Cloudflare has made post-quantum encryption for its IPsec product generally available, using hybrid ML-KEM (FIPS 203) as specified in the IETF draft draft-ietf-ipsecme-ikev2-mlkem. The implementation has been confirmed interoperable with Cisco 8000 Series Secure Routers (v26.1.1+) and Fortinet FortiOS 7.6.6+, enabling organizations to protect WAN traffic against harvest-now-decrypt-later attacks using existing hardware. The post explains why IPsec post-quantum standardization lagged TLS by four years — largely due to the IPsec community's interest in Quantum Key Distribution (QKD) and premature vendor implementations under RFC 9370 without a unified ciphersuite spec. Cloudflare argues QKD is not Internet-scale and advocates for continued industry consolidation around the new hybrid ML-KEM draft. Post-quantum authentication for IPsec remains an open standards gap. This is part of Cloudflare's goal to achieve full post-quantum security by 2029.
Table of contents
Cloudflare IPsecPost-quantum encryption in IPsecOur interoperable implementationThe importance of being interoperableTowards an interoperable post-quantum InternetSort: