The systematic practice of identifying, prioritizing, and mitigating the risk of adversaries collecting encrypted data today to decrypt it in the future using quantum computers, while designing systems for rapid, low-disruption cryptographic algorithm replacement.
This skill is critical for protecting an organization's long-term data confidentiality against cryptographically relevant quantum computers (CRQCs), directly safeguarding intellectual property, financial records, and sensitive user data. It transforms cryptographic infrastructure from a static liability into a resilient, future-proof asset, ensuring business continuity and regulatory compliance.
1Careers
1Categories
9.2 Avg Demand
15%
Avg AI Risk
How to Learn Quantum threat modeling: Harvest-Now-Decrypt-Later (HNDL) risk assessment, cryptographic agility planning
Focus on foundational concepts: 1) Understand the difference between symmetric (AES) and asymmetric (RSA, ECC) cryptography, and why Shor's algorithm threatens the latter. 2) Learn the HNDL attack vector: why data intercepted today (e.g., TLS sessions, encrypted archives) is at risk. 3) Grasp the core principle of cryptographic agility: designing systems to swap cryptographic primitives without major architectural changes.
Move from theory to practice by: 1) Conducting a sample data inventory and classification exercise to identify high-value, long-lived data assets. 2) Analyzing a system architecture diagram to identify cryptographic dependencies (e.g., TLS termination points, certificate authorities, encrypted storage). 3) Evaluating the practical trade-offs of post-quantum cryptography (PQC) candidates (e.g., lattice-based vs. hash-based) using NIST's PQC standardization process as a reference.
Master the skill at an architectural and strategic level by: 1) Developing a multi-year cryptographic migration roadmap that aligns with business risk appetite and vendor roadmaps. 2) Designing a cryptographic agility framework incorporating crypto-agile key management and algorithm negotiation protocols. 3) Mentoring engineering teams on implementing hybrid cryptographic schemes (classical + PQC) for a phased transition.
Practice Projects
Beginner
Project
HNDL Data Exposure Audit
Scenario
A mid-sized financial services company has identified core systems (internal communication, document archival) using RSA-2048 encryption. The board has requested a preliminary risk assessment for quantum threats.
How to Execute
1. Create a data inventory list, tagging each asset with estimated data lifespan (e.g., 'regulatory archive: 7+ years'). 2. Map each high-lifespan asset to its current cryptographic protector (algorithm, key size, implementation library). 3. Use a simple risk matrix (likelihood x impact) to categorize each asset's HNDL risk as High/Medium/Low. 4. Draft a one-page summary report highlighting the top 3 HNDL risks for the board.
A cloud SaaS provider's architecture uses TLS 1.2 with RSA for all API endpoints, and AWS KMS for database encryption. A directive requires planning for a transition to NIST-approved PQC standards within 3 years.
How to Execute
1. Diagram the data flow and pinpoint all cryptographic touchpoints (load balancers, service meshes, API gateways, KMS key policies). 2. Categorize dependencies by control level: direct (code we own) vs. indirect (managed services like AWS KMS). 3. Research vendor roadmaps for PQC support (e.g., AWS KMS, Cloudflare). 4. Draft a phased migration plan: Phase 1 (Agility Layer: abstract crypto calls in code), Phase 2 (Hybrid: deploy PQC alongside RSA for critical paths), Phase 3 (Full Migration).
A multinational corporation with legacy mainframe systems, modern microservices, and IoT devices needs to establish a unified, enforceable policy for quantum resilience that accommodates heterogeneous environments.
How to Execute
1. Define and publish a corporate Cryptographic Standard Policy specifying approved algorithms (e.g., AES-256, CRYSTALS-Kyber), agility requirements (crypto-agile APIs, key rotation), and deprecation timelines. 2. Architect a centralized cryptographic service bus (or designate a team) to provide standardized, crypto-agile key management and algorithm negotiation. 3. Implement a pilot hybrid deployment (e.g., TLS 1.3 with X25519 + Kyber-768) on a high-value internal system, measuring performance overhead. 4. Develop a comprehensive risk acceptance and exception process for systems that cannot be easily migrated.
Tools & Frameworks
Standards & Frameworks
NIST Post-Quantum Cryptography Standardization ProcessNSA Commercial National Security Algorithm Suite 2.0CNSA 2.0 Implementation Guide
The definitive source for approved quantum-resistant algorithms (e.g., CRYSTALS-Kyber, CRYSTALS-Dilithium) and migration timelines. Use these as the authoritative reference for policy and implementation.
Software & Platforms
Open Quantum Safe (OQS) ProjectliboqsCloudflare's CIRCL
Libraries and projects providing prototype implementations of PQC algorithms. Essential for engineers building proofs-of-concept, testing interoperability, and evaluating performance impact in development environments.
Mental Models & Methodologies
Cryptographic Inventory (Bill of Materials)Risk-Based Prioritization MatrixHybrid Cryptography Architecture Pattern
The 'Crypto BOM' is a systematic catalog of all cryptographic assets in use. The risk matrix prioritizes migration based on data lifespan and criticality. The hybrid pattern is the key architectural model for a safe, phased transition, running classical and PQC algorithms in parallel.
Interview Questions
Answer Strategy
The strategy should separate the assessment of the symmetric key (AES-256) from the key management system protecting it. A strong answer focuses on the vulnerability of the key exchange/wrapping mechanism, not the data encryption algorithm itself. Sample Answer: 'First, I'd clarify that AES-256 itself is not the primary HNDL risk; its key size is sufficient. The critical vulnerability is the asymmetric algorithm used to protect that AES key in transit or in the key management system (e.g., RSA-2048 wrapping the key). My assessment would map the lifecycle of the database encryption key: how it's generated, stored, and accessed. I'd then evaluate the HNDL risk of that specific key management pathway, as compromising it exposes all data it protects, regardless of the data-at-rest algorithm.'
Answer Strategy
This tests practical implementation wisdom beyond theoretical knowledge. The candidate should address interoperability, performance, and standardization risks. Sample Answer: 'I would caution against a direct replacement and advocate for a hybrid approach. Key risks include: 1) Interoperability: Kyber is not yet universally supported by clients, libraries, and hardware. A direct swap would break many integrations. 2) Standardization & Longevity: While NIST has selected it, final standards are pending; premature adoption risks future non-compliance. 3) Performance: Kyber has different computational and bandwidth profiles. Architecturally, I would recommend deploying hybrid key encapsulation-using Kyber alongside RSA-2048 in parallel. This maintains backward compatibility, allows real-world performance testing, and provides a cryptographic safety net during the transition period.'