HNDL Attacks – SafeCipher

Harvest Now, Decrypt Later (HNDL) Attacks

(Compiled and researched by Steve Monti SafeCipher.com)

There is a real and growing risk to your Internal Network from Harvest Now, Decrypt Later (HNDL) Attacks

Harvest Now, Decrypt Later (HNDL) attacks must be part of your business continuity and security plan for your internal network. Building an effective quantum-readiness strategy, including a roadmap that addresses all potential threats, is essential.

If an adversary can infiltrate an internal network and harvest encrypted data, the lack of TLS 1.3 and thereby – Perfect Forward Secrecy (PFS), could make historical data vulnerable to future decryption with quantum computers.

This is a significant threat for data that must remain secure for many years into the future. Even if current encrypted communications are secure now, the advent of quantum computers would allow retroactive decryption of these communications.

The threat to internal corporate TLS (Transport Layer Security) communications can be different compared to external or internet-facing communications. This difference can stem from several factors, including the adoption rate of TLS 1.3 and the overall security posture of the internal network. This problem is not just confined to TLS tunnels within the enterprise, it also extends to IPSec, SSH and other proprietary encryption channels.

Special consideration should be given to hardened bespoke TLS tunnels that exist between cryptographic appliances and their clients. This is especially important with HSM and Key management appliances that use custom ciphers in their TLS tunnels.

IPSec Key Exchange & SSH Protocols

For key exchange, IPsec commonly uses IKE (Internet Key Exchange), which in its second version (IKEv2) often relies on similar cryptographic algorithms as TLS, such as RSA or Diffie-Hellman. These algorithms are vulnerable to quantum computing attacks. However, IPsec has its own set of characteristics and deployment scenarios, so the application of these considerations will have some differences.

SSH (Secure Shell) communications are potentially vulnerable to the “Harvest Now, Decrypt Later” (HNDL) strategy, particularly with regards to the threat posed by future quantum computing advancements.SSH typically uses a combination of public-key cryptography for authentication and symmetric encryption for securing the session data.

The public-key part is where the quantum threat is most significant. Common public-key algorithms used in SSH include RSA and ECDSA (Elliptic Curve Digital Signature Algorithm), both of which are vulnerable to quantum attacks. SSH also uses key exchange algorithms, like Diffie-Hellman (DH) or ECDH (Elliptic Curve Diffie-Hellman) to establish a shared secret for the session. These are also potentially vulnerable to quantum attacks.

To Summarize:

If an organization’s internal systems are not updated to use TLS 1.3, they might be more susceptible to certain types of cryptographic attacks, including potential future quantum threats. TLS 1.3 offers significant security improvements, including mandatory Perfect Forward Secrecy (PFS), which older versions do not always provide.

Internal systems might lag in adopting the latest security protocols, due to compatibility issues with legacy systems, operational challenges, or lack of awareness. Internal communications might not be perceived as being at high risk, leading to less stringent security measures compared to external communications. TLS configurations within an internal network might not be as rigorously managed or updated as those exposed to the internet, where there is a higher perceived risk of attack.