2026-04-09 · cloudflare
Cloudflare says it is accelerating its post-quantum roadmap and now targets 2029 for full PQ security across its platform. The company says the shift is driven by faster-than-expected quantum progress and the need to secure authentication, not just encryption. That matters for cold storage because long-retention data increasingly needs protection against future decryption risk, not just today’s threats.
Cloudflare had already enabled post-quantum encryption for websites and APIs, but now wants to finish the job with post-quantum authentication. The company says most of its traffic is already PQ encrypted, yet authentication remains the critical gap.
Harvest-now, decrypt-later attacks are especially dangerous for archived data because the compromise may not show up until years later. If identity and authentication stay weak, attackers can undermine trust even without breaking the encrypted transport.
Cold storage should be paired with long-term crypto planning, including migration paths to PQ-safe signing and authentication. The best defense is keeping archives offline while also making sure the cryptographic assumptions survive the next decade.
Read Original Post →