How Cloudflare Uses Lava Lamps To Encrypt the Internet

YouTuber Tom Scott was invited to visit Cloudflare's San Francisco headquarters to check out the company's wall of lava lamps. These decorative novelty items -- while neat to look at -- serve a special purpose for the internet security company. Cloudflare takes pictures and video of the lava lamps to turn them into "a stream of random, unpredictable bytes," which is used to help create the keys that encrypt the traffic that flow through Cloudflare's network. ZDNet reports: Cloudflare is a DNS service which also offers distributed denial-of-service (DDoS) attack protection, security, free SSL, encryption, and domain name services. Cloudflare is known for providing good standards of encryption, but it seems the secret is out -- this reputation is built in part on lava lamps. Roughly 10 percent of the Internet's traffic passes through Cloudflare, and as the firm deals with so much encrypted traffic, many random numbers are required. According to Nick Sullivan, Cloudfare's head of cryptography, this is where the lava lamps shine. Instead of relying on code to generate these numbers for cryptographic purposes, the lava lamps and the random lights, swirling blobs and movements are recorded and photographs are taken. The information is then fed into a data center and Linux kernels which then seed random number generators used to create keys to encrypt traffic. "Every time you take a picture with a camera there's going to be some sort of static, some sort of noise," Sullivan said. "So it's not only just where the bubbles are flowing through the lava lamp; it is the state of the air, the ambient light -- every tiny change impacts the stream of data." Cloudflare also reportedly uses a "chaotic pendulum" in its London office to generate randomness, and in Singapore, they use a radioactive source.

Also known as LavaRand

[XXongo]

https://en.wikipedia.org/wiki/... Lavarand was a hardware random number generator designed by Silicon Graphics that worked by taking pictures of the patterns made by the floating material in lava lamps, extracting random data from the pictures, and using the result to seed a pseudorandom number generator.[1] Although the secondary part of the random number generation uses a pseudorandom number generator, the full process essentially qualifies as a "true" random number generator due to the random seed that is used. However, its applicability is limited by its low bandwidth.

Lava lamps are VERY deterministic!

[Rick+Schumann]

Have you ever watched a lava lamp for a while? Especially one that's been around for a while? They're incredibly deterministic.
I would think this would be a better source: http://random.irb.hr/

bps?

[Cajun+Hell]

I'm not saying it's a bad idea, but Cloudflare must need a lot. How many bps of entropy can you get per lava lamp?

Pseudo-Nerdery

Lava lamps are giant blobs of cohesive good. Unpredictable as they are, their entropy is pretty low.

We had an old slashdotter on here a few years ago who made specialised RNG generating cards. They used unpredicatable random static noise and filters to generate extremely high quality random data. Apparently their cards were so good, they discovered flaws in some kind of "Die Hard" suite of statistical tests. I think the cards retailed for ~$30 IIRC.

That's nerdery. That's going the distance. Using lava lamps? That's hipster shit. Pseudo-nerdery. Someone who, for whatever direction their lives have taken them, thinks they're a nerd, but really they're at best a geek who can follow a cookbook. And most of the internet won't be able to tell the difference.

The real nerds don't get stories written about them anymore.