7 Key Insights Into Post-Quantum Encryption in Cloudflare IPsec

Post-quantum encryption is no longer a future promise—it’s a live capability for wide-area networks. While Cloudflare already shields the majority of human-generated TLS traffic with post-quantum cryptography, site-to-site networking has been slower to catch up. That changes now. With the general availability of post-quantum encryption in Cloudflare IPsec, organizations can defend against harvest-now-decrypt-later attacks using existing hardware. Here are seven essential things you need to know about this milestone.

1. Why Post-Quantum IPsec Took Longer Than TLS

Post-quantum protection arrived for TLS traffic years ago, but IPsec faced unique hurdles. The IPsec community had to balance Internet-scale interoperability with the demands of specialized hardware, creating a gap that delayed adoption. TLS operates at the application layer and can be updated more flexibly, whereas IPsec is deeply integrated into network infrastructure. Cloudflare’s engineers spent four extra years engineering a solution that works seamlessly across diverse routers and firewalls. The result is a hybrid handshake that combines classical Diffie-Hellman with ML-KEM, meeting both security and compatibility requirements.

2. The Threat: Harvest-Now-Decrypt-Later Attacks

Quantum computers don’t exist yet, but adversaries are already collecting encrypted data. In a harvest-now-decrypt-later attack, attackers intercept and store encrypted traffic today, waiting for the day a quantum computer can break current public-key cryptography. With quantum advances accelerating—Cloudflare moved its full-security target from 2035 to 2029—the window of vulnerability is shrinking. Post-quantum encryption in IPsec neutralizes this risk by using algorithms that remain secure even against quantum decryption, ensuring that today’s data stays safe tomorrow.

3. What Is ML-KEM and How Does It Work?

ML-KEM stands for Module-Lattice-Based Key-Encapsulation Mechanism, standardized in FIPS 203. It is a post-quantum cryptographic algorithm built on mathematical problems that quantum computers cannot efficiently solve. Unlike older algorithms, ML-KEM does not require dedicated hardware or physical links; it runs entirely in software on standard processors. Cloudflare’s implementation uses a hybrid approach, combining ML-KEM with classical Diffie-Hellman. This ensures backward compatibility while adding post-quantum security, making it practical for real-world deployment across IPsec tunnels.

4. Interoperability With Fortinet and Cisco

A major barrier to adopting post-quantum IPsec was the lack of interoperability between vendors. Cloudflare broke through that barrier by testing and validating hybrid ML-KEM with branch connectors from Fortinet and Cisco. These tests confirmed that the new handshake works with hardware already deployed in many networks. Enterprises no longer need to rip and replace their equipment; they can enable post-quantum protection on existing devices. This vendor collaboration is a critical step toward industry-wide standardization and widespread deployment.

5. Cloudflare IPsec: More Than Just Tunnels

Cloudflare IPsec is a full WAN Network-as-a-Service that replaces legacy architectures. It connects data centers, branch offices, and cloud VPCs to Cloudflare’s global IP Anycast network. Benefits include simplified configuration, high availability (automatic failover to the nearest healthy data center), and the massive scale of Cloudflare’s network. The service supports site-to-site WAN, outbound internet connections, and integration with the Cloudflare One SASE platform. Post-quantum encryption now adds a crucial layer of long-term security to these capabilities.

6. The New IETF Draft Driving Standardization

The post-quantum handshake for IPsec is defined in the IETF draft draft-ietf-ipsecme-ikev2-mlkem. This specification combines ML-KEM with the existing IKEv2 protocol, ensuring a smooth upgrade path. By using a hybrid key exchange, the draft preserves trust in classical Diffie-Hellman while introducing lattice-based security. Cloudflare’s implementation adheres to this draft, making it a foundation for future interoperability. The industry is finally consolidating around a single standard that works at Internet scale, moving beyond proprietary or experimental approaches.

7. How to Get Started Today

Post-quantum encryption in Cloudflare IPsec is generally available now. To activate it, customers simply enable the hybrid ML-KEM option on their IPsec tunnels via the Cloudflare dashboard or API. No hardware upgrades are needed for compatible branch connectors (e.g., Fortinet, Cisco). Cloudflare recommends enabling it across all site-to-site connections to begin defending against harvest-now-decrypt-later attacks. As quantum threats evolve, this proactive step ensures that your encrypted data remains secure even after Q-Day. Check Cloudflare’s documentation for detailed configuration guides.

Conclusion: The arrival of post-quantum encryption in Cloudflare IPsec marks a turning point for wide-area network security. By addressing interoperability, standardizing on ML-KEM, and offering immediate deployment on existing hardware, Cloudflare has closed the gap between TLS and IPsec. Organizations that act now can safeguard their data against future quantum attacks while maintaining operational simplicity. With the industry converging on a single standard and quantum computers advancing faster than expected, there has never been a better time to adopt post-quantum IPsec.