Cloudflare has extended hybrid post-quantum encryption to IPsec and its WAN infrastructure by adopting ML-KEM (Module-Lattice-based Key-Encapsulation Mechanism), following the draft-ietf-ipsecme-ikev2-mlkem specification. This replaces the previous 'ciphersuite bloat' problem where RFC 9370 allowed up to seven algorithms simultaneously, causing vendor interoperability issues. The hybrid approach runs ML-KEM alongside classical Diffie-Hellman for belt-and-suspenders security against both quantum and classical attacks. The Cloudflare One Appliance received the update automatically on February 11th via version 2026.2.0. The move addresses 'harvest now, decrypt later' threats and aligns with NIST's 2030 deadline for retiring RSA and ECC. Over 60% of human-generated TLS traffic on Cloudflare's network already uses hybrid ML-KEM. Cloudflare IPsec remains in closed beta pending third-party interoperability testing.
Sort: