Cloudflare accelerated the transition to post‑quantum cryptography due to growing threats

Cloudflare Accelerates Quantum Threat Protection Plan

Cloudflare announced that it now plans to fully protect its platform from potential quantum computer attacks by 2029. This includes not only data storage and transmission but also all authentication systems.

Why the timelines have shortened
- New research has shown that existing encryption algorithms (such as RSA‑2048) can be broken significantly earlier than previously thought.
- Recent work by Google and researchers from Oratomic demonstrated progress in creating both software algorithms and hardware capable of bypassing these protection methods.
- As a result, Cloudflare is preparing for the possibility that “Q‑Day” – the moment when quantum devices can mass‑break modern cryptographic protocols – may arrive as early as the end of this decade.

Industry priority shift
- From long‑term data encryption we are moving to protecting *current* authentication systems.
- Attackers with quantum capabilities could forge credentials, thereby gaining direct access to corporate networks.
- Implementing post‑quantum authentication is more complex than simple encryption: it requires handling long‑lived keys and third‑party certificates. To ensure reliable protection, companies will need not only to update standards but also to completely disable obsolete cryptographic schemes.

Current Cloudflare progress
- More than half of user traffic on the Cloudflare network already uses post‑quantum key agreement.
- In 2026 the company plans to expand support for post‑quantum authentication, and by 2028 it will implement it in most products.
- By 2029 all platform services will be protected against quantum threats “by default” without additional costs to customers.

Source
Information about these changes was reported in a SiliconANGLE publication authored by tech entrepreneurs John Furrier and Dave Vellante.