惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

爱范儿
爱范儿
aimingoo的专栏
aimingoo的专栏
Y
Y Combinator Blog
Vercel News
Vercel News
Blog — PlanetScale
Blog — PlanetScale
有赞技术团队
有赞技术团队
P
Proofpoint News Feed
WordPress大学
WordPress大学
V
V2EX
The Register - Security
The Register - Security
博客园 - 聂微东
酷 壳 – CoolShell
酷 壳 – CoolShell
博客园 - Franky
D
DataBreaches.Net
G
Google Developers Blog
O
OpenAI News
S
Schneier on Security
Simon Willison's Weblog
Simon Willison's Weblog
I
Intezer
Engineering at Meta
Engineering at Meta
Recorded Future
Recorded Future
T
Threatpost
The Hacker News
The Hacker News
Cisco Talos Blog
Cisco Talos Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
B
Blog RSS Feed
Apple Machine Learning Research
Apple Machine Learning Research
T
The Exploit Database - CXSecurity.com
L
LINUX DO - 热门话题
G
GRAHAM CLULEY
博客园 - 叶小钗
V
Vulnerabilities – Threatpost
云风的 BLOG
云风的 BLOG
L
LINUX DO - 最新话题
MyScale Blog
MyScale Blog
L
LangChain Blog
Scott Helme
Scott Helme
大猫的无限游戏
大猫的无限游戏
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
雷峰网
雷峰网
Google Online Security Blog
Google Online Security Blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
N
News | PayPal Newsroom
NISL@THU
NISL@THU
M
MIT News - Artificial intelligence
Cloudbric
Cloudbric
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
The Cloudflare Blog
Recent Announcements
Recent Announcements

PostQuantum – Quantum Computing, Quantum Security, PQC

Lightning Network's Quantum Problem Ethereum's Five Quantum Vulnerabilities Bitcoin's Quantum Vulnerability — Anatomy How Close Is the Quantum Threat? Resource Estimates The Quantum Threat to Cryptocurrencies: What's Real Lattice-Based PQC "Limitations" Paper — A Reality Check China's Hanyuan-2 Dual-Core Quantum Computer Pick One Layer First for Your Post-Quantum Migration Cisco Quantum Switch: Room-Temperature Qubit Routing IonQ Claims Q-Day by 2029 — Here's What They Actually Said Project Eleven's 110-Page Quantum Blockchains Report QuantWare Raises $178M Series B Q-CTRL Claims Practical Quantum Advantage Quantum Computing Simulates 12,635-Atom Protein How Quantum Snake Oil Vendors Respond to Hard Questions Simulated Quantum Entanglement | PostQuantum.com Quantum Snake Oil: Guide to Misleading Quantum Terms Quantum AI Trading — Quantum Snake Oil Dictionary Quantum-Proof — Quantum Snake Oil Dictionary Quantum-Grade Encryption — Quantum Snake Oil Dictionary Quantum-Safe Certified — Quantum Snake Oil Dictionary Military-Grade Quantum Encryption | PostQuantum.com What Is a QBOM? Quantum Bill of Materials vs CBOM Explained Quantum-Inspired Encryption — Quantum Snake Oil Dictionary What Is Trust Now, Forge Later (TNFL)? Quantum Blockchain — Quantum Snake Oil Dictionary What Is PQC Migration? The Largest Cryptographic Overhaul Quantum Financial System (QFS) | PostQuantum.com What Is QKD (Quantum Key Distribution)? What Is Quantum Error Correction (QEC)? Unhackable Quantum Encryption | PostQuantum.com Unconditionally Secure — Quantum Snake Oil Dictionary Perfect Secrecy — Quantum Snake Oil Dictionary Information-Theoretic Security | PostQuantum.com Quantum Encryption / Quantum Cryptography Quantum-Enhanced — Quantum Snake Oil Dictionary Quantum-Safe vs Quantum-Resistant vs Post-Quantum Anatomy of Quantum Denial: Bitcoin's Example What Is a Logical Qubit? The Metric That Actually Matters What Is a CRQC? Quantum Computer That Breaks Encryption What Is Q-Day? When Quantum Computers Break Encryption What Is Harvest Now, Decrypt Later (HNDL)? What Is Grover's Algorithm? What Is Shor's Algorithm? The Quantum Threat Explained What Is Quantum Safe? What the Label Means for CISOs What Is Quantum Computing Security? What Is Quantum Cyber Security? What Is Quantum Cryptography? QKD, PQC, and related? Quantum Security: A Complete Guide for Security Leaders What Is Post-Quantum Cryptography (PQC)? Crypto-Agility Is an Architecture Problem, Not a Library Swap IBM Quantum Advantage 2026: Heron + Fugaku Analyzed Aaronson Warns: CRQC by 2029 Is Plausible U.S. Quantum Policy: NQI Reauthorization and PQC Bills The Narrow Advantage: Why Quantum Computing Will Transform Five Industries and Disappoint Twenty The Error Correction Revolution Rewriting Quantum Timelines The Signature Supply Chain: How Deep Does Digital Trust Go? Quantum Chemistry's Honest Ledger: What the Resource Estimates Actually Say About Drug Discovery, Catalysis, and Materials Design Why Quantum Won't Save Wall Street (Yet): An Honest Assessment of Quantum Computing in Finance PQC Standards Fragmentation Quantum Sovereignty and the Utility Trap The Decoder Bottleneck: The CRQC Challenge Nobody Is Talking About IonQ Publishes Complete Fault-Tolerant Blueprint for Trapped Ions — The Walking Cat Architecture Quantum Computing by 2033: Which Industries Win, Which Wait, and Why Nature Reviews Publishes the Definitive CMOS–Spin Qubit Compatibility Assessment IonQ Photonic Interconnect: First Networked Commercial Quantum Computers QuEra Achieves 2:1 Physical-to-Logical Qubit Ratio With Ultra-High-Rate qLDPC Codes Grover's Algorithm vs AES - Why "Ignore It" Is Almost Right McKinsey Quantum Monitor 2026: Tipping Point? Meta PQC Migration Playbook: Lessons for CISOs NVIDIA Ising: Open AI Models for Quantum Calibration and Error Correction Harvard's Cascade Neural Decoder PQC Signature Migration Before Encryption Architecture Matters as Much as the Algorithm: Q-CTRL's Heterogeneous Quantum Computer Design Cuts RSA-2048 to 190k-381k Qubits China's Quantum Sensing Ecosystem: From Deep-Sea Diamonds to Drone-Mounted Submarine Hunters China's Quantum Sensing Ecosystem: From Deep-Sea Diamonds to Drone-Mounted Submarine Hunters China's Quantum Networking and QKD — World's Most Ambitious Quantum Communication Program Anthropic's Mythos Preview and the End of a Twenty-Year Cybersecurity Equilibrium China's Quantum Networking and QKD — World's Most Ambitious Quantum Communication Program China's Quantum Computing Hardware: The Core Capability the West Keeps Misjudging China's Quantum Computing Hardware: The Core Capability the West Keeps Misjudging QuiX Quantum Achieves First Below-Threshold Error Mitigation in Photonic Quantum Computing China's Quantum Talent Ecosystem: Building a Superpower's Workforce Quantum Threat Timeline Report 2025: Record Predictions, But Can the Survey Keep Up? China's Quantum Talent Ecosystem: Building a Superpower's Workforce China's Hefei National Laboratory: The Nerve Center of a Quantum Superpower China's Hefei National Laboratory: The Nerve Center of a Quantum Superpower Gauge Theory Meets Quantum Computing China's 15th Five-Year Plan Makes Quantum an Industrial Imperative — Not Just a Research Priority China's 15th Five-Year Plan Makes Quantum an Industrial Imperative — Not Just a Research Priority QuantumShield360 AI Achieves World's First Complete Post-Quantum Cryptography Migration — Full Quantum Resilience Across All Enterprise Systems 10,000 Qubits to Run Shor's Algorithm Google Quantum AI Achieves 10x Reduction in Resources to Break Bitcoin's Cryptography The U.S. Intelligence Community Just Put Quantum on Equal Footing with AI. And Expanded the Threat Definition Google Just Drew a Line in the Sand: PQC Migration by 2029 Silicon Crosses the Logical Threshold: First Universal Logical Operations Demonstrated in a Silicon Quantum Processor The 1,000-Qubit Ceiling That Probably Isn't Science Confirms What Large Corporate Survivors Already Knew - Organizational Bullshit Makes You Worse at Your Job A New Algorithm Shrinks the Quantum Attack Surface for ECC Quantinuum Squeezes 94 Logical Qubits from 98 Physical — But What Does It Actually Mean?
Cloudflare Joins Google: Two Internet Giants Now Say 2029 for Post-Quantum Migration
2026-04-07 · via PostQuantum – Quantum Computing, Quantum Security, PQC

7 Apr 2026 – Cloudflare, the infrastructure company that handles a significant share of global internet traffic, today announced it is accelerating its post-quantum cryptography roadmap and targeting 2029 for full post-quantum security — including, critically, post-quantum authentication.

The announcement, authored by Cloudflare Research’s Bas Westerbaan, explicitly cites last week’s Google Quantum AI ECC-256 resource estimates and Oratomic’s 10,000-qubit Shor’s algorithm paper as the catalysts for the accelerated timeline. Cloudflare states it has moved to match Google’s own 2029 PQC migration deadline, announced on March 25.

Cloudflare reports that over 65% of human-initiated traffic to its network already uses post-quantum encryption, protecting against Harvest Now, Decrypt Later (HNDL) attacks. The company has offered post-quantum key exchange on all websites and APIs since 2022. But the new roadmap addresses the harder problem: post-quantum authentication — digital signatures, certificates, and the identity infrastructure that verifies who you’re talking to.

The blog post also references IBM Quantum Safe CTO Michael Osborne’s assessment that quantum “moonshot attacks” on high-value targets cannot be ruled out as early as 2029, and quotes quantum computer scientist Scott Aaronson’s warning that researchers working on Shor’s algorithm resource estimates may have already stopped publishing their findings.

Cloudflare commits to providing all post-quantum upgrades to customers across every plan at no additional cost, consistent with its 2014 decision to offer free universal SSL certificates.

My Analysis

Two Giants, One Number: Why 2029 Is No Longer Just Google’s Bet

When I wrote about Google’s 2029 PQC migration deadline two weeks ago, I noted that Google occupied a unique dual position — building the quantum computer while simultaneously setting the deadline to defend against it. The obvious question was whether Google’s timeline would remain an outlier or become the benchmark.

We got our answer in thirteen days.

Cloudflare’s decision to match Google’s 2029 target transforms this from a single company’s internal risk calculus into an emerging industry consensus among the companies that actually operate the internet’s infrastructure. These aren’t two vendors issuing marketing roadmaps. Google handles the browser (Chrome), the mobile OS (Android), and a major cloud platform. Cloudflare handles DNS, CDN, DDoS protection, and reverse-proxy services for a substantial fraction of global web traffic. Between them, these two companies touch a staggering share of the internet’s cryptographic surface area.

And they’re saying the same thing: done by 2029. Not started. Done.

The Research That Moved the Needle

Cloudflare’s blog is unusually transparent about what changed their calculus. They name the papers. Last week, Google Quantum AI published resource estimates showing ECC-256 could be broken with fewer than 500,000 physical superconducting qubits in minutes. The same day, Oratomic, Caltech, and UC Berkeley published a neutral-atom resource estimate requiring only about 10,000 physical qubits to run Shor’s algorithm against P-256 — with an encoding rate of roughly 3-4 physical qubits per logical qubit, thanks to the connectivity advantages of reconfigurable neutral-atom architectures.

Cloudflare’s Westerbaan frames this as convergent progress across three independent fronts — hardware, error correction, and quantum software — where advances on each front compound the others. This is exactly right, and it maps directly onto my CRQC Quantum Capability Framework. The Google paper pushed forward C.2: Magic State Production and D.1: Algorithm Integration capabilities. The Oratomic paper represents a breakthrough in B.1: Quantum Error Correction and B.4: Qubit Connectivity by exploiting the native all-to-all connectivity of neutral atoms. When these capabilities advance simultaneously, the compounding effect is exactly what pulls Q-Day estimates forward.

As I detailed in my analysis of both papers, the same-day publication was not a coincidence — Oratomic’s resource estimates build directly on Google’s circuit compilations. This was coordinated disclosure. Cloudflare clearly read it the same way.

Authentication First: The Industry Is Arriving at TNFL

The most significant shift in Cloudflare’s announcement — and the one that should concern CISOs most — is the explicit prioritization of post-quantum authentication over encryption.

Cloudflare states it plainly: if Q-Day is imminent, broken authentication is catastrophic. Any overlooked quantum-vulnerable remote-login key becomes an access point. Any automatic software update mechanism becomes a remote code execution vector. An active quantum attacker only needs to find one trusted quantum-vulnerable key to get in.

This is the Trust Now, Forge Later (TNFL) thesis that I first articulated in 2018 under the original “Sign Today, Forge Tomorrow” framing. For years, the conventional wisdom prioritized HNDL — protect encryption first, worry about signatures later. Google’s March 25 announcement was the first hyperscaler to publicly reverse that priority. Now Cloudflare is the second.

Two of the internet’s largest infrastructure providers have independently concluded that forged authentication is a more dangerous near-term quantum threat than decrypted archives. The logic is sound and, frankly, should have been obvious earlier: the first generation of CRQCs will be scarce, expensive machines. A rational adversary with limited quantum compute will target long-lived signing keys — root certificates, code-signing keys, firmware verification — where a single forgery unlocks persistent access. Bulk decryption of archived ciphertext requires orders of magnitude more quantum computation for far less strategic leverage.

Cloudflare adds an important nuance that Google’s announcement did not fully explore: the dependency chain. Unlike post-quantum encryption, which took one big push, migrating to post-quantum authentication has a long sequence of dependencies — certificate authority upgrades, HSM support, CA/Browser Forum approval, audit cycles, and third-party validation systems. Cloudflare estimates this will take “years, not months.” They’re right. And this is exactly why the organizations that haven’t started are in deeper trouble than they realize.

The Aaronson Quote and the End of Public Research

Cloudflare’s blog includes a striking quote from quantum computer scientist Scott Aaronson, warning that researchers estimating Shor’s algorithm resource requirements may have already stopped publishing their findings — because sharing them risks giving adversaries too much information.

Cloudflare’s Westerbaan then adds a sentence that should send a chill through any security professional: “That point has now passed indeed.”

This is a reference to Google’s own decision to publish its ECC-256 resource estimates via a zero-knowledge proof rather than releasing the actual quantum circuits. Google proved they have optimized circuits for breaking elliptic curve cryptography without showing anyone how they work. As I noted in my analysis of Google’s cryptocurrency whitepaper, this responsible-disclosure approach is unprecedented in quantum cryptanalysis — and it signals that the research community has crossed a threshold where the findings themselves are operationally sensitive.

For threat modeling purposes, this changes the game. The era of tracking Q-Day progress through published papers is ending. Future advances in quantum cryptanalysis may simply not appear in the public literature. As IBM’s Michael Osborne has warned, the first quantum capability to break real cryptography will not be announced.

The Downgrade Problem Nobody Is Talking About

One of the most technically important points in Cloudflare’s announcement — and one I expect will be underappreciated — is the emphasis on downgrade attacks.

Adding support for post-quantum cryptography is not enough. Systems must also disable support for quantum-vulnerable algorithms. Otherwise, an active quantum attacker can force a connection to downgrade to classical cryptography and then break it. In federated systems like the open web, where servers must continue supporting legacy clients that haven’t upgraded, this creates a transition paradox: you can’t fully disable classical algorithms until all clients support PQC, but you’re vulnerable to downgrade attacks until you do.

Cloudflare mentions two potential mitigations — “PQ HSTS” (a proposed mechanism from Chromium for signaling post-quantum-only support) and certificate transparency — but both are still in development. This is a genuine unsolved problem in the transition architecture, and it deserves more attention than it’s getting.

What Two Giants Agreeing on 2029 Means for Everyone Else

Google and Cloudflare together touch such a large fraction of internet traffic that their PQC migration timelines are not merely internal decisions — they are de facto standards. When both companies say they’ll complete migration by 2029, they are setting the pace for browsers, certificate authorities, CDN providers, DNS infrastructure, and the vast ecosystem of services that depend on them.

This is exactly the dynamic I’ve been arguing matters more than Q-Day predictions. As I wrote in Forget Q-Day Predictions — Regulators, Insurers, Investors, Clients Are Your New Quantum Clock, the reason to act is not because you’ve personally calculated when a CRQC will arrive. The reason to act is that the ecosystem is moving. Google set 2029. Cloudflare just matched it. Microsoft is targeting 2033. NIST deprecates in 2030, disallows in 2035.

If your organization hasn’t started its PQC migration, consider the arithmetic. Research suggests realistic migration timelines of 5–7 years for small enterprises, 8–12 for medium, and 12–15+ for large. It is April 2026. If you start today and you’re a medium enterprise, you’re looking at 2034-2038. That puts you past NIST’s hard deadline and well past the point where Google and Cloudflare will have dropped classical algorithm support for significant parts of their infrastructure.

The window for comfortable migration closed the moment two infrastructure giants agreed on 2029. What remains is the window for migration under pressure. That window is still open. But it’s narrowing every time a major player sets a deadline.

For organizations that need a structured starting point, the Applied Quantum PQC Migration Framework provides an open-access, 8-phase methodology with a 90-day quick-start guide designed for exactly this situation. And for a comprehensive guide to organizational quantum readiness, my forthcoming book Quantum Ready covers the strategic, operational, and technical dimensions of the transition.

Start now. The companies that run the internet just told you when they expect the clock to run out.

Quantum Upside & Quantum Risk - Handled

My company - Applied Quantum - helps governments, enterprises, and investors prepare for both the upside and the risk of quantum technologies. We deliver concise board and investor briefings; demystify quantum computing, sensing, and communications; craft national and corporate strategies to capture advantage; and turn plans into delivery. We help you mitigate the quantum risk by executing crypto‑inventory, crypto‑agility implementation, PQC migration, and broader defenses against the quantum threat. We run vendor due diligence, proof‑of‑value pilots, standards and policy alignment, workforce training, and procurement support, then oversee implementation across your organization. Contact me if you want help.

Talk to me Contact Applied Quantum