We have mentioned many times that current encryption techniques will be very easily broken in the future by quantum computers.
To prepare for this, Cloudflare is launching a post-quantum experiment in which site owners can sign up to add support for two hybrid post-quantum encryption keys: X25519Kyber512Draft00 and X25519Kyber768Draft00.
These keys will work alongside existing encryption schemes to ensure compatibility.
For now, adding these basic keywords to your site won't do much, because none program browser doesn't support them yet. For now, browsers will fall back to existing encryption schemes, which are not quantum-resistant.
But Cloudflare said the internet will move to quantum cryptography in the coming years, and hopes that it will version beta will give its customers a head start.
The post-quantum cryptography Cloudflare uses is called Kyber. Last month, the US National Institute of Standards and Technology (NIST from the National Institute of Standards and Technology) decided to standardize Kyber, and the final specifications will come in 2024. By starting this test, Cloudflare hopes to drive the adoption of post-quantum cryptography.
In terms of features, Kyber does not need as much computing power as existing schemes, but it has larger keys and uses more RAM. Cloudflare believes that if Kyber is used alone, the connections with websites they could be faster. But in this test, a hybrid model is used, so connections will be a bit slower.
If you want to try it on one of your domains, read Cloudflare's step-by-step steps to set it up.
Warning: The new Kyber crypto will receive changes incompatible with the older crypto in the coming months, and Cloudflare's app will change to be compatible with early adopters. Additionally, if the community identifies problems, then additional solutions will be added to Cloudflare's application. Due to the rapid pace of change, Cloudflare cannot guarantee long-term stability or ongoing support.