HARVEST-NOW, DECRYPT-LATER — adversaries are recording encrypted traffic today.
The quantum imperative
The Case for Acting Now
CRQC threat window 2030–2035. Data recorded today under classical encryption will be decryptable. NIST PQC standards are finalized. Migration window is closing.
Active Threat · Harvest-Now, Decrypt-Later
Adversaries are intercepting and archiving encrypted traffic today with the explicit intent to decrypt it once cryptographically-relevant quantum computers (CRQC) become operational. Any data with a confidentiality horizon beyond 2030 is at risk.
High-risk data classes
- Long-term data archives and backups
- AI training datasets and model weights
- Encrypted communications and stored messages
- Digital signatures on legal and financial instruments
- Encrypted databases containing PII or state secrets
- PKI certificates and HSM-held key material
CRQC forecast window: 2030–2035 (~4-9 years from today · UTC)
Latest PQC & crypto updates
No PQC/crypto updates matched yet. Try Refresh, or check back later.
NIST PQC Standards — Finalized August 2024
FIPS 203 · ML-KEM
Key encapsulation for TLS handshakes. AES-128/192/256-equivalent security levels.
FIPS 204 · ML-DSA
Digital signatures and authentication. Code signing, identity verification.
FIPS 205 · SLH-DSA
Hash-based signatures for long-term high-assurance applications.
FIPS 206 · FN-DSA
Compact lattice signatures. Bandwidth-constrained networks and IoT.
Regulatory & Compliance Mandates
Migration Phases
Immediate Protection
Implement PQC for new data. Begin CBOM crypto asset inventory. Train teams on NIST PQC standards.
Hybrid Deployment
Deploy hybrid classical + PQC. Migrate critical infrastructure. Update KMS and certificate authorities.
Full PQC Transition
Retire legacy protocols. All storage and communications quantum-resistant. Continuous CBOM audit.
Quantum Computing Threat Timeline
2026-2030
Cryptographically relevant quantum computers emerge. QNSP provides NIST-standardized post-quantum cryptography — ML-KEM (FIPS 203), ML-DSA (FIPS 204), SLH-DSA (FIPS 205), FN-DSA (FIPS 206 draft) — plus 90 PQC algorithms across 14 families and 18 production services.
2030-2035
Projected availability of quantum systems capable of breaking RSA-2048 and ECC used in current TLS, digital signatures, and key exchange protocols. Compliance deadlines accelerate as regulatory bodies mandate PQC adoption.
Last reviewed (UTC)
This timeline is periodically reviewed against public sources. Evidence-backed claims are exposed via live endpoints (e.g., /platform/v1/crypto/tls/evidence/public). Last reviewed: Jan 19, 2026 00:00 UTC.
Sources: NIST releases first 3 finalized post-quantum encryption standards (FIPS 203/204/205) · AWS Security Blog: ML-KEM post-quantum TLS now supported in AWS KMS, ACM, and Secrets Manager
Industry Signals
NIST post-quantum cryptography standards
NIST finalized FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA), encouraging organizations to begin transitioning.
Read reference →Confidential computing for secure AI pipelines
Trusted execution environments (TEEs) protect data, models, and computations across preprocessing, training, and inference with attestation-based verification.
Read reference →Live PQC-TLS Evidence — Verifiable Now
Public TLS terminates at the AWS ALB with PQ/hybrid TLS policy. /platform/v1/crypto/tls/evidence/public · /platform/v1/crypto/posture/public
Cloud Service Status (Public)
Environment: Production · Region: ap-southeast-1 (Singapore) · Last updated: Apr 16 21:41 UTC
- Private/VPC/sovereign and air-gapped deployments are not shown here.
- Statuses may appear Offline/Degraded due to network connectivity. Refresh to retry. For persistent issues, check your deployment’s /status endpoint or internal monitoring. If you’re using QNSP Cloud, visit https://qnsp.cuilabs.io/status.