Summary
Cloudflare is accelerating its post-quantum cryptography roadmap and aiming for full post-quantum security by 2029, matching Google’s timeline. The shift is driven by Google Quantum AI’s new ECC-256 resource estimates and Oratomic’s 10,000-qubit Shor paper, which together raise the urgency for migration.
Cloudflare reports that more than 65% of human-initiated traffic on its network already uses post-quantum encryption to blunt Harvest Now, Decrypt Later attacks, and it has offered post-quantum key exchange since 2022. The new focus is the harder part: post-quantum authentication, including digital signatures, certificates, and the identity infrastructure that proves who is on the other end.
The post cites IBM Quantum Safe CTO Michael Osborne on the possibility of moonshot attacks as early as 2029, and notes Scott Aaronson’s warning that some Shor resource estimate work may have gone quiet. Cloudflare will provide all post-quantum upgrades across every plan at no extra cost, echoing its 2014 universal SSL move. With Google and Cloudflare aligned on 2029, expect faster industry action on PQ signatures, certificate authority readiness, and crypto agility.
Read more
See the original article at: https://postquantum.com/security-pqc/cloudflare-pqc-2029/