Post-quantum cryptography goes GA

By admin

5 min
TIME

read

This post is also available in 简体中文, 日本語,

Deutsch
ORG

,

Français
ORG

and

Español
ORG

.

Over

the last twelve months
DATE

, we have been talking about the new baseline of encryption on the Internet: post-quantum cryptography. During

Birthday Week last year
DATE

we announced that our beta of

Kyber
ORG

was available for testing, and that

Cloudflare Tunnel
ORG

could be enabled with post-quantum cryptography.

Earlier this year
DATE

, we made our stance clear that this foundational technology should be available to everyone for free, forever.


Today
DATE

, we have hit a milestone after

six years
DATE

and

31
CARDINAL

blog posts in the making: we’re starting to roll out General Availability1 of post-quantum cryptography support to our customers, services, and internal systems as described more fully below. This includes products like

Pingora
NORP

for origin connectivity, 1.1.1.1,

R2
CARDINAL

,

Argo Smart Routing
ORG

, Snippets, and so many more.

This is a milestone for the Internet. We don’t yet know when quantum computers will have enough scale to break

today
DATE

‘s cryptography, but the benefits of upgrading to post-quantum cryptography now are clear. Fast connections and future-proofed security are all possible

today
DATE

because of the advances made by

Cloudflare
ORG

,

Google
ORG

,

Mozilla
ORG

,

the National Institutes of Standards and Technology
ORG

in

the United States
GPE

,

the Internet Engineering Task Force
ORG

, and numerous academic institutions

What does General Availability mean? In

October 2022
DATE

we enabled

X25519+Kyber
CARDINAL

as a beta for all websites and APIs served through

Cloudflare
ORG

. However, it takes

two
CARDINAL

to tango: the connection is only secured if the browser also supports post-quantum cryptography. Starting

August 2023
DATE

,

Chrome
ORG

is slowly enabling

X25519+Kyber
CARDINAL

by default.

The user’s request is routed through

Cloudflare
ORG

’s network (

2
CARDINAL

). We have upgraded many of these internal connections to use post-quantum cryptography, and expect to be done upgrading all of our internal connections by

the end of 2024
DATE

. That leaves as the final link the connection (

3
CARDINAL

) between us and the origin server.

We are happy to announce that we are rolling out support for

X25519+Kyber
CARDINAL

for most inbound and outbound connections as Generally Available for use including origin servers and

Cloudflare Workers
ORG

fetch() es.

Plan Support for post-quantum outbound connections Free Started roll-out. Aiming for

100%
PERCENT

by

the end of the October
DATE

. Pro and business

Aiming
ORG

for

100%
PERCENT

by

the end of year
DATE

. Enterprise Roll-out begins

February 2024
DATE

.

100%
PERCENT

by

March 2024
DATE

.

For our Enterprise customers, we will be sending out additional information regularly over the course of

the next six months
DATE

to help prepare you for the roll-out. Pro, Business, and Enterprise customers can skip the roll-out and opt-in within your zone

today
DATE

, or opt-out ahead of time using an API described in our companion blog post. Before rolling out for Enterprise in

February 2024
DATE

, we will add a toggle on the dashboard to opt out.

If you’re excited to get started now, check out our blog with the technical details and flip on post-quantum cryptography support via the

API
ORG

!

What’s included and what is next?

With an upgrade of this magnitude, we wanted to focus on our most used products

first
ORDINAL

and then expand outward to cover our edge cases. This process has led us to include the following products and systems in this roll out:

1.1.1.1 AMP API Gateway Argo Smart Routing Auto Minify Automatic Platform Optimization Automatic Signed Exchange Cloudflare Egress Cloudflare Images Cloudflare Rulesets Cloudflare Snippets Cloudflare Tunnel Custom Error Pages Flow Based Monitoring Health checks Hermes Host Head Checker Magic Firewall Magic Network Monitoring Network Error Logging Project Flame Quicksilver R2 Storage Request Tracer Rocket Loader Speed on

Cloudflare Dash SSL/TLS Traffic Manager
PRODUCT

WAF, Managed Rules Waiting Room Web Analytics

If a product or service you use is not listed here, we have not started rolling out post-quantum cryptography to it yet. We are actively working on rolling out post-quantum cryptography to all products and services including our

Zero Trust
ORG

products. Until we have achieved post-quantum cryptography support in all of our systems, we will publish an update blog in

every Innovation Week
EVENT

that covers which products we have rolled out post-quantum cryptography to, the products that will be getting it next, and what is still on the horizon.

Products we are working on bringing post-quantum cryptography support to soon:

Cloudflare Gateway Cloudflare DNS Cloudflare Load Balancer Cloudflare Access Always Online Zaraz Logging D1 Cloudflare Workers Cloudflare WARP Bot Management

Why now?

As we announced

earlier this year
DATE

, post-quantum cryptography will be included for free in all

Cloudflare
ORG

products and services that can support it. The best encryption technology should be accessible to everyone – free of charge – to help support privacy and human rights globally.

As we mentioned in

March
DATE

:

“What was once an experimental frontier has turned into the underlying fabric of modern society. It runs in our most critical infrastructure like power systems, hospitals, airports, and banks. We trust it with our most precious memories. We trust it with our secrets. That’s why the Internet needs to be private by default. It needs to be secure by default.”

Our work on post-quantum cryptography is driven by the thesis that

quantum
ORG

computers that can break conventional cryptography create a similar problem to the

Year 2000
DATE

bug. We know there is going to be a problem in the future that could have catastrophic consequences for users, businesses, and even nation states. The difference this time is we don’t know how the date and time that this break in the computational paradigm will occur. Worse, any traffic captured

today
DATE

could be decrypted in the future. We need to prepare

today
DATE

to be ready for this threat.

We are excited for everyone to adopt post-quantum cryptography into their systems. To follow the latest developments of our deployment of post-quantum cryptography and

third
ORDINAL

-party client/server support, check out

pq.cloudflareresearch.com
PRODUCT

and keep an eye on this blog.

***

1We are using a preliminary version of Kyber,

NIST
ORG

’s pick for post-quantum key agreement. Kyber has not been finalized. We expect a final standard to be published in

2024
DATE

under the name

ML-KEM
ORG

, which we will then adopt promptly while deprecating support for

X25519Kyber768Draft00
PERSON

.