May 2, 2024
•
3
min read
Cloudflare, Google, and the need to start post-quantum transition efforts now
As continued breakthroughs in quantum computing increase, so too does the likelihood that a quantum computer that can break conventional cryptography will be available sooner rather than later. For years, the National Institute of Standards and Technology (NIST) has been focused on identifying and standardizing new quantum-safe cryptographic algorithms, and so too leaders like Cloudflare and Google have been at work focused on experimenting with and scaling implementations of post-quantum cryptography (PQC).
Quantum computing promises breakthroughs in many fields but also poses a unique threat to current cryptographic standards. The concept of "harvest now, decrypt later" (HNDL) attacks is particularly alarming as adversaries can collect encrypted data today to decrypt it in the future using powerful quantum computers. This threat makes the shift to PQC not just prudent but necessary, and not just a problem to be kicked down the road to when quantum computers become sufficiently powerful, but addressed today.
Cloudflare has been experimenting with and scaling updates to its edge servers for the past two years to support a hybrid X25519+Kyber key exchange, an important move towards quantum-safe cryptography. This past weekend Bas Wasterbaan, a research engineer from Cloudflare posted that nearly 25% of their TLS 1.3 traffic to their edge servers was now quantum-safe. While that is a great first step, he also indicated that only about 0.5% of communications between Cloudflare and organizations' origin servers were similarly secured.
We've talked with many organizations about their understanding of what's involved with the shift to PQC... and often the first response is that they expect their vendors to take care of it.
The dichotomy between PQC support between the Cloudflare's edge and customers' origin servers highlights that there is a shared responsibility model between customers and their vendors to secure their data, systems, and communications as we make this transition.
Cloudflare has been working alongside Google who has implemented support for X25519+Kyber in Chrome. But reports today have come out today that Chrome users upgrading to version 124 of the world’s most popular browser are experiencing issues with the upgrade. The root cause here seems centered on legacy server configurations that can't handle even the attempt at a hybrid request.
For years, governments, industry consortia, and cybersecurity experts have advised organizations to start their PQC transition planning because interoperability, cryptographic complexity, and performance considerations are serious barriers to the shift and will take time to work out. The experience for Google Chrome users highlights just the reality of these issues – organizations must recognize that updates to cryptographic protocols can lead to interoperability issues and require significant adjustments in existing infrastructure.
Organizations and their vendors both have responsibility in making the shift to post-quantum cryptography – and because of the present risk of harvest now/decrypt later attacks alongside the complexity of making cryptographic updates, organizations, together with their vendors, need to start transition efforts now. With quantum computing on the horizon, the risk of not updating cryptographic practices grows each day and the need to start the transition to post-quantum cryptography cannot be overstated.