Post-quantumify internal services: Logfwrdr, Tunnel, and gokeyless
February 25, 2022 4:03 PM
A big challenge is coming: to change all internal connections at Cloudflare to use post-quantum cryptography. Read how we are tackling this challenge!...
February 25, 2022 4:03 PM
A big challenge is coming: to change all internal connections at Cloudflare to use post-quantum cryptography. Read how we are tackling this challenge!...
February 24, 2022 11:12 PM
HPKE (RFC 9180) was made to be simple, reusable, and future-proof by building upon knowledge from prior PKE schemes and software implementations. This article provides an overview of this new standard, going back to discuss its motivation, design goals, and development process...
February 24, 2022 5:30 PM
This blogpost refers to the efforts to use formal/verification/implementation for post-quantum algorithms to achieve better assurance for them. It also touches on our Cloudflare efforts on this...
February 24, 2022 4:23 PM
This blogpost will touch upon how to practically use Jasmin and EasyCrypt to achieve better security guarantees when verifying KEMs...
February 23, 2022 1:59 PM
Post-quantum key exchange and signature algorithms come with different trade-offs that we’re familiar. How do we handle that when updating protocols, is this an opportunity to revisit the status quo?...
February 22, 2022 1:59 PM
How can one attest to an identity and prove it belongs to one self? And how can one do it in the face of quantum computers? In this blog post, we examine these questions and explain what post-quantum signatures are...
February 21, 2022 1:59 PM
At Cloudflare, we strive to help build a better Internet, which means a quantum-protected one. In this post, we look at the challenges for migrating to post-quantum cryptography and what lies ahead using a taxonomy...
February 21, 2022 1:59 PM
What is quantum computing and what advances have been made so far on this front? In this blog post, we will answer this question and see how to protect against quantum adversaries...
November 08, 2021 3:39 PM
How much room does TLS have for the big post-quantum signatures? We had a look: it’s tight....
October 13, 2021 12:59 PM
Our Go cryptographic library CIRCL announces support for pairing-based cryptography....
October 13, 2021 12:59 PM
Learn more about Exported Authenticators, a new extension to TLS, currently going through the IETF standardisation process....
February 19, 2021 12:00 PM
Allowing users to securely log parts of the request that match firewall rules while making it impossible for anyone else to decrypt....
January 15, 2021 12:00 PM
The TLS 1.3 protocol has been around for quite some time, but it will be broken once quantum computers arrive. What can we do? In this blog post, we will examine a technique for achieving full post-quantum security for TLS 1.3 in the face of quantum computers: KEMTLS....
December 11, 2020 12:00 PM
As quantum computing matures, R&D efforts in cryptography are keeping pace. We’re working with academia and industry peers to create new cryptography standards resilient to quantum computer attacks....
December 08, 2020 12:00 PM
Today, we’re making several announcements around improving Internet protocols with respect to something important to our customers and Internet users worldwide: privacy....
November 06, 2020 12:36 PM
The cap of two hundred thousand routing cryptographic records was recently passed. We thought it was time for an update on a major year for RPKI....
October 01, 2020 2:53 PM
After much hard work, NTS finally becomes an official RFC.This means that Network Time Security (NTS) is officially part of the collection of protocols that makes the Internet work. ...
April 09, 2020 11:00 AM
Back in the summer of 2017 I was an intern at Cloudflare. During the scholastic year I was a grad student working on automorphic forms and computational Langlands at Berkeley....
March 25, 2020 12:00 PM
Encrypting data at rest is vital for Cloudflare with more than 200 data centres across the world. In this post, we will investigate the performance of disk encryption on Linux and explain how we made it at least two times faster for ourselves and our customers!...