Cloudflare is now testing a resilient quantum computer-resistant key exchange process, a venture it has been working on since last year, and has recently announced that this process has entered the GA status, making it available for general use. Meanwhile, Chrome is also experimenting with supporting this key exchange process, allowing a certain number of users to gradually connect with more resilient quantum computers.
The support for this new key exchange process covers both incoming connections from browsers and outgoing connections from Cloudflare, which need to connect to customer servers. This also includes making external web calls through Cloudflare Workers. As for Cloudflare’s internal network, it is expected to be fully upgraded by the end of 2024.
The support will gradually be expanded to more customer groups. Free customers will have access to it by October, paying customers will have access by the end of the year, and enterprise customers will have access by March 2024.
The key exchange process used, called Kyber768Draft00, is a combination of Kyber and X25519. However, the key exchange standard is not yet finalized. Cloudflare states that once the standard is completed, they will promptly support the full version.
TLDR: Cloudflare has introduced a resilient quantum computer-resistant key exchange process, which is now in general use. Support will be gradually expanded to different customer groups, with the full upgrade expected to be completed by the end of 2024. The key exchange process combines Kyber and X25519, and once the standard is finalized, Cloudflare will support it.