Western Digital's Quantum-Safe Drives Guard AI Data From Future Threats

SAN JOSE, CA – May 18, 2026 – In a significant move to secure the future of data, Western Digital today announced the industry's first hard drives integrated with post-quantum cryptography (PQC). The new high-capacity Ultrastar® UltraSMR drives are designed to protect the foundational integrity of storage hardware against the looming threat of quantum computers, marking a critical transition from theoretical security planning to deployed, hardware-level defense.

As artificial intelligence generates and relies on massive datasets that will be stored for decades, this innovation addresses a growing concern among cybersecurity experts: data that is securely encrypted today may be vulnerable to decryption by quantum computers in the near future. With the new drives already in qualification with major hyperscale clients, the announcement signals a proactive industry shift to build a more resilient and trustworthy data infrastructure for the AI era.

The Silent Threat: Harvest Now, Decrypt Later

The urgency behind Western Digital's move is rooted in a specific and insidious threat known as 'harvest now, decrypt later' (HNDL). This strategy involves adversaries intercepting and storing vast quantities of encrypted data today with the full intention of decrypting it years from now, once a sufficiently powerful quantum computer becomes available. Because the data harvesting can happen silently, organizations may not be aware their most sensitive information—from intellectual property and financial records to national security secrets—is at risk until it's too late.

While most experts predict a cryptographically relevant quantum computer (CRQC) won't emerge until the 2030s, the HNDL threat is immediate. Any data with a long-term confidentiality requirement is already vulnerable. If information encrypted today needs to remain secure past 2035, it must be protected by quantum-resistant algorithms. This is particularly critical for the massive, long-lived data lakes that fuel AI models, which represent immense long-term value and a prime target for future decryption.

This silent exfiltration and future decryption risk transforms quantum computing from a distant academic problem into a present-day data security imperative. The long lifecycle of enterprise IT infrastructure, which often remains in service for five or more years, further amplifies the risk, as hardware deployed today will likely still be operational when the first CRQCs come online.

A New Foundation of Device Trust

Crucially, Western Digital's implementation of PQC is not about encrypting the data-at-rest that a user stores on the drive. Instead, it focuses on a more fundamental layer of security: the integrity and authenticity of the drive itself. The solution hardens the device's 'root of trust,' which is the foundation upon which all other security operations depend.

This approach is designed to thwart sophisticated attacks against the hardware's firmware. A future adversary with a quantum computer could potentially break the classical digital signatures—like RSA—that are currently used to verify the authenticity of firmware updates. By forging a signature, an attacker could load malicious code onto the drive, compromising the entire system from its most basic level. This could allow them to bypass other security measures, steal data, or disrupt operations.

To prevent this, the new Ultrastar drives implement ML-DSA-87, a digital signature algorithm standardized by the U.S. National Institute of Standards and Technology (NIST) in its FIPS 204 standard. This algorithm is specifically designed to be resistant to quantum attacks. In a pragmatic move designed for a smooth transition, Western Digital employs a dual-signing method, using both the new ML-DSA-87 and the proven RSA-3072 algorithm. This ensures backward compatibility and operational continuity for customers managing large, diverse fleets of storage devices while building in next-generation protection.

Aligning with a Quantum-Ready Future

Western Digital's initiative is not happening in a vacuum. It aligns with a broad, industry-wide migration toward quantum-safe technologies, driven by government standards and the demands of the world's largest technology companies. The algorithms being used are consistent with the National Security Agency's CNSA 2.0 suite, which outlines the path for securing national security systems against quantum threats.

This hardware-level innovation directly supports the PQC strategies of major hyperscale cloud providers. Companies like Google, Amazon Web Services (AWS), and Microsoft have already announced aggressive timelines for transitioning their services to post-quantum cryptography, with some aiming for full migration years ahead of government deadlines in the mid-2030s. These cloud giants, who are Western Digital's primary customers for enterprise drives, require every component of their infrastructure, down to the individual hard drive, to be secure and trustworthy.

By embedding PQC at the hardware level, Western Digital is providing a critical building block that enables these hyperscalers to build verifiably secure systems from the ground up. The move from theoretical planning to deploying production hardware that is aligned with NIST standards establishes a new baseline for trust in AI-era data systems.

"As AI data compounds and becomes more valuable and long-lived, securing it for the future is no longer optional," said Dr. Xiaodong (Carl) Che, Chief Technology Officer and Senior Vice President at WD. "The security architectures that have protected enterprise storage for more than a decade will need to evolve. Integrating post-quantum cryptography into our Ultrastar enterprise-class drives is part of our commitment to helping customers stay ahead of threats that are already present in the form of HNDL attacks."

With this launch, the company is setting a new standard for the storage industry. Western Digital has stated it expects to expand these PQC capabilities across additional enterprise hard drive product lines over time, signaling a long-term commitment to building a quantum-resilient foundation for the global data economy.