Cloudflare using lava lamps for secure SSL/TLS encryption
Cybersecurity is only as strong as the random data sources creating encryption keys. True randomness is found in the chaotic physical world.
Secure encryptions require truly unpredictable numbers to prevent cybercriminals from figuring out the code and decrypting data. Even the most advanced computer system will still produce predictable, logical outputs because computers are designed to do so, but predictability equals liability in cybersecurity. Some companies are turning to the physical world to find chaotic data. Among them is Cloudflare, Inc., a global company providing internet hyperconnectivity for millions, which uses a wall of 100 lava lamps to produce stronger encryption keys.
“Computers are bad at being random,” said John Graham-Cumming, chief technology officer at Cloudflare. “To make the encryption we rely on to use the internet, we need random numbers. One way to get random numbers is to look at randomness in nature. One of the ways we do that is by taking pictures of the motion of the colored blobs in a wall of lava lamps. Their motion is not predictable. The pictures are then ‘hashed’ to produce a number that can be fed into our random number generators to give them a truly random starting point, called the ‘seed.’”
Wall of entropy
The movement of “lava” (or paraffin wax) inside lava lamps never forms the same shape twice, making these decorations an unpredictable data source for secure encryptions. At Cloudflare headquarters in San Francisco, a mounted camera is pointed at the lava lamp wall, named the “Wall of Entropy.” The camera captures images at timed intervals, which are saved as a series of numbers, with each pixel given a numerical value. This process creates a random string of numbers that Cloudflare’s services use to create secure encryption keys, but Cloudflare isn’t the first to use lava lamps — Silicon Graphics used a similar “Lavarand” system in 1996.
The wall has become an attraction for those visiting Cloudflare headquarters, and the crowds strengthen cybersecurity. By blocking the camera’s view of a few of the lava lamps, people looking at the wall add to its unpredictability.
“Cloudflare stops an average of 182 billion cyberattacks. With the help of good random numbers, we can offer extremely strong encryption to our customers,” said Graham-Cumming.
Incorporating real-world data
A system using predictable patterns makes it easier for cybercriminals to guess the encryption, leaving any company and industry vulnerable to cyberattack. Lava lamps are not the only real-world source for randomness. Cloudflare’s other locations in London and Singapore use different methods. The London office takes pictures of a double-pendulum system mounted in the office, and Singapore measures radioactive decay coming off a pellet of a small piece of uranium. Other industries targeted by cyberattacks, such as industrial environments, can use similar systems.
“Pointing a camera at smoke plumes from a manufacturing plant, tracking the shape and size of potato chips on a production line, or using a microphone to pick up unpredictable noises from machinery are all potential ways to generate the type of randomness that helps protect the Internet we all rely on,” said Graham-Cumming.
Related: