The post-quantum future: challenges and opportunities
2022-02-25
The story and path of post-quantum cryptography is clear. But, what are the future challenges? In this blog post, we explore them...
Post-quantumify internal services: Logfwrdr, Tunnel, and gokeyless
2022-02-25
A big challenge is coming: to change all internal connections at Cloudflare to use post-quantum cryptography. Read how we are tackling this challenge!...
HPKE: Standardizing public-key encryption (finally!)
2022-02-24
HPKE (RFC 9180) was made to be simple, reusable, and future-proof by building upon knowledge from prior PKE schemes and software implementations. This article provides an overview of this new standard, going back to discuss its motivation, design goals, and development process...
Cloudflare re-enforces commitment to security in Germany via BSIG audit
2022-02-24
As Cloudflare expands globally, Rebecca Rogers, Manager of Security Validations, discusses an exciting update to Cloudflare’s commitment to customer security for our German customers...
Building Confidence in Cryptographic Protocols
2022-02-24
This blogpost refers to the efforts to use formal/verification/implementation for post-quantum algorithms to achieve better assurance for them. It also touches on our Cloudflare efforts on this...
Using EasyCrypt and Jasmin for post-quantum verification
2022-02-24
This blogpost will touch upon how to practically use Jasmin and EasyCrypt to achieve better security guarantees when verifying KEMs...
Why we are acquiring Area 1
2022-02-23
Earlier today we announced that Cloudflare has agreed to acquire Area 1 Security...
Making protocols post-quantum
2022-02-23
Post-quantum key exchange and signature algorithms come with different trade-offs that we’re familiar. How do we handle that when updating protocols, is this an opportunity to revisit the status quo?...
BGP security and confirmation biases
2022-02-23
On February 1, 2022, a configuration error on one of our routers caused a route leak of up to 2,000 Internet prefixes to one of our Internet transit providers. This leak lasted for 32 seconds and at a later time 7 seconds...
Deep dive into a post-quantum key encapsulation algorithm
2022-02-22
In this blog post, we will look at what Key Encapsulation Mechanisms are and why they matter in a post-quantum world...
Deep dive into a post-quantum signature scheme
2022-02-22
How can one attest to an identity and prove it belongs to one self? And how can one do it in the face of quantum computers? In this blog post, we examine these questions and explain what post-quantum signatures are...
Internet is back in Tonga after 38 days of outage
2022-02-22
Tonga, the South Pacific archipelago nation (with 169 islands), was reconnected to the Internet this early morning (UTC) and is back online after successful repairs to the undersea cable that was damaged on Saturday, January 15, 2022, by the January 14, volcanic eruption...
The post-quantum state: a taxonomy of challenges
2022-02-21
At Cloudflare, we strive to help build a better Internet, which means a quantum-protected one. In this post, we look at the challenges for migrating to post-quantum cryptography and what lies ahead using a taxonomy...
The quantum solace and spectre
2022-02-21
What is quantum computing and what advances have been made so far on this front? In this blog post, we will answer this question and see how to protect against quantum adversaries...
Detecting Magecart-Style attacks with Page Shield
2022-02-18
How we’re using content-based analysis to identify Magecart-style attacks...
Production ready eBPF, or how we fixed the BSD socket API
2022-02-17
We are open sourcing the production tooling we’ve built for the sk_lookup hook we contributed to the Linux kernel, called tubular...
Who won Super Bowl LVI? A look at Internet traffic during the big game
2022-02-14
By now, everyone knows that the Los Angeles Rams won, but we also want to look at which Super Bowl advertisers were the biggest winners, and how traffic to food delivery services, social media and messaging apps, and sports and betting websites changed throughout the game...
Cloudflare acquires Vectrix to expand Zero Trust SaaS security
2022-02-10
We are excited to share that Vectrix has been acquired by Cloudflare! Vectrix helps IT and security teams detect security issues across their SaaS applications...
Adding a CASB to Cloudflare Zero Trust
2022-02-10
Earlier today, Cloudflare announced that we have acquired Vectrix, a cloud-access security broker (CASB) company focused on solving the problem of control and visibility in the SaaS applications and public cloud providers that your team uses...
Email Routing is now in open beta, available to everyone
2022-02-08
Cloudflare Email Routing transitioned from closed beta to open beta. It’s now available to everyone, including free zones...
