All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Security
Security
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Cloudflare One, Cloudflare WAN - Post-quantum IPsec interoperability with third-party devices

2mo ago

Source

CloudflareCloudflare One, Cloudflare WAN - Post-quantum IPsec interoperability with third-party devicescloudflare.com
Snippet from the RSS feed
Cloudflare IPsec now supports post-quantum key agreement with compatible third-party devices. Cisco and Fortinet are the first third-party vendors validated to interoperate with Cloudflare IPsec using ML-KEM (Module-Lattice-Based Key-Encapsulation Mechanism). Post-quantum IPsec uses RFC 9370 and draft-ietf-ipsecme-ikev2-mlkem to negotiate hybrid key agreement during the IKEv2 IKE_INTERMEDIATE phase. This combines classical Diffie-Hellman (Group 20) with ML-KEM-768 or ML-KEM-1024 to protect against harvest-now, decrypt-later attacks. Key details: Compatible with Cisco 8000 Series Secure Routers with IOS XR Release 26.1.1 and Fortinet FortiOS 7.6.6 and later. Uses ML-KEM-768 or ML-KEM-1024 as an additional Key Exchange to DH Group 20. Follows RFC 9370 and draft-ietf-ipsecme-ikev2-mlkem standards. No additional licensing required. Post-quantum IPsec with third-party devices is now generally available with confirmed interoperability for the platforms listed above. Cloudflare intends to support interoperability with more vendors as they build out support for draft-ietf-ipsecme-ikev2-mlkem. Contact your account team to discuss support for additional vendors. For supported key exchange methods and the list of validated platforms, refer to GRE and IPsec tunnels .

You might also wanna read

Cloudflare expands post-quantum encryption to enterprise zero trust services

Cloudflare is rolling out post-quantum encryption for enterprise users, with approximately 35% of human-directed web traffic on its network

cyberscoop.com·1mo ago

Cloudflare Accelerates Post-Quantum Security Roadmap, Targets 2029 for Full Implementation

Cloudflare has accelerated its post-quantum security roadmap, now targeting 2029 to achieve full post-quantum security including authenticat

blog.cloudflare.com·2mo ago

Cloudflare Introduces Merkle Tree Certificates for Post-Quantum Internet Security

Cloudflare is introducing Merkle Tree Certificates as part of its post-quantum cryptography initiative to protect internet security against

blog.cloudflare.com·8mo ago

Authentication Reference Implementation for Cloudflare Workers with PBKDF2, JWT Sessions, and NIST Compliance

This article presents a comprehensive authentication reference implementation for Cloudflare Workers that serves as an educational resource

github.com·4mo ago

Cloudflare's Connectivity Cloud Platform: Unified Network for Secure Application Development

Cloudflare introduces its 'connectivity cloud' platform that combines over 60 cloud services on a unified global network. The platform focus

cloudflare.com·7mo ago

Cloudflare's Connectivity Cloud Platform: Unified Network for Secure Application Development

Cloudflare introduces its 'connectivity cloud' platform that combines over 60 cloud services on a unified global network. The platform focus

cloudflare.com·7mo ago

Comments

Sign in to join the conversation.

No comments yet. Be the first.