- All websites and APIs served through Cloudflare support post-quantum hybrid key agreement, as a beta service, starting today.
- The connection to Cloudflare’s network is also secure against any future quantum-based attacks if the browser or the app supports it.
- Cloudflare stated that post-quantum cryptography is free of charge and it should be the new baseline for the Internet.
Cloudflare stated that support for the post-quantum hybrid key agreement is now available as a beta service for all websites and APIs served through Cloudflare by default. Thus, the connection to Cloudflare’s network is secure against any future quantum computer, if the browser or the app supports it. Cloudflare believes that post-quantum security should be the new baseline and offers post-quantum cryptography free of charge.
Protecting against quantum computers
Cloudflare pinpoints that today’s internet trusts encrypted internet traffic, however powerful quantum computers will be able to break today’s encryption in a near future. Thus, Cloudflare is focusing on strengthening its network against such attacks that are capable of breaking the encryption and eavesdropping on the traffic on transition.
Cloudflare believes that such use of quantum computers will be available in the mid-2030s at the earliest. But to get ahead of the curve and focus on solving problems and weaknesses related to this field, Cloudflare is integrating post-quantum encryption solutions today. Cloudflare said,
« The transition to a post-quantum secure Internet is urgent, but not without challenges. Today we have deployed a preliminary post-quantum key agreement on all our servers, a sizable portion of the Internet, so that we can all start testing the big migration today. We hope that come 2024, when NIST puts a bow on Kyber, we will all have laid the groundwork for a smooth transition to a Post-Quantum Internet. »