HomeRisk ManagementsCloudflare unveils end-to-end Post-Quantum Cryptography Protections

Cloudflare unveils end-to-end Post-Quantum Cryptography Protections

Published on

spot_img

Cloudflare has recently implemented post-quantum cryptography (PQC) protections in its Zero Trust platform, aiming to bolster online communications security against potential quantum computing threats. This strategic move allows organizations to shield their network traffic from quantum attacks without the need to individually upgrade each application or system.

Since 2017, Cloudflare has been actively involved in post-quantum security initiatives. This latest development is in line with the National Institute of Standards and Technology (NIST) effort to transition away from traditional cryptographic algorithms. NIST had announced in November 2024 a phased approach to retiring RSA and Elliptic Curve Cryptography (ECC) by 2035. Nevertheless, Cloudflare has proactively taken steps to ensure its customers are safeguarded well ahead of any quantum computing breakthroughs.

Currently, more than 35% of non-bot HTTPS traffic processed by Cloudflare is already secured with PQC. Additionally, organizations can now leverage the Zero Trust platform to encrypt their network traffic end-to-end with post-quantum cryptography, eliminating the manual overhaul of internal applications and providing immediate protection against quantum threats.

The implementation of PQC protections in Cloudflare’s Zero Trust platform caters to three primary use cases:
– Clientless access: With Cloudflare’s Zero Trust Network Access (ZTNA) solution, every HTTPS request to corporate applications is now secured with PQC, ensuring quantum-resistant connections from web browsers.
– WARP device client: By mid-2025, the WARP client will encrypt all traffic through a PQC-protected connection, irrespective of protocol, to secure corporate devices and ensure private routing across Cloudflare’s global network.
– Secure Web Gateway (SWG): Traffic passing through Cloudflare Gateway is encrypted with PQC, enhancing security measures while adhering to quantum-safe encryption standards.

Apart from securing HTTPS traffic, Cloudflare is also focusing on enhancing security for VPN replacements and other critical network functions. The company is collaborating with banks, ISPs, and governments to deploy PQC solutions, preventing potential “harvest now, decrypt later” attacks where encrypted data is collected for decryption once quantum technology matures.

Cloudflare’s long-term strategy involves transitioning the TLS 1.3 protocol to PQC, encompassing key agreement mechanisms and digital signatures. While key agreement migration is progressing smoothly using the ML-KEM protocol, the adoption of digital signatures poses performance challenges and is still in the early stages.

In conclusion, Cloudflare’s proactive approach to implementing post-quantum cryptography in its Zero Trust platform underscores its commitment to fortifying online communications security and staying ahead of potential quantum threats. This initiative not only benefits Cloudflare’s customers but also contributes to advancing global cybersecurity standards in the face of evolving technological landscapes.

Source link

Latest articles

Is Security Human Factors Research Biased Towards Western Ideals and Practices? – Source: www.schneier.com

A recent study titled "How WEIRD is Usable Privacy and Security Research?" conducted by...

Winning at SAML roulette: the hacker’s advantage

In a recent development, researchers have unveiled a groundbreaking method to exploit round-trip attacks...

GitHub Data Breach Exposes Thousands of Software Supply Chain Secrets

GitHub Actions, a popular CI/CD service utilized by developers to automate software builds and...

Participation Needed for Wellbeing in the Cybersecurity Sector

In the realm of cybersecurity, a pressing issue looms large - the wellbeing of...

More like this

Is Security Human Factors Research Biased Towards Western Ideals and Practices? – Source: www.schneier.com

A recent study titled "How WEIRD is Usable Privacy and Security Research?" conducted by...

Winning at SAML roulette: the hacker’s advantage

In a recent development, researchers have unveiled a groundbreaking method to exploit round-trip attacks...

GitHub Data Breach Exposes Thousands of Software Supply Chain Secrets

GitHub Actions, a popular CI/CD service utilized by developers to automate software builds and...