2025-08-05 –, Firenze
As quantum computing advances, traditional cryptographic systems are increasingly vulnerable. Post-quantum cryptography provides a crucial solution to protect sensitive data across industries such as finance, healthcare, and government. This session will examine the impact of quantum computing on encryption, with a focus on "Harvest Now, Decrypt Later" attacks, where attackers exfiltrate encrypted data now with plans to decrypt it later using quantum technology.
The discussion will also highlight how artificial intelligence can enhance anomaly detection, enabling early identification of quantum-powered attacks. We will compare various artificial intelligence models, such as Isolation Forest and Autoencoders, to assess their effectiveness in detecting emerging threats. Furthermore, we’ll explore quantum-resistant encryption methods and cutting-edge technologies, including quantum key distribution, secure multiparty computation, and fully homomorphic encryption.
This session will demonstrate how artificial intelligence and post-quantum cryptographic techniques can fortify cybersecurity against future quantum threats. Attendees will leave with actionable insights on how to prepare for a quantum-secure future.
Over the past two months, I have focused on researching how Artificial Intelligence (AI) can address the challenges posed by advances in quantum cryptography. As quantum computing evolves, encryption methods and identity tokens face increasing risks, with adversaries potentially breaking encryption much faster. AI provides an efficient solution by enabling quicker detection of attacks and allowing cryptographic systems to adapt in real-time. My research has explored several AI techniques for detecting quantum-related attacks, including Isolation Forest, K-Nearest Neighbors from Scikit-learn, H2O's Isolation Forest and Deep Learning models, as well as PyOD and Autoencoder-based Anomaly Detection from TensorFlow. These methods have been evaluated for their effectiveness in identifying data exfiltration and credential theft, which are often early indicators of a "Harvest Now, Decrypt Later" attack.
A "Harvest Now, Decrypt Later" attack involves attackers silently exfiltrating encrypted data now with the intent to decrypt it later when quantum computers can break current cryptographic systems. This attack is characterized by subtle, persistent data exfiltration, often during off-peak hours, and the targeting of highly sensitive data, such as passwords or private keys, without immediate decryption. The absence of immediate fraudulent activity or ransom demands, coupled with the use of weak cryptographic algorithms (e.g., RSA, ECC), can indicate a "Harvest Now, Decrypt Later" attack. To defend against such threats, it is critical to monitor unusual access patterns, transition to quantum-resistant cryptographic systems, and implement advanced strategies like Quantum Key Distribution, Secure Multiparty Computation, and Fully Homomorphic Encryption.
In my session, I will delve into methods for enhancing protection against post-quantum attacks, discussing the implementation of quantum-resistant encryption mechanisms such as Machine Learning-based Key Encapsulation, Machine Learning-based Digital Signature Algorithm, and Symmetric-Lattice-based Hybrid Digital Signature Algorithm. These technologies offer robust solutions to safeguard data from emerging quantum cryptographic risks.
Tools:
https://scikit-learn.org/stable/modules/neighbors.html
https://docs.h2o.ai/h2o/latest-stable/h2o-docs/data-science/if.html
References
https://github.com/QNLab-USTC/Key-Management-and-Service-Framework-for-QKD-Networks
https://github.com/h2oai/h2o-tutorials/blob/master/tutorials/isolation-forest/isolation-forest.ipynb
Papers:
https://cds.cern.ch/record/2723971/files/2005.01598.pdf
https://medium.com/@weidagang/demystifying-anomaly-detection-with-autoencoder-neural-networks-1e235840d879
https://postquantum.com/post-quantum/pqc-quantum-ai-qai/
https://postquantum.com/quantum-ai/quantum-ai-qai/
Anushka is a Security Program Manager at Microsoft, specializing in strengthening encryption for Kerberos and Azure Kubernetes Service. Though early in her career with just 9 months at Microsoft, she has already made notable contributions, including publishing an article on enhancing Kerberos security: https://techcommunity.microsoft.com/blog/windowsservernewsandbestpractices/removal-of-des-in-kerberos-for-windows-server-and-client/4386903
Before joining Microsoft, Anushka gained valuable experience through internships at BlackBerry, Microsoft, Trans Mountain, and Iron Spear, a Canadian cybersecurity advisory firm. During these roles, she focused on developing cybersecurity controls and policies, conducting security and threat risk assessments, and testing data loss prevention solutions. Anushka's diverse background has equipped her with a strong foundation in cybersecurity, and she continues to drive innovation in her current role.