Lava Lamps for a Secure Digital World
The randomness of organic processes provides a path to next-level encryption
What do you get when you film a wall of lava lamps and use the resulting patterns to inform powerful encryption keys? If you’re Cloudflare, you get a superior way of protecting data as it goes across the web. They call their approach “LavaRand.”
The goal is to bridge the difference between “random” and “unpredictable.” For cryptographers, the predictability of computers creates limitations on randomness, stopping them short of total unpredictability as they generate encryption keys. But if you start with an unpredictable observation and feed that into the randomness algorithm, you can get a much more random — that is, unpredictable — encryption key. These are called “cryptographically-secure pseudorandom number generators” (CSPRNGs) — starting with an input which is itself unpredictable, CSPRNGs produce a stream of output which is also unpredictable.
Lava lamps produce unpredictable blobs that rise, fall, bump, and merge in mesmerizing ways. They remain active for long periods of time, but also just sit there, so observations are easy. Put a bunch on a wall, set up the right camera and programming, and you have a way to create unpredictable encryption keys.
As the Cloudflare team writes on its blog:
LavaRand is a system that uses lava lamps as a secondary source of randomness for our production servers. A wall of lava lamps in the lobby of our San Francisco office provides an unpredictable input to a camera aimed at the wall. A video feed from the camera is fed into a CSPRNG, and that CSPRNG provides a stream of random values that can be used as an extra source of randomness by our production servers.
Enjoy this fascinating and lovely video about their approach.