Cloudflare Accelerates Post-Quantum Cryptography Migration, Targeting 2029 for Quantum-Safe Internet
Key Takeaways
- ▸Cloudflare has already migrated majority of traffic to ML-KEM encryption, protecting against harvest-now-decrypt-later quantum attacks
- ▸ML-DSA, while available today, has significant limitations; better post-quantum signature schemes are actively being developed
- ▸NIST is advancing 9 post-quantum signature candidates to round three, with FN-DSA expected to deliver an imminent draft standard
Summary
Cloudflare is advancing the industry's transition to post-quantum cryptography, with the majority of its traffic now protected by NIST-standardized ML-KEM encryption. While the company has deployed post-quantum encryption ahead of schedule, the critical challenge remains securing authentication systems through post-quantum signature algorithms—a goal Cloudflare is targeting by 2029. Although NIST standardized ML-DSA in 2024 as the first quantum-resistant signature scheme, its larger wire size and technical limitations have prompted NIST to advance nine additional post-quantum signature candidates to the third round of evaluation, with promising schemes like FN-DSA (Falcon) expected to have draft standards soon. The article details the landscape of post-quantum signature algorithms and explains why better alternatives are essential, even though they won't be ready before the initial migration wave.
- Full post-quantum security migration across authentication systems targeted for 2029
- The cryptographic community must move forward with imperfect tools (ML-DSA) while simultaneously improving the algorithms for future iterations
Editorial Opinion
The shift to post-quantum cryptography represents a rare alignment of urgency and preparation. Unlike many emerging threats, we know quantum computers are coming and we have standardized tools ready—yet the first wave of solutions carry real limitations. Cloudflare's pragmatic approach, deploying ML-DSA now while investing in better algorithms for tomorrow, models the kind of responsible risk management the industry needs. This is not a problem to defer; it is a problem to manage intelligently across a multi-year timeline.



