January 15, 2021 12:00 PM
The TLS 1.3 protocol has been around for quite some time, but it will be broken once quantum computers arrive. What can we do? In this blog post, we will examine a technique for achieving full post-quantum security for TLS 1.3 in the face of quantum computers: KEMTLS....
January 13, 2021 12:00 PM
We are proud to announce a new resolver for the Distributed Web, where IPFS content indexed by the Ethereum Name Service (ENS) can be accessed....
December 11, 2020 12:00 PM
As quantum computing matures, R&D efforts in cryptography are keeping pace. We’re working with academia and industry peers to create new cryptography standards resilient to quantum computer attacks....
December 08, 2020 12:00 PM
Today, we’re making several announcements around improving Internet protocols with respect to something important to our customers and Internet users worldwide: privacy....
December 08, 2020 12:00 PM
Imagine passwords for online services that never leave your device, encrypted or otherwise. OPAQUE is a new cryptographic protocol that makes this idea possible, giving you and only you full control of your password....
December 08, 2020 12:00 PM
A deep dive into the Encrypted Client Hello, a standard that encrypts privacy-sensitive parameters sent by the client, as part of the TLS handshake....
October 01, 2020 2:53 PM
After much hard work, NTS finally becomes an official RFC.This means that Network Time Security (NTS) is officially part of the collection of protocols that makes the Internet work. ...
November 01, 2019 1:00 PM
Announcing support for a new cryptographic protocol making it possible to deploy encrypted services while still maintaining performance and control of private keys: Delegated Credentials for TLS. ...
October 31, 2019 1:00 PM
Several months ago we announced that we were providing a new public time service. Part of what we were providing was the first major deployment of the new Network Time Security protocol, with a newly written implementation of NTS in Rust. ...
October 30, 2019 1:00 PM
In a June 2019 experiment with Google, we implemented two post-quantum key exchanges, integrated them into our TLS stack and deployed the implementation on edge servers and in Chrome Canary clients....
October 29, 2019 1:00 PM
The Domain Name System (DNS) is the address book of the Internet. When you visit cloudflare.com or any other site, your browser will ask a DNS resolver for the IP address where the website can be found. Unfortunately, these DNS queries and answers are typically unprotected....
October 28, 2019 1:00 PM
At Cloudflare, we are committed to supporting and developing new privacy-preserving technologies that benefit all Internet users. In November 2017, we announced server-side support for the Privacy Pass protocol, a piece of work developed in collaboration with the academic communi...
September 18, 2019 2:03 PM
Cloudflare’s mission is to help build a better Internet. One of the tools used in pursuit of this goal is computer science research. We’ve learned that some of the difficult problems to solve are best approached through research...
June 21, 2019 1:00 PM
Cloudflare has always been a leader in deploying secure versions of insecure Internet protocols and making them available for free for anyone to use. In 2014, we launched one of the world’s first free, secure HTTPS service (Universal SSL) to go along with our existing free HTTP p...
June 20, 2019 1:02 PM
The impact of quantum computing on cryptography conducts research and development towards a Post-Quantum era....
June 20, 2019 1:00 PM
Today we are proud to release the source code of a cryptographic library we’ve been working on: a collection of cryptographic primitives written in Go, called CIRCL. ...
June 19, 2019 1:01 PM
Today, we are excited to announce Cloudflare's Ethereum Gateway, where you can interact with the Ethereum network without installing any software on your computer....
March 18, 2019 5:47 PM
The practice of HTTPS interception continues to be commonplace on the Internet. This blog post discusses types of monster-in-the-middle devices and software, and how to detect them....
September 21, 2018 12:00 PM
When you visit a secure website, it offers you a TLS certificate that asserts its identity. Every certificate has an expiration date, and when it’s passed due, it is no longer valid....
