Name: Securing Finance in the Quantum Age: A Post-Quantum Cryptography Blueprint
Uploaded: 2025-08-28T17:46:29.062Z
Duration: 30 min 8 s
Description: Securing Finance in the Quantum Age: A Post-Quantum Cryptography Blueprint

Transcript for "Securing Finance in the Quantum Age: A Post-Quantum Cryptography Blueprint": Hi. My name is Justina Koharchuk, and I'm a senior solutions marketing manager here at Cloudflare. I'm joined by Sharon Goldberg, our director of product management on the zero trust side. Today's webinar is gonna focus on post quantum cryptography, what it is, why it matters, and what this means for financial service organizations. In the next few slides, we'll explore the emerging quantum threat, understand the technology behind PQC, and outline the concrete steps financial service organizations should take to secure their future. Let's begin. For years, we've been talking, and telling ourselves that quantum computing is a distant threat, maybe ten, twenty years away. But now some of the brightest minds in the industry believe quantum breakthrough is possible in the next three to five years. An example of this accelerating timeline is Google's breakthrough with Willow chip, a quantum processor that's pushing absolute boundaries about what we thought was possible. Google isn't experimenting anymore than investing heavily and achieving real results. This is practical quantum computing development happening right now and accelerating faster than anyone predicted. So what's the urgency? It's, here's what the shorter timeline really means for your org. Every piece of encrypted data you have today can potentially be vulnerable tomorrow. When quantum computers arrive, they won't just crack future encryption. They'll retroactively decrypt everything we're protecting right now. The message is clear. We can't afford to wait and the transition to post quantum cryptography must start now. And, additionally, we're seeing while we're been kind of debating this quantum computing, threat or future threat, regulators have already decided that it's here for us. The mandates aren't coming. They are here, and regulatory mandates for quantum readiness are active today with firm deadlines creating immediate compliance obligations. NIST has drawn a line in the sand with RSNA and ESDSA encryption that must be deckered deprecated by 2030 and completely disallowed by 2035. This federal mandate is backed by CISA, NSA, and executive order one four one four four. And the Federal Financial Institute examination counselor is already incorporating quantum risk assessments into their financial examination. That means if you're a financial service org, examiners are asking quantum readiness questions today. And this isn't just in The US. The European Banking Authority is exploring post quantum requirements for payment providers, while the SEC is expanding cybersecurity requirements to include quantum preparedness. And even PCI DSS version four dot o introduced cryptographic agility requirements, which is the future for for, quantum safe mandates coming. So the bottom line is this has been published migration road maps expecting immediate action, and Accenture and other GSIs have practical guidance available now. So your timeline isn't determined by when the the quantum computers are arriving. It's really determined by the regulatory deadlines that are coming down. So who does this affect most? Well, some organ while some orgs are still debating timelines, industry leaders across different, different verticals are implementing quantum safe solutions currently. Cloudflare is one such, company. As a tech pioneer in the space since 2017, we've published research and deployed post quantum cryptography in real world scenarios. We're not just testing. We're actively partnering with standards bodies to accelerate deployment. Major browsers like Chrome and Firefox aren't waiting either. They're implementing PQC by default for key exchanges and protecting millions of users today. This is also impacting, of course, high stakes sectors like health care orgs and government agencies where data breaches that can be literally life or death and are treating post quantum cryptography, and these industries are treating PQC as an urgent priority, not a future consideration. The question isn't whether to transition to post quantum cryptography. It's whether you'll lead the transition or be left scrambling to catch up. So what does this mean exactly for financial services? What's what's behind some of this urgency? Well, we've already talked about some of the hard regulatory deadlines, but what else? Here's the urgent reality. Adversaries are employing what we call harvest now, decrypt later attacks. They're collecting your encrypted data today with the expectation that in the future, quantum computers will crack this data retroactively. Your sensitive data encrypted today could be compromised tomorrow. Additionally, what history has taught us is that cryptographic migrations are really complex, and you don't have to take it from me. My colleague, Sharon, has spent the greater part of twenty years watching people do these migrations, and she can discuss this next, in further detail. The regulatory pressures, of course, are intensifying from all directions as we already talked about. And finally, perhaps what's most concerning is what we don't know. Much much of the quantum research still remains classified, creating uncertainty about quantum capabilities and timelines. We must prepare for the possibility that quantum threats emerges sooner than public estimates suggest. And, again, the question isn't whether to begin post quantum migration. It's, it's when to start. And every day of the delay compounds your risk and narrows your implementation window. Finally, when we take a look closer look at the financial service threat landscape, as you already know, financial service orgs are 300 times more likely to experience attacks, and those attacks are also some of the most costly of all industries. What's specifically important to note about harvest now and decrypt later decrypt later threats for coming from PQC for financial services is that these that the data that financial services are dealing with, Social Security numbers, account numbers, PII, remain valuable for decades. So these this makes them a high value target, especially cross border payment systems, swift networks, and core banking infrastructure where one, where a successful attack doesn't just impact one institution, it has the potential to cascade across the entire ecosystem. And now I'm going to hand it off to Sharon to go into the cryptographic, landscape as well as, the next steps you should take to secure yourself. Without further ado, Sharon. Alright. Thanks, Justina. So I'm Sharon Goldberg. I'm a director on the product team for our SASE platform, and I also lead the productization of post quantum cryptography across Cloudflare along with some of my other colleagues in the product team. Okay. So I wanna talk a little bit about what post quantum cryptography actually means. So when we talk about post quantum cryptography, for the most part today, we are talking about post quantum key agreement. So a key agreement algorithm cryptography is what allows two parties, a sender and receiver, to agree on a symmetric key that they will use to encrypt and authenticate their actual data. So the first step is agreeing on the session key, and then the next step is to encrypt their data with that session key. The protocols we use to agree on the keys are called key agreement. If you're familiar with Diffie Hellman, that is an example of a key agreement protocol. In the post quantum world, we are no longer using Diffie Hellman. We're using a new algorithm, and it's called ML Chem, and that is what we're using for key agreement. The reason that we've transitioned and we're in the process of transitioning technology to postpartum key agreement is because it is what stops the harvest now, decrypt later attacks that Justina was talking about. And so that's why we need it today. Now in the future, we're gonna have q day, which is the day in which cryptographically relevant quantum computers start to exist. In that on that day, we are going to need to have an upgrade to the cryptographic certificates that we use across the Internet. Cryptographic certificates and cryptographic signatures. Now as of today, we still don't have a fully usable standard for the public key infrastructure of the Internet to use post quantum signatures. Signatures. We're still working on that. And so generally, when you speak to vendors and when you look at technologies, they're generally not using post quantum signatures, but we are all working on figuring out how we can get those to be performant and used in systems. And that is gonna be part of the migration in the next few years. Finally, I wanna mention that you're probably familiar with the advanced encryption standard AES. That is what is used for symmetric cryptography between a sender and receiver. That is what's actually encrypting your data and authenticating the actual data. Once you've agreed on the key, you use symmetric cryptography to authenticate and encrypt the data. Those algorithms don't need to be upgraded. As of right now, we don't have attacks on symmetric cryptography that are good enough to justify our ups ourselves upgrading those to post quantum cryptography. And so, really today, post quantum migration just means key agreement and it means digital signatures and certificates. Okay, let's move on. So, what does that mean, to for what you're actually doing in your organization to migrate to post quantum photography. We see this process proceeding in four parts. Starting today, cryptography assessment will help you understand what systems are at risk and need to be upgraded. Phase two is to actually roll out the post quantum key agreement that I described, previously. That's the MLKIM algorithm, and that you can do now. We at Cloudflare have deployed that across all our systems already. Phase three is to roll out post quantum cert certificates and signatures. Again, you can't do that yet because we haven't completed the standards, and vendors are still figuring out how to get that into their products. But that is a sort of second phase of the upgrade that's coming in the future that people need to pay attention to. And finally, new cryptography requires some agility. We may find that we need to change algorithms or upgrade algorithms over time, and so this whole exercise should hopefully get your organization into a place where crypto agility becomes easier and you can adapt to any changes in photography in the future. At Cloudflare, we are embracing post quantum future. We have been working on post quantum for a very long time, well before I joined here. Butler started PQC trials in 2019 working with Google Chrome. As of right now, a lot of our focus has been on the TLS protocol using the post quantum key agreement, that MLPIM algorithm that I mentioned before to protect global Internet traffic. We actually turned it on for our global traffic as early as 2022. And right now, it's more than one third of the human traffic to our network. You can see some stats on the slide. More than one third of the human traffic to our network is actually speaking post quantum cryptography using key agreement algorithms already. We do this at scale. It's not a science experiment. It's something that we run all the time across all of our systems. And we actually don't, bill it separately from our products, so it's included in all of our products. Twilio is very excited to contribute to standardizations through NIST, through the Internet engineering task force. We contribute to open source cryptographic libraries. We're actually, authoring some of the standards on post quantum signatures. So we are very excited in, in contributing to this ecosystem and helping the Internet migrate to post quantum cryptography. Specifically, the way that we would like to to help our customers is it is very challenging to think about upgrading each one of your individual systems to post quantum photography. A lot of organizations, most organizations have tons and tons of different types of systems with different types of cryptography. Most people are not paying attention to the specific cryptographic algorithm that a given machine is using somewhere in their data center. That is a really hard thing to do. And so our perspective at Cloudflare is what we want to do is we wanna be able to provide you the ability to tunnel your traffic over Cloudflare, and we will wrap it in those post quantum protections even if the traffic itself is still a legacy classical cryptographic traffic. And so we do that in a lot of different places in our platform, and we're continuing to add more and more and more components to our platform that can do this. So I wanted to just talk about two key parts of our platform where we where we have quantum photography available, and we don't even really talk about it. It's just there on by default. We don't even tell people, unless they're really paying attention. So for example, if you host your website on CloudFlare or you list an API behind CloudFlare, then it is protected with TLS 1.3 with post quantum key agreement as I described. If you use a CloudFlare tunnel to protect your origin server, that is protected with post quantum cryptography. Again, the key agreement that I talked about. We also have post quantum, cryptography deployed across the zero trust platform, which is what customers use to protect their internal corporate network traffic. And again, that's a great place to wrap your traffic in a CloudFlare, post quantum tunnel so you don't have to think about upgrading every one of your servers and every one of your networks to post quantum photography. I'll show you a a couple pictures just to give you a sense of what this looks like. We have, we have a web browser. The user is, is using their web browser. That might be a Chrome web browser. Chrome has been in partnership with CloudFlare and others, upgrading traffic to post quantum cryptography for a while. So odds are if you're using a browser that is upgraded to post quantum, then that traffic from your browser to the Cloudflare network is post quantum. The traffic inside the Cloudflare network goes over post quantum tunnels. And finally, if you have a website that's behind Cloudflare, typically, we have customers connect that using our Cloudflare d, agent. And so that agent is actually speaking post quantum cryptography back to Cloudflare, and so we get this nice end to end post quantum protection. The other place where you might see post quantum cryptography is in the Zero Trust platform. So in this example, think of our zero trust platform as the way that employees can protect into sensitive corporate resources, into their data centers, into their corporate networks, into their offices. And so in this figure, we have a a person who's got a laptop that has the work client or maybe the phone that has a work client. That's our zero trust client that you deploy on end users devices. That client is speaking, a protocol called mask. And we are right now upgrading the mask protocol to post quantum photography. As I speak, you can turn that on with an MDM setting, but you can, and and we will be turning this on by default across, all of our customers over the next few months. So that is already available if you'd like to use it. The links inside the CloudFlare network speak post quantum. And finally, that that link from the CloudFlare network into the customer's environment is also post quantum. So again, we get this nice end to end post quantum protection even if you're speaking to a system that isn't upgraded to post quantum cryptography yet. And that's what we think is so exciting about all of this. We really wanna make it easier for customers to migrate to post quantum cryptography without having to go through every single system and test every single one. We would just like to provide you with that protection over a tunnel that you can use across the Internet when you're communicating with between employees and and resources in your organization. So just wrapping this up, you know, actionable items for organizations now, thinking about what systems need to be upgraded to PQC, either upgrade those systems or find a way to tunnel those systems over something that already speaks post quantum cryptography. Most of what you will find today in the market is post quantum key agreement. So that's what we need to do in order to protect ourselves against harvest now, decrypt later attacks. That is what is needed today. In the future, I'm just going to bullet four out of order. In the future, post quantum certificates and signatures will appear on the market, and that upgrade will need to happen. So, again, the idea of putting your traffic through a tunnel may be appealing because now that tunnel speaks post quantum key agreement, but in the future, that tunnel will be speaking also post quantum certificates. So you'll get that protection without having to do anything. Just let your vendor, do the upgrade for you. We really are excited about bringing post quantum cryptography into the zero trust market. And so if that is helpful for your organization internally, then we do have those protections available. And finally, new cryptography requires some agility. And so really thinking about the strategy of crypto agility going forward in your organization and what vendors you can collaborate with or what upgrades you can do to make sure that this is easier. This doesn't become extremely difficult every time an upgrade has to happen, I think is a really good use of of time for organizations today as they're thinking through this transition. And with that, I'll turn it over to Justina. I know that we have a few questions coming up, and, we will take those before we close out. If you have any questions, please please feel free to put them in the chat, and we'll answer them, as soon as we can. And if we don't get to any of your questions, then, we will follow-up by email. Our first question is, you know, realistically, can organizations upgrade by 2030? We see these mandates, of 2030, from regulatory bodies. How are really realistic, Sharon, do you think it is for firms to have a PQC upgrade done by then? I think it can be realistic, especially if we're thinking about protecting post quantum photography as it goes over the public Internet. I don't know that we're gonna be able to get to the point where internal links in the data center are post quantum unless we're using a vendor that's doing those upgrades for us, let's say, in the cloud or something like that. So, really, I think being strategic about how you do this upgrade and what sort of vendors and what sort of tunnels you put in place will make the upgrade a lot easier. I really fear the idea of having to look at each system one by one. I think that's very, very important. Got it. Okay. So definitely a strategic approach, and partnering with vendors and and, you know, GSIs that that can take you through this transition and planning ahead. It sounds like, some sounds like some of the keys. But what happens for organizations, like, if, you know, we wake up in a few months and PQC standards are broken? Like, what what what what actually is gonna happen? When I talked about MLKIM, I kept saying that over and over again. We run that in parallel with regular Diffie Hellman key exchange right now. That's what we're doing when we speak post quantum over the Cloudflare network, which we're doing right now probably as you're watching this this video. So the that doing those two crypto algorithms in parallel is actually really good from a security perspective because if we have a problem with the, with the the post quantum algorithm, then we still have the classical algorithm to provide protection. And if we have a problem post quantum, to provide protection. So this parallelization is a great way to hedge bets. And I think that this is the right thing to do now because we're still in the early days of this new this quantum migration. I mean, I don't wanna say that we're in the early days, but we are still in a phase where having them running in a hybrid mode makes a lot of sense as we're getting them deployed across the whole, as a whole Internet. There will be a future point where we stop running in hybrid mode, but we're not there yet. And so I think it's really great that the, the industry has converged to this hybrid mode. For example, that's what we do when we speak to the Chrome browser. That's a very typical deployment. So, you know, I think people are paying attention, and I think people are hedging their bets in the right way. And hopefully, we have enough good deployments in the field before Q Day arrives that we will have worked all the kinks out of this algorithm before that day comes. Got it. Yeah. I'm hope I think we're all hopeful, right, especially, with what's at stake. I think, the other piece of this is, you know, what about, symmetric cryptography like AES? What about upgrading that? Yeah. That's not an issue. So symmetric cryptography does not need to be updated. You can continue to use AES the way you've been using it before. We're really only focusing on key agreement and certificates and signatures. There isn't a need right now to upgrade symmetric cryptography. Just in case you're wondering why, if I could just geek out for one second, the reason is because quantum computers can factor, large composite numbers, and that's the basis of digital signatures, certificates, and key agreement. But that factoring problem doesn't play a role in symmetric cryptography, so it doesn't break symmetric cryptography in the same way. That's why they're being treated differently. So a little silver lining, I guess, for us. And finally, one more question, if we have time. What is is there any performance impact of post quantum cryptography? What should, you know, what should or just be aware of? That's a great question. So we, at Cloudflare did a study on this. It's published on our blog. Maybe we can link to it somehow. That actually shows that the upgrade to TLS 1.3 with the addition of post quantum is actually faster than using TLS 1.2 with the classical algorithms. So we haven't seen a performance hit with key agreement algorithms, and that's why you're seeing them so widely adopted through the Internet. I would say that on the side of signatures and certificates, there's still, some challenges because those signatures are larger than what we're used to with classical cryptography. So there's a lot of effort to to, that's being developed right now to figure out how to deal with the fact that these signatures are larger. And so I expect to see a lot of innovation in the next couple years figuring out those details. But at least for MLKIM, we've been running it at scale for years. Right? And it's well understood, the performance. Got it. Yeah. Well, I'm glad that, you know, orgs like ourselves and and others out there are already doing a lot of this heavy lifting for, other critical industries that that need to adopt this and and and learning and, making sure that we're ready in terms of, you know, more and more, organizations adopting PQC. If you're looking to learn more about post quantum, please visit visit us at cloudflare.com/pqc and download our post quantum solution brief. We'll also share some blog posts, with you as well, in the information, as part of the webinar and webinar follow-up. So thanks again everyone for joining us. Thanks for your time, and, look forward to talk seeing you guys in the future.