforts to develop quantum computing will likely cause significant concern for the United States and our allies. Today, it is understood that our adversaries are actively collecting, or “scraping,” as much of our encrypted data as they can in hopes that the potential availability of quantum computers will enable them to read all gathered encrypted data later. This strategy is often called “harvest now, decrypt later” (HNDL). Although decrypting the collected data isn't possible now, it could pose serious national security risks in the future.
While practical quantum computers that can break the current cryptographic public-key algorithms like RSA (Rivest-Shamir-Adleman) and ECC (Elliptic Curve Cryptography) may still be years away, the timeline is deceptive. Aerospace and defense systems are designed for long lifecycles that span decades, making encrypted data worth hanging onto because of the possibility of decrypting it later.
Why “Harvest Now, Decrypt Later” Is an Immediate Threat
As technology advances at a breakneck pace, the cybersecurity community has long known that encryption is a race against time. Public-key algorithms like RSA and ECC, which are currently relied on to safeguard classified data, are particularly vulnerable to cryptanalytically relevant quantum computers (CRQC). These CRQCs can break public-key encryption schemes exponentially faster than any classical computer.
But here’s the problem: adversaries don’t need functioning quantum computers today to act maliciously. They are now scraping and stockpiling long-lived encrypted data like weapon system configurations, mission data, and ISR (Intelligence, Surveillance, Reconnaissance) data, ensuring that once quantum decryption becomes operational, they have a trove of high-value information ready for exploitation. This proactive data collection could lead to substantial national security challenges later.
The Aerospace & Defense Storage Dilemma
Defense platforms, from unmanned aerial vehicles (UAVs) and naval vessels to ground station systems, generate and store enormous volumes of sensitive data. With the ever-present reality of vehicle capture or loss, NAS systems integrated on these deployed air, sea, and land platforms are especially vulnerable to data compromise. NAS systems integrated into defense applications serve as centralized repositories for:
- Classified weapon system configurations
- Mission maps and operational plans
- Surveillance footage and intelligence reports
- Sensor data
- Secure communication logs
Unlike transient data-in-motion, data-at-rest (DAR) on these storage platforms can remain static and valuable for years, making it a prime target for HNDL attacks. Hostile groups view downed or captured vehicles as an opportunity to collect and exploit any information available. Consider the scenario of a downed UAV in hostile territory; even if its data is encrypted today, adversaries will extract and archive it, hoping that future quantum advancements will eventually hand them the decryption keys.
Why Engineers Must Design for a Quantum-Ready Future
The implications are profound for aerospace and defense engineers designing next-generation storage systems. The key design questions are no longer limited to today's performance, capacity, and encryption standards. Engineers must consider:
The concept of “crypto agility,” the ability to switch encryption algorithms without overhauling entire systems, must become a foundational design principle. Once quantum threats materialize, systems lacking this flexibility will not only be more costly and complex to retrofit but also vulnerable to data compromise.
Post-Quantum Cryptography (PQC): The Path Forward
Recognizing the looming threat, organizations like the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) are fast-tracking the standardization of post-quantum cryptographic algorithms.
NIST has selected several algorithms and released corresponding standards for post-quantum cryptography in recent years.
Post-Quantum Encryption Algorithms
- For general encryption:
- ML-KEM (Module-Lattice-Based Key-Encapsulation Mechanism), formerly known as CRYSTALS-Kyber
- HQC (Hamming Quasi-Cyclic), a backup algorithm for ML-KEM, with a draft standard expected by early 2026 and final standard in 2027
- For digital signatures:
- ML-DSA (Module-Lattice-Based Digital Signature Algorithm), formerly known as CRYSTALS-Dilithium
- SLH-DSA (Stateless Hash-Based Digital Signature Algorithm), formerly known as SPHINCS+
- FN-DSA (FFT over NTRU-Lattice-Based Digital Signature Algorithm), formerly known as FALCON, with a draft standard expected by late 2024
NIST’s PQC initiative has released the first three finalized post-quantum encryption standards. These standards are the NIST guidelines for implementing PQC algorithms.
Post-Quantum Encryption Standards:
- FIPS 203: based on ML-KEM algorithm
- FIPS 204: based on ML-DSA algorithm
- FIPS 205: based on SLH-DSA algorithm
NIST is continuing work on standardizing FN-DSA (FALCON) and HQC, which will be released as additional standards in the future.
These algorithms are designed to withstand attacks from both classical and quantum computers. However, their adoption requires thoughtful integration into storage solutions, ensuring compatibility with mission systems, compliance with NSA’s Commercial National Security Algorithm (CNSA) Suite 2.0, and readiness for evolving cyber policies.
Strategic Leadership Must Drive Cryptographic Evolution
Beyond the engineering trenches, aerospace and defense leadership must recognize quantum resilience as an essential aspect of data security. Leaders must move beyond traditional cybersecurity approaches and proactively prepare for migration to PQC to protect critical data and systems.
Key leadership actions include:
- Creating a Cryptographic Inventory: Identify and catalog the quantum-vulnerable technology.
- Developing Quantum-Readiness Roadmaps: Ensure every platform has a clear plan for migrating to PQC that is aligned with NIST and NSA guidelines.
- Investing in Crypto-Agility: Prioritize procurement of systems with modular cryptography and upgradable firmware/hardware components.
- Building Cross-Functional Readiness Teams: Coordinate engineering, cybersecurity, vendors, and policy teams to align on quantum-readiness objectives.
- Evaluating Legacy Systems: Assess existing systems to determine if they can be upgraded for quantum resistance.
The Quantum Readiness Timeline: How Long Do We Have?
While expert estimates vary, many projections suggest that quantum computers capable of breaking RSA-2048 could emerge within 10-15 years. This is why agencies like the NSA and NIST are urging immediate transition planning using quantum-resistant algorithms. Hostile state-level actors and well-funded adversary groups are already intercepting and storing encrypted data, knowing that the ability to decrypt it will eventually catch up.
Delaying PQC migration until CRQCs are a clear and present reality is a critical mistake. Once encryption is broken, the damage is permanent and irreversible. The transition process itself is complex and time-intensive. Proactive investment today ensures mission-critical platforms are protected tomorrow.
HNDL Strategies Deployed Worldwide
Curtiss-Wright: Enabling Quantum-Resilient Storage Solutions
At Curtiss-Wright, we understand the stakes. Our secure NAS solutions are engineered with crypto-agility and post-quantum readiness in mind. We closely follow the NSA and NIST frameworks to ensure our storage solutions align with evolving cryptographic standards. Our quantum-safe solutions enable aerospace and defense programs to protect long-lived data-at-rest with PQC-ready architectures.
Quantum resilience isn’t a distant milestone; it’s a mission imperative today. Download the white paper to learn more about securing data with quantum-resistant algorithms.
- What is “Harvest Now, Decrypt Later” (HNDL)?
HNDL refers to adversaries collecting encrypted data now with the intent to decrypt it in the future once quantum computing capabilities mature. - Why is HNDL a critical threat to aerospace and defense systems?
Aerospace and defense platforms store long-lived sensitive data on NAS devices, making them high-value targets for future quantum decryption efforts. - When will quantum computers be capable of breaking RSA and ECC encryption?
Estimates suggest 10-15 years, but adversaries are harvesting encrypted data now, making proactive PQC adoption essential. - What are NSA and NIST doing about quantum threats?
NSA has released CNSA Suite 2.0 guidance, and NIST is finalizing PQC standards to replace vulnerable algorithms with quantum-resistant alternatives. - How can engineers prepare storage platforms for post-quantum cryptography?
Engineers should design systems with algorithm agility, robust key management, and hardware modularity to accommodate PQC transitions.