Are you concerned about 'harvest now, decrypt later' attacks?

Question

The term refers to the sort of obvious, especially in hindsight, idea that public or leaked encrypted data that today is impractical to crack can be 'harvested', and decrypted whenever the harvester has quantum capabilities; even if the original data source is updated to use a quantum cryptography/a quantum-resistant algorithm in the meantime.(Or I suppose it applies equally well to any contemporarily sufficient encryption, (I'm sure there's been post-war decryption of ciphertexts collected but not cracked during, for example) it needn't be about quantum specifically, but that's where we are and what the term seems to have been coined for.)

gostsamo · Accepted Answer

We are talking really long term storage for data that might be valuable even after a decade or more. Also, the capture of such data is not so easy. Such considerations are applicable only if your thread model includes a nation state or a corporation with similar capabilities and long-term incentives.