Cloudflare announced today, April 7, 2026, a fundamental restructuring of its security roadmap, setting 2029 as a new goal to achieve comprehensive post-quantization protection.
web infrastructure company This acceleration is justified following recent advances reported by Google and Oratomic.This suggests that “Q-Day” (the moment when quantum computing breaks current encryption) could occur as early as 2030, with attacks targeting high-value targets as early as 2029.
According to Bas Westerbaan, head of post-quantum strategy at Cloudflare, computing based on neutral atoms has demonstrated great scalability.
While superconducting systems require about 1,000 physical qubits (with error correction) to generate a logical qubit, Oratomic has shown that for neutral atoms, the ratio is only 3 to 4 physical qubits for every logical qubit. This reduces the hardware needed to break the P-256 cipher to just 10,000 qubits, significantly less than previous predictions that it would pose a threat within the next decade.
Cloudflare’s statement explains that the industry has previously focused on mitigating “instant collection and subsequent decryption” (HNDL) attacks, where attackers store current data for future decryption. Cloudflare claims that 65% of human traffic already uses PQ encryption to negate this risk.
However, the new schedule prioritizes authentication. As Q-day approaches, Concerns shift to the possibility that attackers could use quantum computers to impersonate servers, forge code signatures, and compromise root certificates.
“Every remote login key becomes an access point,” the company warns, noting that a compromised authentication would be “catastrophic” and would take years to transition to a third-party dependency chain.
Cloudflare has established four key milestones toward the transition.
- Mid 2026: PQ authentication support (ML-DSA algorithm) for connections between Cloudflare and origin servers.
- Mid-2027: Implementation of Merkle Tree certificates for connections between visitors and the Cloudflare network.
- Early 2028: Complete PQ security for Cloudflare One (SASE) suite.
- 2029: Full post-quantum security available with all services and plans.
The Google report referenced by Cloudflare has been reviewed by CriptoNoticias. This indicates that it would take quantum computing approximately 9 minutes to decrypt Bitcoin, but to be clear, the technology to perform such an action does not yet exist.
Important updates that impact the world
To measure the impact of this migration, you need to specify the following: Cloudflare is one of the fundamental pillars of modern internet infrastructure.
The company handles approximately 20% of the world’s web traffic It serves more than 25 million internet assets, ranging from government portals and financial institutions to crypto exchanges.
Its core capabilities include massive denial of service (DDoS) mitigation, content delivery network (CDN) management, and DNS resolution.
Because it acts as an intermediate node (proxy) 1/5 of global navigation, The transition to post-quantum standards will ensure that the majority of economic and data activity on the network will be natively secured. Before quantum hardware could compromise current security.
(Tag translation) Cyber attack
