When You Can’t Rely on Code… How This Wall of Lava Lamps Secures the Internet By Being Unpredictably Real
The company powering large swaths of the internet relies on a wall of lamps to ensure security. Cloudfare provides the infrastructure behind major portion of today's internet. The company offers domain name services to millions of the most prominent sites, along with offering DDoS (distributed denial-of-service) attack protections, free SSL, encryption, and other security services. A video posted recently by YouTuber Tom Scott reveals Cloudflare has a unique way of ensuring randomness when generating encryption keys.
Cloudflare's encryption secret? Meet the wall of lava lamps
One of the key features of its secure encryption is a wall of 100 lava lamps in the lobby of Cloudflare's San Francisco headquarters. Scott's video explains how this random wall plays an important part in helping the company generate truly random numbers. Around 10 percent of the web traffic flows through Cloudflare's network, which means the company deals with a lot of encrypted traffic requiring lots of random numbers.
Instead of relying on machines to generate these numbers, Cloudflare uses lava lamps and its random light flickers to generate numbers that are actually random. The company records a stream of these lamps and their swirling movements. This recording is then converted into unique, unpredictable cryptographic keys. While you may think that this wall can be replicated and, thus, keys can be generated by an attacker but it's not just about their arrangement but the ambient noise, as well. Nick Sullivan, Cloudfare's head of cryptography, said:
"Every time you take a picture with a camera there's going to be some sort of static, some sort of noise. So it's not only just where the bubbles are flowing through the lava lamp - it is sort of the state of the air, the ambient light - every tiny change impacts the stream of data." - Sullivan
The data is fed into a data center and Linux kernel that then seed random number generators that are used to generate keys for encryption. "This unpredictable data is what we use to help create the keys that encrypt the traffic that flows through Cloudflare's network," Sullivan added.
Whether this stream can be "truly" random or not, this solution sure seems more unpredictable and chaotic than relying on just software. And bonus points for keeping things a little more surprising, fun and flashy.
It isn't just lava lamps that helps Cloudflare ensure security in a flashy way. In its London office, the company also uses a pendulum system that has three dual pendulums working in the same way as this wall of lava lamps - the video of the movements is recorded and then converted into random numbers. Reportedly, if you go to Cloudflare's London office, you can press a button to get a random number receipt that uses the outputs from this system to create a QR code, a maze, and a sudoku game. As Sullivan said, these are not just some stunts, they actually work...
Here's Scott's full video (shared first by Gizmodo) of this gorgeous wall of lava lamps and how it works to keep internet secure.