by Ashish Gupta

Post-quantum readiness
for people who run networks

Post-quantum cryptography started showing up in vendor roadmaps and compliance conversations, and I realised I was nodding along without really understanding it. So I decided to learn it properly. Not just the theory, but how it applies to the kind of infrastructure most enterprise networks actually run.

This site documents what I found. Everything here has been tested and verified against a standard enterprise stack: Cloudflare as the CDN edge, F5 BIG-IP as the origin load balancer, and a real domain to run openssl s_client against. This is a common architecture: CDN in front, load balancer at origin. Not specific to any one organisation.

NIST FIPS 203 ยท ML-KEM TLS 1.3 Cloudflare F5 BIG-IP 17.5.1+ Harvest Now, Decrypt Later X25519MLKEM768

Where Does PII Get Exposed, and Where Should We Focus?

PII travels across two separate internet-exposed TLS legs before it reaches your application: browser to CDN, then CDN to origin. A third path exists for trusted external systems (partner APIs, SaaS) that bypass the CDN entirely. The diagram below maps where each harvest opportunity sits. Full breakdown in The Problem.

Network diagram showing harvest points across User โ†’ Cloudflare โ†’ F5/CloudFront traffic path
Why hardening the CDN and origin layers closes most of the risk: Both legs where PII crosses the internet (browser to CDN and CDN to origin) pass through TLS termination points you control and can configure. Secure both legs with a quantum-resistant key exchange (ML-KEM via TLS 1.3) and an adversary capturing everything in transit today cannot decrypt it, even with a future quantum computer. You don't need to solve every device or every endpoint at once. Close the two internet hops that carry PII, and you've eliminated the harvest window that matters most.
Part 1
๐ŸŒ

Pre-Quantum State

How encryption on your network works today. The TLS handshake step by step, what RSA is actually doing, and why TLS 1.3 changed the architecture. This is the baseline - what you have now, before any of this becomes a problem.

Read โ†’ Pre-Quantum State
Part 2
โš ๏ธ

The Quantum Threat

Why this is worth acting on now, even though quantum computers don't exist yet. An adversary can record your encrypted traffic today and hold it until they can decrypt it. The window to protect against this is before the capture happens.

Read โ†’ The Quantum Threat
Part 3
๐Ÿ›ก๏ธ

Post-Quantum Readiness

The replacement is already here. ML-KEM is live in Cloudflare and modern browsers today. This section covers the new algorithms, how to configure your stack, and how to verify what is actually being negotiated end to end.

Read โ†’ Post-Quantum Readiness

โœ“ Verified against a Cloudflare-fronted domain (April 2026)

ML-KEM is negotiated in practice, not just on paper. The key line to confirm: Negotiated TLS1.3 group: X25519MLKEM768. Requires OpenSSL 3.5+. See the full verification guide for the command and setup.