releases.shpreview

IPsec downgrade protection prevents quantum attacks on key exchange

1 featureThis release1 featureNew capabilitiesAI-tallied from the release notes
From the original release noteView original ↗

Cloudflare IPsec now supports the IKE_SA_INIT_FULL_TRANSCRIPT_AUTH IKEv2 extension to protect against downgrade attacks on IPsec tunnels.

IKEv2's original authentication design has each endpoint sign only its own outbound messages, not the full handshake transcript. A quantum-capable on-path attacker can exploit this to bypass post-quantum key exchange by downgrading the connection to classical cryptography. The IKE_SA_INIT_FULL_TRANSCRIPT_AUTH extension addresses this by having both peers sign the entire handshake transcript during the authentication exchange, preventing an attacker from manipulating the negotiation without detection.

Key details:

  • Available in beta for Cloudflare WAN and Magic Transit IPsec tunnels.
  • Cloudflare sends the IKE_SA_INIT_FULL_TRANSCRIPT_AUTH notification unconditionally as a responder when the feature flag is enabled.
  • Both the initiator (your device) and responder (Cloudflare) must support the extension for downgrade protection to be effective.
  • This feature is currently gated by a per-account feature flag. Contact your account team to turn it on.

Refer to Downgrade protection for more details.

Fetched July 8, 2026