Crypto - The Cloudflare Blog

Sizing Up Post-Quantum Signatures

November 08, 2021 3:39PM

How much room does TLS have for the big post-quantum signatures? We had a look: it’s tight....

Bas Westerbaan

Using HPKE to Encrypt Request Payloads

February 19, 2021 12:00PM

WAF WAF Rules Security Firewall Crypto

Allowing users to securely log parts of the request that match firewall rules while making it impossible for anyone else to decrypt....

The Internet is Getting Safer: Fall 2020 RPKI Update

November 06, 2020 12:36PM

BGP RPKI Security Crypto

The cap of two hundred thousand routing cryptographic records was recently passed. We thought it was time for an update on a major year for RPKI....

Louis Poinsignon

NTS is now an RFC

October 01, 2020 3:53PM

Time IETF Crypto DNS Security Research

After much hard work, NTS finally becomes an official RFC.This means that Network Time Security (NTS) is officially part of the collection of protocols that makes the Internet work....

Watson Ladd

Internship Experience: Cryptography Engineer

April 09, 2020 12:00PM

Crypto TLS Engineering Internship Experience Careers

Back in the summer of 2017 I was an intern at Cloudflare. During the scholastic year I was a grad student working on automorphic forms and computational Langlands at Berkeley....

Watson Ladd

March 25, 2020 12:00PM

Speeding up Linux disk encryption

Encrypting data at rest is vital for Cloudflare with more than 200 data centres across the world. In this post, we will investigate the performance of disk encryption on Linux and explain how we made it at least two times faster for ourselves and our customers!...

By

Ignat Korchagin

Linux , Kernel , Crypto , Performance , Security

November 01, 2019 1:01PM

Going Keyless Everywhere

Time flies. The Heartbleed vulnerability was discovered just over five and a half years ago. Heartbleed became a household name not only because it was one of the first bugs with its own web page and logo, but because of what it revealed about the fragility of the Internet as a whole....

By

Nick Sullivan
, Chris Broglie

Crypto Week , Crypto , Security , Keyless SSL

November 01, 2019 1:00PM

Delegated Credentials for TLS

Today we’re happy to announce support for a new cryptographic protocol that helps make it possible to deploy encrypted services in a global network while still maintaining fast performance and tight control of private keys: Delegated Credentials for TLS....

By

Nick Sullivan
, Watson Ladd

Crypto Week , Crypto , Security , Keyless SSL , Product News

October 31, 2019 1:00PM

Announcing cfnts: Cloudflare's implementation of NTS in Rust

Several months ago we announced that we were providing a new public time service. Part of what we were providing was the first major deployment of the new Network Time Security protocol, with a newly written implementation of NTS in Rust....

By

Watson Ladd
, Pop Chunhapanya

Crypto Week , Crypto , Security , NTS , Product News

October 30, 2019 1:00PM

The TLS Post-Quantum Experiment

In June, we announced a wide-scale post-quantum experiment with Google. We implemented two post-quantum (i.e., not yet known to be broken by quantum computers) key exchanges, integrated them into our TLS stack and deployed the implementation on our edge servers and in Chrome Canary clients....

By

Kris Kwiatkowski
, Luke Valenta

Crypto Week , Crypto , TLS , Security , Research

October 29, 2019 1:00PM

DNS Encryption Explained

The Domain Name System (DNS) is the address book of the Internet. When you visit cloudflare.com or any other site, your browser will ask a DNS resolver for the IP address where the website can be found. Unfortunately, these DNS queries and answers are typically unprotected....

By

Peter Wu

Crypto Week , Crypto , DNS , DoH , DoT

October 28, 2019 1:00PM

Supporting the latest version of the Privacy Pass Protocol

At Cloudflare, we are committed to supporting and developing new privacy-preserving technologies that benefit all Internet users. In November 2017, we announced server-side support for the Privacy Pass protocol, a piece of work developed in collaboration with the academic community....

By

Alex Davidson

Crypto Week , Privacy Pass , Security , Crypto , Research

October 27, 2019 11:00PM

Tales from the Crypt(o team)

Halloween season is upon us. This week we’re sharing a series of blog posts about work being done at Cloudflare involving cryptography, one of the spookiest technologies around....

By

Nick Sullivan

Crypto Week , Crypto , Cryptography , Security , Product News

June 21, 2019 2:00PM

Introducing time.cloudflare.com

Cloudflare has always been a leader in deploying secure versions of insecure Internet protocols and making them available for free for anyone to use. In 2014, we launched one of the world’s first free, secure HTTPS service (Universal SSL) to go along with our existing free HTTP plan....

By

Aanchal Malhotra

Crypto , Crypto Week , Cryptography , Product News , Security