PQC in Cloudflare products
Cloudflare is targeting 2029 ↗ to be fully post-quantum secure across its entire product suite.
The sections below group Cloudflare products by the Cloudflare-operated connection or service that provides their secure communication channel. Many products share the same underlying connection or service — once that has been upgraded to post-quantum, every product on top of it inherits the same protection. Each section captures which classes of post-quantum algorithms are currently deployed: key agreement (which protects against harvest-now-decrypt-later ↗ attacks) and signatures (which protect against quantum-forged authentication).
A Cloudflare-side ✅ entry only delivers end-to-end post-quantum protection when the party on the other side of the connection also supports the same post-quantum algorithms. Refer to PQC support for the list of browsers, libraries, and servers that support the algorithms Cloudflare has deployed.
Inbound TLS 1.3 (including QUIC) from end-user clients to Cloudflare's edge.
| Protection | Status |
|---|---|
| Key agreement | ✅ X25519MLKEM768 |
| Signatures | 📝 Planned via Merkle Tree Certificates ↗ |
Reference: PQC for all websites and APIs ↗.
Products covered: any proxied hostname, including Workers custom domains and *.workers.dev, R2 public buckets, Stream, Images, the Cloudflare API and dashboard, any HTTPS application behind Cloudflare, and Cloudflare Access (agentless / clientless).
Service-to-service TLS connections between Cloudflare data centers and internal services.
| Protection | Status |
|---|---|
| Key agreement | 🚧 X25519MLKEM768 |
| Signatures | Not yet |
Reference: PQC generally available ↗, Roadmap ↗.
Most internal connections have been migrated to X25519MLKEM768. A long tail of services is still in the process of being upgraded.
Outbound TLS 1.3 connections from Cloudflare's edge to customer origin servers.
| Protection | Status |
|---|---|
| Key agreement | ✅ X25519MLKEM768 |
| Signatures | Not yet |
Reference: PQC to your origin.
Products covered: any Cloudflare-proxied zone's origin pull, and the egress leg of Cloudflare Gateway (SWG, HTTPS inspection) when Gateway fetches third-party origin content on behalf of the client.
MASQUE tunnel (TLS 1.3) from an end-user device to Cloudflare's global network, established by the Cloudflare One Client (formerly WARP).
| Protection | Status |
|---|---|
| Key agreement | ✅ X25519MLKEM768 |
| Signatures | Not yet |
Reference: PQC and Cloudflare One: Cloudflare One Client.
Products covered: WARP / Cloudflare One Client; Cloudflare Gateway (SWG, HTTPS inspection) when traffic on-ramps via the Cloudflare One Client; and Cloudflare Mesh.
Outbound TLS 1.3 tunnel from cloudflared on a customer origin to Cloudflare's global network.
| Protection | Status |
|---|---|
| Key agreement | ✅ X25519MLKEM768 |
| Signatures | Not yet |
Reference: PQ Cloudflare Tunnel ↗, PQC and Cloudflare One.
Products covered: Workers VPC private-network access and any Cloudflare One off-ramp that egresses via cloudflared (for example, HTTPS access to self-hosted applications via agentless Cloudflare Access).
TLS 1.3 control-plane connection used by the Cloudflare One Appliance to establish keys for its IPsec ESP dataplane tunnels.
| Protection | Status |
|---|---|
| Key agreement | ✅ X25519MLKEM768 |
| Signatures | Not yet |
Reference: PQC SASE ↗, Cloudflare One Appliance, PQC and Cloudflare One.
IKEv2 key exchange for IPsec tunnels between third-party branch connectors and Cloudflare's global network.
| Protection | Status |
|---|---|
| Key agreement | ✅ ML-KEM-768/1024 + DH Group 20 (P-384) in IKEv2 (closed beta) |
| Signatures | Not yet |
Reference: PQC SASE ↗, GRE and IPsec tunnels, draft-ietf-ipsecme-ikev2-mlkem ↗.
This listing is maintained alongside the rest of the Cloudflare SSL/TLS documentation. If you spot an inaccuracy or have an update after a product announcement, contributions are welcome.