The countdown to Y2Q, the day when quantum computers can decrypt public key algorithms is on. While researchers don’t know exactly when this will happen, the Cloud Security Alliance (CSA) estimates this could be as soon as April 14th, 2030. 

Although many organizations are waiting for post-quantum threats to become tangible before taking action against them, other providers like Content Delivery Network (CDN) giant Cloudflare are diving straight in and responding with quantum-safe solutions. 

Today, Cloudflare announced it has launched post-quantum cryptography support for all websites and APIs served through its network. Essentially, this will introduce quantum computer proof encryption for all sites using Cloudflare, which accounts for 19.1% of all websites according to W3Techs.

Above all, the fact that a prominent security vendor like Cloudflare is committing to post-quantum cryptography highlights that enterprises should take the threat of malicious quantum computers seriously. 

Countdown to Y2Q: Why the time for post-quantum is now 

The announcement comes shortly after Cloudflare announced the release of the first Zero Trust SIM to secure mobile devices, and stout a $1.25 billion funding program designed to help startups scale their businesses. 

Now Cloudflare is the first content delivery network to support post-quantum TLS based on NIST’s chosen Cyber algorithm. While this decision may seem premature, it’s at the perfect time to prevent Harvest Now, Decrypt Later style attacks. 

Currently, threat actors and nation states can collect encrypted data with the intention to decrypt it once quantum computing advances to the level necessary to decrypt it. 

“There is an expiration date on the cryptography we use every day. It’s not easy to read, but somewhere between 15 or 40 years, a sufficiently powerful quantum computer is expected to be built that’ll be able to decrypt essentially any encrypted data on the Internet today,” wrote Cloudflare in the announcement blog post.

“Starting today, as a beta service, all websites and APIs served through Cloudflare support post-quantum hybrid key agreement. This is on by default; no need for an opt-in. This means that if your browser/app supports it, the connection to our network is also secure against any future quantum computer,” the post said. 

The post-quantum cryptography market

As quantum computers develop further, interest in post-quantum cryptography continues to grow with researchers anticipating that the post-quantum cryptography market will reach a value of $476.83 million by 2030, growing at a Compound Annual Growth Rate (CAGR) of 18.67%. 

Of course, Cloudflare isn’t the only provider taking post-quantum threats seriously. Other vendors like PQShield, which announced raising $20 million in funding earlier this year, are leveraging post-quantum cryptography to enable enterprises to develop secure cryptographic solutions for messaging platforms, apps, and mobile technologies. 

Likewise, SandboxAQ, which Alphabet spun off at the start of this year with 9 figures in funding, is combining AI and quantum computing together to offer next-generation encryption solutions. 

The vendor’s Security AQ Analyzer creates a cryptographic inventory to understand an organization’s cryptographic posture and help plan the move to post-quantum cryptography. Its Security AW Maestro solution then uses machine learning to automate the orchestration of algorithms and protocols to optimize performance for end users. 

However, Cloudflare’s widespread reach as one of the largest CDN providers in the market gives it the potential to contribute to the most widespread adoption of post-quantum cryptography yet.