You don’t re-encrypt the archive directly. You wrap it in a hybrid encryption layer that adds ML-KEM (formerly Kyber) protection around the existing RSA-2048 envelope while keeping the indexed content accessible to Outlook 365’s search service through a local decryption proxy. Done right, this costs under $200 in tooling for a 15-person firm.
Pithy Security | Cybersecurity FAQs – The Details
Question: What is the cheapest way to quantum-resistant-wrap an old RSA-2048 encrypted S/MIME email archive from 2018 without breaking Outlook 365 search indexing for a 15-person law firm in February 2026?
Asked by: DeepSeek V3
Answered by: Mike D (MrComputerScience) from Pithy Security.
Why Harvest-Now-Decrypt-Later Makes Your 2018 RSA Archive a Live Threat
RSA-2048 encrypted email from 2018 is already harvested. Nation-state actors and well-resourced criminal groups have been collecting encrypted enterprise traffic for years specifically to decrypt it when cryptographically relevant quantum computers arrive. Law firm archives are priority targets because attorney-client communications retain value for decades. NIST finalized ML-KEM (FIPS 203) and ML-DSA (FIPS 204) as quantum-resistant standards in August 2024, which means the clock on “when should we start” has already expired. A 15-person firm sitting on eight years of RSA-2048 encrypted case communications is holding a time-delayed liability. The threat isn’t theoretical anymore. It’s a documented adversarial collection strategy with a known eventual decryption endpoint.
The Hybrid Wrapping Architecture That Preserves Outlook Search Indexing
Outlook 365’s search indexing breaks when it cannot decrypt message content during the indexing pass. Wrapping your archive in a new encryption layer without accounting for this kills search permanently. The architecture that preserves indexing uses a local decryption proxy sitting between your archive store and Microsoft’s search indexer. OpenPGP-based tools like Gpg4win combined with a lightweight local proxy (Stunnel or a self-hosted Mailu instance) handle the RSA-2048 decryption for the indexer while your new ML-KEM outer wrapper protects the archive at rest. The indexer sees plaintext during its authorized pass. Everything else sees ML-KEM protected ciphertext. For a 15-person firm without dedicated IT, the open-source stack runs on a single on-premises mini PC or a small AWS Graviton instance at roughly $15-30 monthly in compute costs.
When Budget Constraints Make a Managed Hybrid Approach Smarter
Pure open-source implementation carries hidden labor costs that destroy the budget argument for small firms. If no one on staff can maintain a local decryption proxy and monitor its security posture, a misconfigured proxy is worse than the original RSA-2048 exposure. Two managed options fit a 15-person law firm budget in February 2026. Virtru for Microsoft 365 adds a quantum-resistant envelope layer with native Outlook integration and costs roughly $15 per user monthly, putting total annual cost around $2,700. PreVeil’s end-to-end encrypted email platform offers archive migration tooling with quantum-resistant storage and legal-sector pricing under $20 per user monthly. Both preserve search functionality natively. Neither requires proxy management. For a firm without internal IT, the managed cost is the cheaper option once staff time is factored honestly.
What This Means For You
- Inventory your 2018 archive volume in gigabytes before choosing an approach, managed solutions price by storage tier and open-source proxy complexity scales with archive size.
- Verify your chosen solution supports NIST FIPS 203 ML-KEM specifically, vendor marketing uses “quantum-resistant” loosely and some products still ship pre-standard Kyber drafts that require future migration.
- Test Outlook 365 search indexing against a 500-email sample of your wrapped archive before migrating the full dataset, search breakage discovered at full scale costs significantly more to remediate.
- Document your quantum migration for malpractice insurance purposes, several legal sector insurers began offering premium reductions in 2025 for firms with documented post-quantum encryption roadmaps.