Cloudflare Adds Quantum-Safe Encryption to Zero Trust Tools

Quantum computing will transform the enterprise. It offers a paradigm shift for businesses, with the capability to enable faster data analysis, improved supply chain management, enhanced innovation and strategic decision making.

But the step-change in capability presents a challenge for security leaders: quantum computers are actively being developed that will eventually have the ability to break the cryptography we currently rely on for security. 

This creates an urgency that’s being recognised across the industry. In November 2024, the National Institute of Standards and Technology (NIST) made a landmark announcement setting a timeline to shift to post-quantum cryptography standards.

Global cybersecurity leader Cloudflare isn’t waiting until NIST’s 2035 deadline for this transition, however. 

It has been at the forefront of developing, standardising and implementing post-quantum cryptography to withstand attacks by quantum computers since 2017.

Now it has expanded post-quantum cryptography support to its Zero Trust Network Access (ZTNA) solution, setting a new industry standard as the first cloud-native quantum-safe zero trust solution.

Matthew Prince, co-founder and chief executive at Cloudflare, says: “Cloudflare has long committed to making post-quantum security the new baseline for internet security, delivering it to all customers so we can bolster defences against future quantum threats. 

"Now, we’re offering that protection built directly into our Zero Trust solutions.”

The risks of quantum computing for encrypted data

Encryption plays a central role in securing internet-based data, including private messages, financial transactions and sensitive business information. 

But quantum computers could eventually break the encryption algorithms currently in use across the internet.

These conventional methods, used by banks, hospitals, government services and home electronics, are not built to withstand the capabilities of quantum computing. As a result, a major threat looms for any information protected by outdated encryption. 

If encrypted data is intercepted today, it could be stored and decrypted later when quantum machines become powerful enough—a tactic known as a "harvest-now, decrypt-later" attack.

Helping business resist attack

Cloudflare's upgrade means that organisations can immediately route browser-based communication to internal web applications using encryption resistant to quantum computing threats. 

This end-to-end protection secures online activity without needing to upgrade individual apps.

The firm also plans to broaden this support by mid-2025 to cover all Internet Protocol (IP) traffic—allowing organisations to secure a wider range of tools, devices and networks using quantum-safe methods. 

Once in place, Cloudflare users can rely on the service to handle all post-quantum encryption needs, removing the requirement for internal teams to retrofit their own systems individually.

 “We want every Cloudflare customer to have a clear path to quantum safety, and we are already working with some of the most innovative banks, ISPs and governments around the world as they begin their journeys to quantum security,” says Matthew. 

“We will continue to make advanced cryptography accessible to everyone, at no cost in all of our products.”

Quantum protection in Zero Trust systems

ZTNA is a modern approach to network security that replaces the traditional idea of a secure perimeter. 

Instead of granting users full access once they’re inside a network, ZTNA verifies identity and controls access continuously. 

Cloudflare’s updated version now means that organisations can:

• Protect web-based access to corporate systems: Cloudflare now supports post-quantum encryption between web browsers and applications such as HR platforms or payroll systems. This offers protection without requiring developers to alter every application individually.
  
  
• Secure data from quantum-era threats: The new configuration makes it harder for attackers to store encrypted traffic now and decrypt it once quantum computers mature. All internet traffic can be routed through Cloudflare’s global network to gain quantum resilience.
  
  
• Prepare for future compatibility: By mid-2025, Cloudflare will extend support beyond web apps to cover all major IP protocols. This includes traffic heading to data centres, cloud platforms or remote offices.

Cloudflare’s post-quantum protections are already active across more than 35 percent of all human-generated traffic passing through its global infrastructure.

Tom Patterson, Emerging Technology Security Lead at Accenture, which is a tech partner for Cloudflare, says: “The world has five years to replace vulnerable cryptography with post-quantum solutions. 

“To meet this urgent client need, Accenture and Cloudflare offer a hybrid approach, enabling an iterative, low-risk migration while maintaining compatibility and cryptographic agility.”

Explore the latest edition of Cyber Magazine and be part of the conversation at our global conference series, Tech & AI LIVE and Cyber LIVE.

Discover all our upcoming events and secure your tickets today.

Cyber Magazine is a BizClik brand