Account Takeover Protection and WAF mitigations to help stop Global Brute Force Campaigns
July 01, 2021 5:53 PM
Today, we are making our Account Takeover Protection capabilities available to all paid plans at no additional charge....
Humanity wastes about 500 years per day on CAPTCHAs. It’s time to end this madness
May 13, 2021 1:00 PM
We want to remove CAPTCHAs completely. The idea is rather simple: a real human should be able to touch or look at their device to prove they are human, without revealing their identity. Let's explore!...
KEMTLS: Post-quantum TLS without signatures
January 15, 2021 12:00 PM
The TLS 1.3 protocol has been around for quite some time, but it will be broken once quantum computers arrive. What can we do? In this blog post, we will examine a technique for achieving full post-quantum security for TLS 1.3 in the face of quantum computers: KEMTLS....
A Name Resolver for the Distributed Web
January 13, 2021 12:00 PM
We are proud to announce a new resolver for the Distributed Web, where IPFS content indexed by the Ethereum Name Service (ENS) can be accessed....
Securing the post-quantum world
December 11, 2020 12:00 PM
As quantum computing matures, R&D efforts in cryptography are keeping pace. We’re working with academia and industry peers to create new cryptography standards resilient to quantum computer attacks....
MORE POSTS
December 08, 2020 12:00 PM
OPAQUE: The Best Passwords Never Leave your Device
Imagine passwords for online services that never leave your device, encrypted or otherwise. OPAQUE is a new cryptographic protocol that makes this idea possible, giving you and only you full control of your password....
- By
December 08, 2020 12:00 PM
Improving DNS Privacy with Oblivious DoH in 1.1.1.1
Oblivious DoH (ODoH) makes secure DNS over HTTPS (DoH) queries into private queries which prevent the leakage of client IP addresses to resolvers. The new proposed ODoH standard addresses this problem and today we are enabling users to use this protocol with 1.1.1.1...
- By
December 08, 2020 12:00 PM
Good-bye ESNI, hello ECH!
A deep dive into the Encrypted Client Hello, a standard that encrypts privacy-sensitive parameters sent by the client, as part of the TLS handshake....
- By
October 01, 2020 2:53 PM
NTS is now an RFC
After much hard work, NTS finally becomes an official RFC.This means that Network Time Security (NTS) is officially part of the collection of protocols that makes the Internet work. ...
- By
November 01, 2019 1:00 PM
Delegated Credentials for TLS
Announcing support for a new cryptographic protocol making it possible to deploy encrypted services while still maintaining performance and control of private keys: Delegated Credentials for TLS. ...
- By
October 31, 2019 1:00 PM
Announcing cfnts: Cloudflare's implementation of NTS in Rust
Several months ago we announced that we were providing a new public time service. Part of what we were providing was the first major deployment of the new Network Time Security protocol, with a newly written implementation of NTS in Rust. ...
- By
October 30, 2019 1:00 PM
The TLS Post-Quantum Experiment
In a June 2019 experiment with Google, we implemented two post-quantum key exchanges, integrated them into our TLS stack and deployed the implementation on edge servers and in Chrome Canary clients....
- By
October 29, 2019 1:00 PM
DNS Encryption Explained
The Domain Name System (DNS) is the address book of the Internet. When you visit cloudflare.com or any other site, your browser will ask a DNS resolver for the IP address where the website can be found. Unfortunately, these DNS queries and answers are typically unprotected....
- By
October 28, 2019 1:00 PM
Supporting the latest version of the Privacy Pass Protocol
At Cloudflare, we are committed to supporting and developing new privacy-preserving technologies that benefit all Internet users. In November 2017, we announced server-side support for the Privacy Pass protocol, a piece of work developed in collaboration with the academic communi...
- By
September 18, 2019 2:03 PM
Cloudflare’s Approach to Research
Cloudflare’s mission is to help build a better Internet. One of the tools used in pursuit of this goal is computer science research. We’ve learned that some of the difficult problems to solve are best approached through research...
- By
June 21, 2019 1:00 PM
Introducing time.cloudflare.com
Cloudflare has always been a leader in deploying secure versions of insecure Internet protocols and making them available for free for anyone to use. In 2014, we launched one of the world’s first free, secure HTTPS service (Universal SSL) to go along with our existing free HTTP p...
- By
June 20, 2019 1:02 PM
The Quantum Menace
The impact of quantum computing on cryptography conducts research and development towards a Post-Quantum era....
- By
June 20, 2019 1:00 PM
Introducing CIRCL: An Advanced Cryptographic Library
Today we are proud to release the source code of a cryptographic library we’ve been working on: a collection of cryptographic primitives written in Go, called CIRCL. ...
- By
June 19, 2019 1:01 PM
Cloudflare's Ethereum Gateway
Today, we are excited to announce Cloudflare's Ethereum Gateway, where you can interact with the Ethereum network without installing any software on your computer....
- By