Cloudflare Fast-Tracks Post-Quantum Rollout To 2029 (siliconangle.com) 7
Cloudflare is accelerating its post-quantum security plans and now aims to make its entire platform fully post-quantum secure by 2029. "The updated timeline follows new developments in quantum computing research that suggest current cryptographic standards could be broken sooner than previously expected," reports SiliconANGLE. From the report: The decision by Cloudflare to move its post-quantum security roadmap forward comes after Google LLC and research from Oratomic demonstrated significant advances in algorithms and hardware capable of breaking widely used encryption methods such as RSA-2048 and elliptic curve cryptography. [...] The company said progress across three key areas -- quantum hardware, error correction and quantum algorithms -- is advancing in parallel and compounding overall capability. Improvements in areas such as neutral atom architectures and more efficient error correction are reducing the resources required to break encryption, while algorithmic advances are lowering computational complexity. [...]
Cloudflare has already deployed post-quantum encryption across a large portion of its network and reports that more than half of human traffic it processes now uses post-quantum key agreement. The company plans to expand support for post-quantum authentication in 2026, followed by broader deployment across its network and products through 2028. By 2029, Cloudflare said, it expects all of its services to be fully post-quantum secure, with those services being available by default across its platform, without requiring customer action or additional cost as part of the company's commitment to security upgrades. Google said it plans to accelerate its post-quantum encryption migration target to 2029.
Cloudflare has already deployed post-quantum encryption across a large portion of its network and reports that more than half of human traffic it processes now uses post-quantum key agreement. The company plans to expand support for post-quantum authentication in 2026, followed by broader deployment across its network and products through 2028. By 2029, Cloudflare said, it expects all of its services to be fully post-quantum secure, with those services being available by default across its platform, without requiring customer action or additional cost as part of the company's commitment to security upgrades. Google said it plans to accelerate its post-quantum encryption migration target to 2029.
Re:More of this (Score:5, Funny)
Quantum Computing has been 10 years away for the past 30 years. But now it's only 4 years away!!!
Any best practices for personal crypto? (Score:2)
For instance, which OpenSSH private key types should be used, and which types should be removed from circulation? How often should they be rotated to help prevent issues? Are there tools to point at a site to query whether it is following best practices or not? I'd ponder a browser extension, but ... obviously that's how the malware would be carried in, sigh.
Re:Any best practices for personal crypto? (Score:5, Informative)
OpenSSH version 10.0 started warning users when connections use cryptography that is not safe against quantum computers.
They didn't indicate that switching key types will fix anything, though I'm guessing that a newer/longer key might be better.
The important thing is to use a newer version of ssh on both ends of the connection.
Changed the Rules... (Score:2, Interesting)