TL;DR
- 2029 Deadline: Cloudflare has committed to achieving full post-quantum security, including authentication, across its entire product suite by 2029.
- Industry Alignment: Google set an identical 2029 target weeks earlier, establishing the date as a de facto industry standard for post-quantum migration.
- Authentication Focus: The roadmap prioritizes securing digital identities over data encryption, since broken authentication poses a more catastrophic risk than data leaks.
- Phased Rollout: Cloudflare plans PQ authentication for origin connections by mid-2026, Merkle Tree Certificates by mid-2027, and full SASE suite coverage by early 2028.
Cloudflare announced at its San Francisco headquarters on Tuesday that it has joined Google in setting a 2029 deadline for full post-quantum migration, prioritizing the protection of digital identities against the “catastrophic” risks of future quantum decryption. Industry alignment on this target marks a definitive shift in global security strategy, moving beyond simple data encryption to focus on the integrity of the internet’s authentication layer.
While the industry has long focused on protecting data from “harvest-now/decrypt-later” (HNDL) attacks, Cloudflare’s roadmap marks a significant pivot toward securing authentication. With Google having set an identical 2029 deadline just weeks earlier, the target is emerging as the definitive industry standard for surviving “Q-Day,” the moment a cryptographically relevant quantum computer (CRQC) renders modern asymmetric encryption obsolete. Cloudflare has already deployed post-quantum encryption for the majority of its products since 2022 to mitigate early threats, but the new timeline moves the goalposts toward a comprehensive defense of digital identities.
The Shift From Encryption to Authentication
Driving the urgency behind the 2029 target is a realization that the nature of the quantum threat is evolving. In the security community, the arrival of a functional quantum computer is often referred to as Q-Day. Crucially, the distinction between simple data exposure and identity compromise is becoming the central pillar of modern defense. “An imminent Q-Day flips the script: data leaks are severe, but broken authentication is catastrophic,” the Cloudflare blog noted in its announcement.
Breaking modern cryptography with a quantum computer requires simultaneous engineering progress on quantum hardware, error correction, and quantum software. However, the risk to authentication is unique because it cannot be solved by simply encrypting data at rest. If an attacker can forge a digital signature or bypass authentication, they can impersonate users or services with impunity, which has led companies like Google to prioritize post-quantum cryptography (PQC) migration for authentication services.
A key challenge in this transition is downgrade protection, where an attacker could target a client’s weakest supported classical option even if post-quantum (PQ) options are available. To combat this, Cloudflare is following a rigorous deployment schedule. “We are targeting full post-quantum security including authentication for our entire product suite by 2029,” the Cloudflare Blog stated.
Replacing billions of existing digital signatures is the core technical challenge. Classical algorithms like RSA and Elliptic Curve Cryptography (ECC) depend on mathematical difficulty, specifically factoring large numbers or calculating discrete logarithms, that a quantum computer running Shor’s algorithm can defeat in seconds. Cloudflare has outlined a post-quantum migration roadmap to move every internal and external interaction to a post-quantum standard by 2029, neutralizing the harvest-now, decrypt-later strategy that state actors and sophisticated attackers currently employ against high-value targets.
A Unified 2029 Timeline
Setting a 2029 deadline provides a clear goal for the industry and reflects a broader convergence on the timeline required to overhaul aging cryptographic foundations. Google set a 2029 deadline for PQC migration on March 25, 2026, creating a rare moment of alignment between two of the web’s majority infrastructure providers. When both the dominant CDN and the dominant browser vendor commit to the same year, that date effectively functions as an industry mandate rather than a voluntary goal.
Coordination across browsers, servers, and hardware manufacturers is essential given the scale of the migration. Already, the Chromium roadmap for PQ authentication includes four distinct stages, moving from the initial addition of PQ options to eventually requiring post-quantum Transport Layer Security (TLS) keys. By using a phased approach, both Google and Cloudflare seek to replace classical algorithms before they become vulnerable, building in time for hardware vendors and software developers to certify their implementations against NIST-standardized algorithms like ML-KEM and ML-DSA.
“Quantum frontiers may be closer than they appear… We’re setting a timeline for post-quantum cryptography migration to 2029.”
Heather Adkins & Sophie Schmieg, VP, Security Engineering & Senior Staff Cryptography Engineer at Google (via The Keyword Google Blog)
Industry-wide alignment matters because the web is a federated system. A security protocol is only as strong as its weakest link, and if a major CDN like Cloudflare or a dominant browser like Chrome fails to upgrade, the entire ecosystem remains at risk. As a result, the 2029 date acts as a forcing function that no single infrastructure provider can afford to ignore, particularly given the unpredictable pace of advances in quantum hardware development.
The Technical Hurdles of Post-Quantum Auth
Implementing post-quantum authentication is notably more complex than the encryption-only approaches of the past. One primary hurdle is the physical size of post-quantum signatures and keys, which are larger than their classical counterparts and can impact web performance. Cloudflare targets mid-2026 for supporting PQ authentication using the ML-DSA algorithm for Cloudflare-to-origin connections, a move that parallels efforts in the mobile space where Android 17 is integrating PQC digital signature protection.
Further milestones include support for visitor-to-Cloudflare connections using Merkle Tree Certificates, targeted for mid-2027. By allowing the verification of server identities without the overhead associated with traditional post-quantum signatures, these certificates keep the web performant as it becomes secure against future threats. Chromium’s PQ auth strategy relies heavily on these certificates and ML-DSA TLS keys to maintain performance while upgrading security across the ecosystem.
For potential attackers, hardware requirements remain a moving target. Superconducting quantum computers typically require around a thousand physical qubits to create just one stable logical qubit, yet the pace of development is unpredictable. Researchers must account for the possibility of a “black swan” event that could accelerate the timeline for a CRQC. “Sudden ‘quantum’ leaps in understanding… can occur even if everything happens in the public eye,” the Cloudflare post explained, underscoring why waiting for certainty before acting is not a viable strategy.
Preparing the Security Supply Chain
In contrast to the technical standards work happening at the protocol level, the immediate challenge for enterprises is operational. Cloudflare’s post-quantum procurement guidance urges businesses to make post-quantum support a mandatory requirement for any new procurement, ensuring that new systems are not “born legacy” and vulnerable to Q-Day from the start. Proactive measures are necessary because enterprise software and hardware often have life cycles spanning five to ten years, meaning decisions made today will impact security well into the 2030s.
Building out quantum-ready offerings in parallel, other major players are also advancing their roadmaps. Akamai introduced DNS Posture Management in June 2025 to help organizations monitor DNS assets and certificate security risks, explicitly noting that many existing certificates lack post-quantum compliance. Zscaler has positioned its Security Service Edge as quantum-ready, focusing on the store-now-decrypt-later threat that mirrors Cloudflare’s HNDL concern. For Cloudflare, the roadmap culminates with the Cloudflare One SASE suite adding PQ authentication by early 2028, ahead of full suite completion in 2029.
By setting a hard 2029 target focused on the “catastrophic” risk of broken authentication, Cloudflare and Google are establishing a new baseline for global digital security. Every layer of the digital world, from mobile operating systems to content delivery networks, faces a fundamental cryptographic upgrade unlike anything since the dawn of the commercial internet. Industry convergence on 2029 makes clear that the work to neutralize the quantum threat must reach its peak long before the first CRQC is ever built.
