Post-quantumify internal services: Logfwrdr, Tunnel, and gokeyless
Cloudflare is working on adding post-quantum cryptography to its systems, a process they refer to as "post-quantumifying" their services. The company has started by migrating Transport Layer Security (TLS) protocols and connections to use post-quantum cryptography for confidentiality protection. They have implemented a hybrid mechanism that combines both classical and post-quantum algorithms, ensuring the security of their connections in case the security of the post-quantum algorithm fails. Cloudflare has successfully tested this new mechanism in specific internal services such as Logfwrdr, Cloudflare Tunnel, and GoKeyless. The next steps involve migrating more codebases to modified TLS libraries and extending the use of post-quantum cryptography beyond their edge network to reach customer connection points.
Company
Cloudflare
Date published
Feb. 25, 2022
Author(s)
SofĂa Celi, Goutam Tamvada, Thom Wiggers
Word count
3084
Language
English
Hacker News points
2