Harvest Now, Decrypt Later – Threat for Windows Devices

The concept of “Harvest Now, Decrypt Later” (HNDL), also known as retrospective decryption, poses a unique and long-term threat to stolen hardware, including Windows devices.

While full-disk encryption (like BitLocker) protects your data today, HNDL is a strategy where advanced attackers steal encrypted devices now, banking on the fact that future technology will eventually break today’s encryption.

Here is why this is a significant problem for stolen Windows devices:

Most Windows devices use RSA or Elliptic Curve Cryptography (ECC) to protect the encryption keys. While these are currently “unbreakable” by classical computers, a sufficiently powerful Quantum Computer could use Shor’s Algorithm to crack them in minutes.

• The Problem: If a laptop is stolen today, the attacker can image the entire drive. Even if they can’t get in now, they simply store that image. In 3, 5, or 10 years, when quantum computing matures, your “top secret” 2026 files become an open book.

Read more on Post-Quantum Cryptography:
1. Post-Quantum key exchange with ML-KEM Link 🔗
2. How to use ML-KEM encryption in Linux with OpenSSL Link 🔗

The danger of HNDL depends on the “shelf-life” of your data.

• Low Risk: A tactical password that you periodically change every 90 days. By the time it’s decrypted in 5 years, it’s useless.
• High Risk: Intellectual property, trade secrets, formulas or recipes, source code and algorithms, R&D data, manufacturing processes, confidential customer contracts, long-term business strategies, blueprints, or even private health records of VIPs. All this information needs to remain confidential for decades.

Windows devices primarily rely on transparent BitLocker. While BitLocker is robust, the “Harvest Now” part is made easier by specific physical attacks:

• Bus Sniffing: Attackers can sometimes intercept the encryption key as it travels from the TPM (Trusted Platform Module) chip to the CPU.
• Secure Boot Attacks: Bypassing the secure boot protection can lead to the BitLocker Volume Master Key (VMK), offering full access to all encrypted data on the device.
• Memory Dumps: If the device was stolen while in “Sleep” mode rather than “Hibernation” or “Shut Down,” the encryption keys might still be in the RAM, ready to be “harvested” via a Cold Boot attack.

Historically, new BitLocker bypasses are discovered every view month. For attackers, it’s a simple waiting game: they wait for the next documented exploit, then walk right through your encryption. “Set and forget” isn’t security – it’s an invitation. Enhancing your devices today with strong pre-boot protection is the only way to stay secure tomorrow.

• Most Windows devices currently in the field are not yet using PQC.
• Because the hardware is already in the hands of the thief, you cannot “patch” or “update” the encryption on a stolen device. The version of encryption it had at the moment of the theft is the version the attacker will eventually crack.
• To mitigate HNDL risks on Windows today:
  • ensure you are using AES-256 (instead of 128) and
  • consider using a pre-boot PIN. This adds a layer of complexity that makes simple automated “harvesting” much more difficult for a thief.