Cloudflare Democratizes Post-Quantum Cryptography By Delivering It For Free, By Default
Already powering more than 99% of all websites that support NIST standard track post-quantum cryptography today, Cloudflare aims to help defend online users against threats of advanced computing
San Francisco, CA, March 16, 2023 – Cloudflare, Inc. (NYSE: NET), the security, performance, and reliability company helping to build a better Internet, today announced it will provide post-quantum cryptography for free by default to all customers to help secure their websites, APIs, cloud tools and remote employees against future threats. Now, all Cloudflare customers will be able to seamlessly migrate to the next era of cybersecurity standards–instantly and for free. Cloudflare is making this commitment at the 2023 Summit for Democracy in support of a more responsive and resilient Internet, and will additionally publish vendor-neutral roadmaps based on NIST standards to help businesses secure any connections that are not protected by Cloudflare.
Quantum computers–which perform complex computations at an exponentially faster rate than today’s machines–are expected to become advanced enough in the coming years to decrypt much of the encrypted data on the Internet. The Biden Administration recently mandated government agencies, and is encouraging the private sector, to prepare for quantum computers that could break encryption in the future of data stolen today. Today’s CISOs and CIOs know they need to prepare today to migrate to post-quantum cryptography before this happens. Unfortunately, emerging vendors want to capitalize on this to charge unnecessarily high fees–limiting the access and affordability for businesses, as well as non-profits and civil society organizations.
“There are companies out there that want to charge CISOs exorbitant amounts to prepare for future attacks from quantum computers. At Cloudflare, we believe that privacy should be a human right and that post-quantum security should be the new baseline for the Internet–not an exploitative expense for businesses. That’s why we are promising today to help equip businesses as well as non-profits and users with the most advanced cryptography available and to never charge for it, ” said Matthew Prince, co-founder and CEO of Cloudflare.
Cloudflare has helped lead the development of post-quantum cryptography standards since 2018, and made post-quantum cryptography available as a beta to interested customers in 2022. Cloudflare believes that over 99% of websites on the Internet that already support NIST-approved post-quantum cryptography for their connections are powered by Cloudflare, and over 1 billion HTTP requests have been protected with post-quantum cryptography by Cloudflare since 2019.
To learn more about Cloudflare’s post-quantum cryptography, please check out these resources:
- Post-quantum crypto should be free, so we’re making it free, forever
- Introducing post-quantum Cloudflare Tunnel
- NIST’s pleasant post-quantum surprise
- Post-quantumify internal services: Logfwrdr, Tunnel, and gokeyless
- The post-quantum state: a taxonomy of challenges
- The TLS Post-Quantum Experiment
About Cloudflare
Cloudflare, Inc. (www.cloudflare.com / @cloudflare) is on a mission to help build a better Internet. Cloudflare’s suite of products protect and accelerate any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was named to Entrepreneur Magazine’s Top Company Cultures 2018 list and ranked among the World’s Most Innovative Companies by Fast Company in 2019.
Forward-Looking Statements
This press release contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended, which statements involve substantial risks and uncertainties. In some cases, you can identify forward-looking statements because they contain words such as “may,” “will,” “should,” “expect,” “explore,” “plan,” “anticipate,” “could,” “intend,” “target,” “project,” “contemplate,” “believe,” “estimate,” “predict,” “potential,” or “continue,” or the negative of these words, or other similar terms or expressions that concern Cloudflare’s expectations, strategy, plans, or intentions. However, not all forward-looking statements contain these identifying words. Forward-looking statements expressed or implied in this press release include, but are not limited to, statements regarding the capabilities and effectiveness of post-quantum cryptography and Cloudflare’s other products and technology, the potential benefits to customers of using post-quantum cryptography and Cloudflare’s other products and technology, the timing of when post-quantum cryptography will be available to current and potential Cloudflare customers and when Cloudflare will make all its Zero Trust offerings post-quantum secure and publish vendor-neutral roadmaps based on NIST standards, Cloudflare’s technological development, future operations, growth, initiatives, or strategies, and comments made by Cloudflare’s CEO and others. Actual results could differ materially from those stated or implied in forward-looking statements due to a number of factors, including but not limited to, risks detailed in Cloudflare’s filings with the Securities and Exchange Commission (SEC), including Cloudflare’s Annual Report on Form 10-K filed on February 24, 2023, as well as other filings that Cloudflare may make from time to time with the SEC.
The forward-looking statements made in this press release relate only to events as of the date on which the statements are made. Cloudflare undertakes no obligation to update any forward-looking statements made in this press release to reflect events or circumstances after the date of this press release or to reflect new information or the occurrence of unanticipated events, except as required by law. Cloudflare may not actually achieve the plans, intentions, or expectations disclosed in Cloudflare’s forward-looking statements, and you should not place undue reliance on Cloudflare’s forward-looking statements.
© 2023 Cloudflare, Inc. All rights reserved. Cloudflare, the Cloudflare logo, and other Cloudflare marks are trademarks and/or registered trademarks of Cloudflare, Inc. in the U.S. and other jurisdictions. All other marks and names referenced herein may be trademarks of their respective owners.