Cloudflare targets 2029 for full post-quantum security
4 hours ago
- #cybersecurity timeline
- #quantum computing threats
- #post-quantum cryptography
- Cloudflare is accelerating its post-quantum roadmap, targeting 2029 for full post-quantum security, including authentication.
- Recent breakthroughs from Google and Oratomic have drastically reduced quantum hardware requirements for breaking cryptography, pulling Q-Day forward to as early as 2029-2030.
- Post-quantum authentication is now a top priority, as broken authentication can lead to catastrophic access breaches, unlike encryption which mainly addresses data harvesting attacks.
- Long-lived keys, such as root certificates and API authentication keys, should be prioritized for upgrade due to their high value to attackers and persistence.
- Organizations must not only adopt post-quantum cryptography but also disable quantum-vulnerable cryptography to prevent downgrade attacks and rotate exposed secrets.
- Transitioning to post-quantum authentication will take years due to complex dependency chains and third-party integrations, not months.
- Cloudflare recommends that businesses require post-quantum support in procurement, and governments should coordinate migration efforts with clear timelines and international standards.
- Cloudflare will provide post-quantum security by default at no extra cost, focusing on protecting its infrastructure, but customers need to ensure their browsers, applications, and origins also upgrade.