The Cloudflare Research story

In 201x, a Cloudflare "Future Crypto" team was spawned from the Security Engineering team with two members: Nick Sullivan and Brendan McMillon. The original focus of the new team was using applied cryptography to design systems and build implementations that could improve communications on and operation of the Internet. Two early contributions from the team were Geo Key Manager, a feature that gives customers control over where their private keys are stored with Cloudflare, and Privacy Pass, a privacy-preserving mechanism for authorizing users.

Over the years, the "Crypto" team built a culture of shipping impactful real products for which existing solutions were insufficient. Often the team’s projects reached well beyond conventions of applied cryptography. Some of our early notable work:

• Building designs and supporting systems to enable Cloudflare SSL certificates to scale to all free customers
• Open sourcing software that helped Let’s Encrypt do the same
• Measuring the prevalence of middleboxes harmful to security
• Helping design and deploy TLS 1.3
• Supporting accountability in the PKI with Certificate Transparency
• Promoting secure time synchronization via NTS and Roughtime
• Encrypting DNS with DoH and DoT

A new name, broader focus

In 2019, the Crypto team was renamed "Cloudflare Research" to reflect its growing reach beyond cryptography. Some notable examples of our work since this renaming include:

• MITMEngine, an open-source library for HTTPS interception detection, and MALCOLM, a dashboard displaying metrics about HTTPS interception we observe on Cloudflare’s network
• Addressing Agility
• Ethereum Gateway
• CIRCL, a collection of cryptographic primitives written in Go
• time.cloudflare.com
• The TLS Post-Quantum Experiment
• cfnts: Cloudflare's implementation of NTS in Rust
• Delegated Credentials for TLS
• OPAQUE
• Zero-Knowledge Proofs for Private Web Attestation with Cross/Multi-Vendor Hardware
• IPFS Gateway
• SSL Recommender
• Resource development and deployment of Post Quantum Cryptography across the Internet

And onward into the future

Cloudflare Research plays an important role in Cloudflare’s wider mission to help build a better Internet by contributing to Computer Science research domains, and helping to take them from theory to reality. In 2021 we made our work more public and accessible at research.cloudflare.com.

The team has grown over the years, and is now composed of experts in the areas of mathematics, cryptography, privacy, networking, measurement, usable security, distributed systems, caching, and more.

We are a diverse and geographically distributed group, with vibrant research internship and research collaboration programs.

Read more about our work, which is organized around research areas.