Cloudflare Shifts Quantum Timeline

The internet’s lock-and-key system is being rebuilt years earlier than many companies expected. On March 25, Google said it is now targeting 2029 for its own post-quantum cryptography migration after new progress in quantum hardware, error correction, and factoring estimates tightened the schedule. (blog.google) Post-quantum cryptography is the replacement for today’s public-key math, the code that lets your browser agree on a secret with a website and verify that the site is really who it claims to be. The problem is that a powerful enough quantum computer could crack much of the public-key cryptography used on the web today, including systems behind encryption and digital signatures. (nist.gov) (blog.google) One risk is already here even if the machine does not exist yet. Attackers can steal encrypted traffic now and save it for later, then decrypt it years from now if quantum computers become strong enough, which is why security teams call it “store now, decrypt later.” (blog.cloudflare.com) (blog.google) The standards are no longer theoretical. In August 2024, the National Institute of Standards and Technology finalized the first three federal post-quantum cryptography standards, including Module-Lattice-Based Key-Encapsulation Mechanism for key exchange and Module-Lattice-Based Digital Signature Algorithm for signatures. (nist.gov) (csrc.nist.gov) Cloudflare has been swapping in those new tools in stages because it sits between users’ browsers and the websites they visit. Cloudflare says it began preparing in 2019, enabled post-quantum encryption for all websites and application programming interfaces on its network in 2022, and now says more than 65% of human traffic it handles is already post-quantum encrypted. (blog.cloudflare.com) That 65% figure does not mean the whole problem is solved, because encryption is only one half of the web’s trust system. Cloudflare said on April 7 that it is moving its target for full post-quantum security to 2029 and is now putting special weight on post-quantum authentication, the part that covers certificates, identities, and signatures. (blog.cloudflare.com) Google pushed the same point from the other side a week earlier. Its March 25 post said it had adjusted its threat model to prioritize migration for authentication services and recommended that other engineering teams do the same, because digital signatures have to be replaced before a cryptographically relevant quantum computer arrives. (blog.google) The trigger was not just a calendar change. Cloudflare said Google had reported a major improvement in a quantum algorithm for breaking elliptic curve cryptography and had backed that claim with a zero-knowledge proof, while separate research from Oratomic estimated that breaking the P-256 curve on a neutral-atom machine could take about 10,000 qubits. (blog.cloudflare.com) This is why the migration keeps turning into a compatibility project instead of a simple software patch. Cloudflare’s 2023 rollout to origin servers used a hybrid approach that paired X25519, a current key agreement method, with Kyber, a post-quantum method, so connections would keep working even if one side was not fully ready. (blog.cloudflare.com) Hybrid deployment buys time, but it also shows how many moving parts have to line up at once. Browsers, content delivery networks, origin servers, virtual private networks, certificate systems, mobile operating systems, and enterprise gateways all have to support the same new cryptography without breaking old traffic. (blog.cloudflare.com) (blog.google) Cloudflare has already started extending the shift beyond web pages into corporate networking. In February 2026, it said Cloudflare One had become the first complete Secure Access Service Edge platform to support modern post-quantum encryption across its major network configurations, including internet protocol security wide-area networking links. (cloudflare.net) So the new story is not that quantum computers have suddenly arrived. The story is that two companies that carry huge amounts of internet traffic are now planning around 2029, and once Google and Cloudflare move their deadlines, everyone connected to their software, browsers, certificates, and networks inherits that clock too. (blog.google) (blog.cloudflare.com)