Cloudflare moves up its post-quantum deadline as researchers narrow the path to Q-Day
Cloudflare announced it is targeting 2029 to complete post-quantum security across its entire product suite, including post-quantum authentication. The company is following a revised roadmap that Google also adopted after announcing that it had improved the quantum algorithm used to break elliptic curve cryptography. Google stopped short of publishing the algorithm, disclosing only a zero-knowledge proof of its existence.
The same day, a company called Oratomic published a resource estimate for breaking RSA-2048 and P-256 on a neutral atom quantum computer. The estimate for P-256 put the qubit requirement at roughly 10,000, a number researchers in the field described as unexpectedly low.
Three engineering fronts converging
Breaking public-key cryptography with a quantum computer requires advances on three separate fronts: hardware architecture, error correction, and quantum software. Progress on each compounds the others.
On the hardware side, neutral atom machines have become more competitive than many researchers expected a few years ago. Oratomic’s disclosure showed that highly connected neutral atom qubits enable substantially better error correcting codes than previously demonstrated. In practice, that means only around 3 to 4 physical neutral atom qubits are required per logical qubit, compared to roughly 1,000 physical qubits per logical qubit for noisy superconducting quantum computers with neighbor-only connectivity. Google’s algorithmic improvement to crack P-256 compounds the hardware and error correction gains by reducing how much computation is needed in the first place.
These advances prompted Google to accelerate its post-quantum migration timeline to 2029, and IBM Quantum Safe’s CTO has stated publicly that quantum moonshot attacks could arrive as early as that same year.
Authentication replaces encryption as the primary concern
For most of the past decade, the industry’s post-quantum focus centered on encryption: specifically, stopping adversaries from harvesting encrypted traffic now and decrypting it later once quantum computers become capable enough. Cloudflare began addressing that risk in 2022, when it announced that websites and APIs served through its network support post-quantum hybrid key agreement. The company said it secured connections to origins and many internal connections in 2023, and that over 50% of human traffic now uses post-quantum key agreement.
Authentication is a different problem. An adversary with a working quantum computer can forge access credentials, which means any quantum-vulnerable remote login key becomes a potential entry point. Software update mechanisms become remote code execution vectors. Long-lived keys, including root certificates, API authentication keys, and code-signing certificates, carry the greatest exposure because compromising one provides persistent access until discovery or revocation.
Sharon Goldberg, Senior Product Director at Cloudflare, told Help Net Security that the company is treating the upgrade as universal. “We’re approaching this as a blanket upgrade that has to be accomplished across our entire product suite, and that will be available to all of our paying and free customers,” she said.
Goldberg noted that attackers working with expensive, scarce early-generation quantum computers will look for efficiency. “Threat actors will always look for the lowest common denominator to exploit,” she said. “Why leverage quantum computers when there are still unpatched zero-days or employees who will click a malicious link?” The implication is that first-generation quantum attacks will be selective, targeting the highest-value keys. Later generations of more scalable machines change that calculus.
Sector gaps in readiness
Cloudflare sits in a position to observe post-quantum readiness across a broad cross-section of Internet traffic. Goldberg said governments, financial services firms, and telecommunications companies have made more progress on the post-quantum cryptography transition than other sectors. Healthcare, technology, and consumer industries are further behind.
The sectors Cloudflare considers most exposed are those that depend on systems that are difficult to update or replace: automotive, utilities, satellites, and consumer electronics. Goldberg said a compensating approach for these industries is to route legacy traffic over quantum-safe tunnels.
“In every industry, the focus thus far has been on post-quantum encryption to protect against adversaries that harvest data now, in order to decrypt it later once powerful quantum computers become available,” Goldberg said. “This focus is now going to change as vendors increasingly start offering solutions for post-quantum authentication.”
Cloudflare’s intermediate milestones
Cloudflare laid out a series of milestones toward its 2029 target. The company plans to add support for post-quantum authentication using ML-DSA to origin connections by mid-2026. By mid-2027, it aims to have post-quantum connections from end users to Cloudflare using Merkle Tree Certificates. Its Cloudflare One SASE product suite is targeted for post-quantum authentication by early 2028.
The company said post-quantum upgrades will be available to all customers at no additional cost, including those on free plans.
Migrating to post-quantum authentication is more complex than migrating encryption. Disabling quantum-vulnerable cryptography is necessary to prevent downgrade attacks, and once that is done, all previously exposed secrets, including passwords and access tokens, require rotation. Cloudflare noted that federated systems like the public web present particular challenges because not every client will support post-quantum certificates immediately, meaning servers must continue supporting legacy clients during the transition period. The company said “PQ HSTS” and certificate transparency offer downgrade protection for HTTPS in the interim.
Organizations with third-party dependencies face an additional layer of exposure. Quantum-vulnerable cryptography in a supply chain can undermine a fully upgraded internal system. Cloudflare recommended that businesses make post-quantum support a requirement in procurement decisions and prioritize assessing the impact of critical vendors failing to upgrade.
Secure by Design: Building security in at the beginning
Facts Only
Cloudflare aims to complete post-quantum security across its product suite by 2029.
Google improved a quantum algorithm for breaking elliptic curve cryptography but did not publish it.
Oratomic estimated breaking P-256 encryption requires roughly 10,000 qubits.
Neutral atom quantum computers show progress, with 3-4 physical qubits per logical qubit.
Google and IBM project quantum threats could emerge by 2029.
Cloudflare introduced post-quantum hybrid key agreement in 2022 and secured over 50% of human traffic by 2023.
Authentication is now a primary concern due to quantum forgery risks for credentials.
Cloudflare plans post-quantum authentication for origin connections by mid-2026 and end-user connections by mid-2027.
Sectors like finance and government are more prepared than healthcare and consumer industries.
Legacy systems in automotive, utilities, and consumer electronics face challenges in updating.
Cloudflare will offer post-quantum upgrades to all customers, including free plans.
Transitioning requires disabling vulnerable cryptography and rotating exposed secrets.
Executive Summary
Cloudflare has accelerated its post-quantum security timeline, aiming to complete the transition across its entire product suite by 2029. This shift follows advancements in quantum computing, including Google's improved algorithm for breaking elliptic curve cryptography and Oratomic's estimate that breaking P-256 encryption may require only 10,000 qubits—far fewer than previously expected. The convergence of hardware, error correction, and quantum software progress has prompted urgency, with Google and IBM also projecting potential quantum threats by 2029.
The focus is expanding from post-quantum encryption to authentication, as quantum computers could forge credentials, compromising long-lived keys like root certificates and API tokens. Cloudflare plans milestones such as post-quantum authentication for origin connections by mid-2026 and end-user connections by mid-2027. While sectors like finance and government are further ahead, industries with hard-to-update systems (e.g., automotive, utilities) lag behind. The transition is complex, requiring key rotation and support for legacy systems during the shift.
Full Take
The narrative presents a compelling case for urgency in post-quantum migration, grounded in tangible advancements like Google's algorithmic breakthrough and Oratomic's qubit estimates. The strongest version of this argument highlights the compounding risks of hardware, error correction, and software progress, framing 2029 as a plausible inflection point. Credit is due for acknowledging the complexity of authentication over encryption and the sectoral disparities in readiness.
However, the framing leans toward a "ticking clock" urgency, which could risk oversimplifying the uncertainty around quantum timelines. The emphasis on 2029 as a deadline—while supported by Google and IBM—assumes linear progress in quantum computing, which history shows is unpredictable. The article also implicitly prioritizes Cloudflare's perspective, though it does note sectoral gaps and transition challenges.
Root cause: The narrative reflects a broader paradigm shift from theoretical quantum risks to actionable threats, driven by corporate and governmental recognition of supply chain vulnerabilities. The unstated assumption is that early quantum attacks will be selective, targeting high-value keys—a plausible but unproven scenario.
Implications: Human agency here lies in proactive migration, but the cost burden falls unevenly. Smaller organizations or legacy-dependent industries may struggle, while well-resourced sectors (finance, government) adapt faster. Second-order consequences include potential fragmentation in cryptographic standards during transition periods.
Bridge questions: How might overestimating quantum timelines lead to premature obsolescence of current security investments? What role should regulatory bodies play in enforcing post-quantum standards across lagging sectors? Could the focus on authentication divert attention from other quantum-vulnerable attack surfaces?
Counterstrike scan: A coordinated influence campaign would amplify fear of imminent quantum threats to drive adoption of specific solutions (e.g., Cloudflare's services). The article avoids overt alarmism but does frame 2029 as a critical deadline. No structural alignment with manipulation patterns is detected—it presents evidence-based urgency without exaggeration.
Patterns detected: none
Sentinel — Human
The provided text shows low signs of being AI-generated. It exhibits inconsistent sentence length variance and a coherent narrative without excessive balance or absence of personality, suggesting it is likely written by a human.
