Skip to main content
Exhibit 10 of 23
Hall 3 · Exhibit 3 1 min

Store Now, Decrypt Later

Why we must act now, not when quantum arrives

AttackHarvest now, decrypt later (HNDL / SNDL)
Mosca's testX + Y > Z → already failed
X / Y / ZData lifetime · migration time · time to CRQC
StatusEU: 'likely occurring already now'
Try it yourself
Mosca's Inequality
Slide X, Y, Z and watch the verdict change in real time.

Intelligence agencies and state-sponsored hackers are actively intercepting and storing encrypted communications today — military blueprints, diplomatic cables, corporate secrets. The data is currently unreadable, but when a is built, they will decrypt everything retroactively. This is Store Now, Decrypt Later (SNDL).

Mosca's Inequality

If X + Y > Z, you have already failed for that data class — where X is how long data must stay confidential, Y is migration timeline, and Z is time until a . For data needing 25+ years of secrecy, the math is already dire.

Three Colliding Timelines

Data shelf-life

Medical and military secrets need 25–50 years of confidentiality — a in 15 years exposes what you encrypt today.

Embedded systems

Satellites, grids, and vehicles have / burned into silicon for 20-year lifespans — not easily patched.

The migration marathon

The last crypto upgrade took nearly two decades. Waiting for Q-Day means arriving decades late.

The EU's NIS Coop Group has recognized that HNDL attacks are 'likely occurring already now.' This is not a future threat — it is a present-day reality.

Try Mosca's slider with a medical-record preset
Slide X (30y), Y (5y), Z (15y) and read the verdict in real time.

Explore more in the atlas

Key Takeaways

  • Adversaries are actively intercepting and storing encrypted data today for future quantum decryption
  • Mosca's Inequality: if data lifetime + migration time > time to CRQC, you've already failed
  • Three colliding timelines make delay catastrophic: data shelf-life, embedded systems, migration duration

Primary sources