Cloudflare targets 2029 for full post-quantum security

Cloudflare is accelerating its post-quantum security roadmap, aiming for full implementation by 2029, including crucial post-quantum authentication, in response to recent advancements in quantum computing that threaten current cryptographic systems. These developments, highlighted by Google's and Oratomic's advancements in quantum algorithms and hardware, suggest that the timeline for Q-Day, when quantum computers can break existing cryptography, may be sooner than expected, possibly by 2029 or 2030. Cloudflare, which has already implemented post-quantum encryption for most of its products, emphasizes the urgency of updating authentication systems to prevent catastrophic breaches from quantum-forged keys. As the industry shifts focus from preventing harvest-now/decrypt-later attacks to securing authentication, organizations are urged to prioritize long-term key upgrades and prepare for the extensive dependencies involved, including third-party vendors. Cloudflare remains committed to making post-quantum security the default for all customers at no additional cost, as part of its mission to protect the Internet at scale.