Cloudflare aims for full quantum security by 2029
Cloudflare is accelerating its post-quantum cryptography transition, planning full migration by 2029, including authentication.
(Image: heise medien)
Cloudflare is accelerating its post-quantum migration and plans to complete the transition by 2029 – including quantum-secure authentication. The company is responding to recent advances in quantum computing research, which are shortening the timeframe for the threat posed by quantum attacks.
Post-quantum cryptography refers to methods designed to withstand attacks from quantum computers. Widely used public-key methods such as RSA or Elliptic Curve Cryptography (ECC) can in principle be broken with quantum algorithms like Shor. Security researchers also warn of the "Harvest now, decrypt later" (HNDL) scenario: attackers could intercept encrypted data today and decrypt it later with quantum computers. This makes an early transition to new methods urgent.
Encryption in place, authentication to follow
At its core, Cloudflare has been relying on hybrid encryption (Kyber + ECDHE) since 2022 to prevent HNDL attacks. Should one of the two methods prove insecure in the future, the connection remains protected by the other. At the same time, the approach allows for a gradual migration without breaking existing infrastructure. Now, the authentication is being switched to the lattice-based method Dilithium.
For this, Cloudflare is using algorithms from the standardization process of the National Institute of Standards and Technology (NIST), primarily the lattice-based method Kyber for key exchange. Lattice-based methods are considered promising because they are based on mathematical problems that even quantum computers cannot solve efficiently.
Videos by heise
Roadmap to 2029 in several stages
Post-quantum encryption has been active by default since 2022. Over 65 percent of human traffic to Cloudflare is already post-quantum encrypted. The transition of authentication to Dilithium will occur in several stages: mid-2026 for origin connections, mid-2027 for visitor connections, early 2028 for enterprise networks, and fully by 2029. Customers do not need to change any settings for this. Cloudflare already supports hybrid encryption, but clients must also implement post-quantum methods to use them.
For HTTPS, classic cryptography will remain active for the time being to maintain compatibility. Cloudflare uses mechanisms such as PQ HSTS and Certificate Transparency to prevent downgrade attacks.
Further information on the new roadmap can be found in Cloudflare's announcement.
(fo)
