HomeRisk ManagementsCloudflare unveils end-to-end Post-Quantum Cryptography Protections

Cloudflare unveils end-to-end Post-Quantum Cryptography Protections

Published on

spot_img

Cloudflare has recently implemented post-quantum cryptography (PQC) protections in its Zero Trust platform, aiming to bolster online communications security against potential quantum computing threats. This strategic move allows organizations to shield their network traffic from quantum attacks without the need to individually upgrade each application or system.

Since 2017, Cloudflare has been actively involved in post-quantum security initiatives. This latest development is in line with the National Institute of Standards and Technology (NIST) effort to transition away from traditional cryptographic algorithms. NIST had announced in November 2024 a phased approach to retiring RSA and Elliptic Curve Cryptography (ECC) by 2035. Nevertheless, Cloudflare has proactively taken steps to ensure its customers are safeguarded well ahead of any quantum computing breakthroughs.

Currently, more than 35% of non-bot HTTPS traffic processed by Cloudflare is already secured with PQC. Additionally, organizations can now leverage the Zero Trust platform to encrypt their network traffic end-to-end with post-quantum cryptography, eliminating the manual overhaul of internal applications and providing immediate protection against quantum threats.

The implementation of PQC protections in Cloudflare’s Zero Trust platform caters to three primary use cases:
– Clientless access: With Cloudflare’s Zero Trust Network Access (ZTNA) solution, every HTTPS request to corporate applications is now secured with PQC, ensuring quantum-resistant connections from web browsers.
– WARP device client: By mid-2025, the WARP client will encrypt all traffic through a PQC-protected connection, irrespective of protocol, to secure corporate devices and ensure private routing across Cloudflare’s global network.
– Secure Web Gateway (SWG): Traffic passing through Cloudflare Gateway is encrypted with PQC, enhancing security measures while adhering to quantum-safe encryption standards.

Apart from securing HTTPS traffic, Cloudflare is also focusing on enhancing security for VPN replacements and other critical network functions. The company is collaborating with banks, ISPs, and governments to deploy PQC solutions, preventing potential “harvest now, decrypt later” attacks where encrypted data is collected for decryption once quantum technology matures.

Cloudflare’s long-term strategy involves transitioning the TLS 1.3 protocol to PQC, encompassing key agreement mechanisms and digital signatures. While key agreement migration is progressing smoothly using the ML-KEM protocol, the adoption of digital signatures poses performance challenges and is still in the early stages.

In conclusion, Cloudflare’s proactive approach to implementing post-quantum cryptography in its Zero Trust platform underscores its commitment to fortifying online communications security and staying ahead of potential quantum threats. This initiative not only benefits Cloudflare’s customers but also contributes to advancing global cybersecurity standards in the face of evolving technological landscapes.

Source link

Latest articles

NCSC Shares Penetration Testing Defense Tips

On July 1, the United Kingdom's National Cyber Security Centre (NCSC) released guidance designed...

How Okta and CrowdStrike Collaborate to Enhance Protection Against Cross-Domain Attacks Webinar

Navigating the New Age of Cybersecurity: The AI Inflection Point As artificial intelligence (AI) becomes...

Alibaba Reportedly Prohibits Claude Code Due to Alleged Backdoor Risks in AI Coding Tool

Alibaba is reportedly set to implement a ban on the use of Anthropic’s Claude...

ThreatsDay: AI Compute Hijacking, Apple Email Vulnerability, BlueHammer Ransomware, and 14 More Stories

Current Trends in Cybersecurity: Vulnerabilities Exploited as Attackers Find Weak Spots This week’s cybersecurity news...

More like this

NCSC Shares Penetration Testing Defense Tips

On July 1, the United Kingdom's National Cyber Security Centre (NCSC) released guidance designed...

How Okta and CrowdStrike Collaborate to Enhance Protection Against Cross-Domain Attacks Webinar

Navigating the New Age of Cybersecurity: The AI Inflection Point As artificial intelligence (AI) becomes...

Alibaba Reportedly Prohibits Claude Code Due to Alleged Backdoor Risks in AI Coding Tool

Alibaba is reportedly set to implement a ban on the use of Anthropic’s Claude...