Cloudflare shifts post‑quantum plans after Google alert

A quantum computer does not need to read your password file to cause trouble. If it gets strong enough, it can solve the math behind today’s internet locks and pretend to be your website, your update server, or your login system. (cloudflare.com) Those internet locks are mostly two jobs. One job scrambles a connection so outsiders cannot read it, and the other job proves the server or software really is who it claims to be. (nist.gov) The scramble-first problem has been on security teams’ desks for years because of “harvest now, decrypt later.” An attacker can steal encrypted traffic today and wait for better machines to unlock it later. (cloudflare.com) The identity problem is different. If a future machine can forge a digital signature, it can impersonate a site in real time or sign a malicious software update so devices trust it. (blog.google) That is why Google changed its timetable on March 25, 2026. It said it is now targeting 2029 for post-quantum cryptography migration and told other engineering teams to prioritize authentication services. (blog.google) Google’s warning was not just a vague “quantum is coming” speech. Google researchers said in a March 2026 whitepaper that elliptic curve cryptography could be broken with fewer qubits and gates than earlier estimates, and they used a zero-knowledge proof to show the result without publishing the attack method. (research.google, arxiv.org) Cloudflare reacted within days. On April 7, 2026, it moved its own target to 2029 for being fully post-quantum secure, and it said the missing piece is post-quantum authentication, not just post-quantum encryption. (cloudflare.com) Cloudflare is not starting from zero. It says it began preparing in 2019, enabled post-quantum encryption for all websites and application programming interfaces in 2022, and now sees more than 65% of human traffic on its network using post-quantum key agreement. (cloudflare.com) The standards are no longer theoretical. The National Institute of Standards and Technology published its first three post-quantum standards in August 2024 and says organizations should begin using Module-Lattice-Based Key-Encapsulation Mechanism, Module-Lattice-Based Digital Signature Algorithm, and Stateless Hash-Based Digital Signature Algorithm now. (nist.gov) This is why “wait and see” gets expensive fast. The cryptography is buried inside browsers, phones, certificate systems, identity tools, firmware, and embedded devices that can stay in service for 10 years or longer. (nist.gov, csoonline.com) Cloudflare told CSO on April 9 that Google’s move was “a very big deal,” that it is “actively adjusting” priorities, and that it plans post-quantum certificates in 2027 to protect browser connections against active attack. (csoonline.com) The new deadline is not “quantum computers break the internet in 2029.” The new deadline is that companies with long-lived secrets and slow-moving infrastructure are being told that 2029 is the year to be ready, not the year to start. (blog.google, cloudflare.com, nist.gov)