kottke.org posts about Cloudflare

Lava Lamps Help Keep The Internet Secure??

posted by Jason Kottke   Jan 14, 2021

Web performance and security company Cloudflare uses a wall of lava lamps to generate random numbers to help keep the internet secure. Random numbers generated by computers are often not exactly random, so what Cloudflare does is take photos of the lamps’ activities and uses the uncertainty of the lava blooping up and down to generate truly random numbers. Here’s a look at how the process works:

At Cloudflare, we have thousands of computers in data centers all around the world, and each one of these computers needs cryptographic randomness. Historically, they got that randomness using the default mechanism made available by the operating system that we run on them, Linux.

But being good cryptographers, we’re always trying to hedge our bets. We wanted a system to ensure that even if the default mechanism for acquiring randomness was flawed, we’d still be secure. That’s how we came up with LavaRand.

LavaRand is a system that uses lava lamps as a secondary source of randomness for our production servers. A wall of lava lamps in the lobby of our San Francisco office provides an unpredictable input to a camera aimed at the wall. A video feed from the camera is fed into a CSPRNG [cryptographically-secure pseudorandom number generator], and that CSPRNG provides a stream of random values that can be used as an extra source of randomness by our production servers. Since the flow of the “lava” in a lava lamp is very unpredictable, “measuring” the lamps by taking footage of them is a good way to obtain unpredictable randomness. Computers store images as very large numbers, so we can use them as the input to a CSPRNG just like any other number.

(via open culture)