Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.
The countdown to Y2Q, the day when quantum computers can decrypt public key algorithms, is on. While researchers don’t know exactly when this will happen, the Cloud Security Alliance (CSA) estimates this could be as soon as April 14, 2030.
Although many organizations are waiting for post-quantum threats to become tangible before taking action against them, other providers like Content Delivery Network (CDN) giant Cloudflare are diving straight in and responding with quantum-safe solutions.
Today, Cloudflare announced it has launched post-quantum cryptography support for all websites and APIs served through its network. Essentially, this will introduce quantum computer-proof encryption for all sites using Cloudflare, which accounts for 19.1% of all websites according to W3Techs.
Above all, the fact that a prominent security vendor like Cloudflare is committing to post-quantum cryptography highlights that enterprises should take the threat of malicious quantum computers seriously.
MetaBeat will bring together thought leaders to give guidance on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.
Countdown to Y2Q: Why the time for post-quantum is now
The announcement comes shortly after Cloudflare announced the release of the first Zero Trust SIM to secure mobile devices, and a $1.25 billion funding program designed to help startups scale their businesses.
Now Cloudflare is the first content delivery network to support post-quantum TLS based on NIST’s chosen cyber algorithm. While this decision may seem premature, it’s at the perfect time to prevent harvest now, decrypt later style attacks.
Currently, threat actors and nation-states can collect encrypted data with the intention to decrypt it once quantum computing advances to the level necessary to decrypt it.
“There is an expiration date on the cryptography we use every day. It’s not easy to read, but somewhere between 15 or 40 years, a sufficiently powerful quantum computer is expected to be built that’ll be able to decrypt essentially any encrypted data on the Internet today,” wrote Cloudflare in the announcement blog post.
“Starting today, as a beta service, all websites and APIs served through Cloudflare support post-quantum hybrid key agreement. This is on by default; no need for an opt-in. This means that if your browser/app supports it, the connection to our network is also secure against any future quantum computer,” the post said.
The post-quantum cryptography market
As quantum computers develop further, interest in post-quantum cryptography continues to grow, with researchers anticipating that the post-quantum cryptography market will reach a value of $476.8 million by 2030, growing at a compound annual growth rate (CAGR) of 18.67%.
Of course, Cloudflare isn’t the only provider taking post-quantum threats seriously. Other vendors like PQShield, which announced raising $20 million in funding earlier this year, are leveraging post-quantum cryptography to enable enterprises to develop secure cryptographic solutions for messaging platforms, apps and mobile technologies.
Likewise, SandboxAQ, which Alphabet spun off at the start of this year with 9 figures in funding, is combining artificial intelligence and quantum computing together to offer next-generation encryption solutions.
The vendor’s Security AQ Analyzer creates a cryptographic inventory to understand an organization’s cryptographic posture and helps plan the move to post-quantum cryptography. Its Security AW Maestro solution then uses machine learning to automate the orchestration of algorithms and protocols to optimize performance for end users.
However, Cloudflare’s widespread reach as one of the largest CDN providers in the market gives it the potential to contribute to the most widespread adoption of post-quantum cryptography yet.