"Something like ten percent of the web flows through Cloudflare's network," states Nick Sullivan, Head of Cryptography for internet "gatekeeping" service Cloudflare.
So, in order to keep their client's protected, they need to generate a lot of unpredictable, completely random numbers. That's where this wall of lava lamps comes in.
Cloudflare's "Wall of Entropy" sits in the lobby of their headquarters in San Francisco. It uses the unpredictability of its flowing "lava" to assist in randomly generating numbers.
On their blog, they explain how it works, for people both with technical and non-technical backgrounds. This is an excerpt from their non-technical explanation:
At Cloudflare, we have thousands of computers in data centers all around the world, and each one of these computers needs cryptographic randomness. Historically, they got that randomness using the default mechanism made available by the operating system that we run on them, Linux.
But being good cryptographers, we’re always trying to hedge our bets. We wanted a system to ensure that even if the default mechanism for acquiring randomness was flawed, we’d still be secure. That’s how we came up with LavaRand.
LavaRand is a system that uses lava lamps as a secondary source of randomness for our production servers. A wall of lava lamps in the lobby of our San Francisco office provides an unpredictable input to a camera aimed at the wall. A video feed from the camera is fed into a CSPRNG, and that CSPRNG provides a stream of random values that can be used as an extra source of randomness by our production servers. Since the flow of the “lava” in a lava lamp is very unpredictable,1 “measuring” the lamps by taking footage of them is a good way to obtain unpredictable randomness. Computers store images as very large numbers, so we can use them as the input to a CSPRNG just like any other number...
Hopefully we’ll never need it. Hopefully, the primary sources of randomness used by our production servers will remain secure, and LavaRand will serve little purpose beyond adding some flair to our office. But if it turns out that we’re wrong, and that our randomness sources in production are actually flawed, then LavaRand will be our hedge, making it just a little bit harder to hack Cloudflare.
photo by @mahtin via Cloudflare
Inspired by XKCD’s classic diceware strip, a programmer named Alice created an open-source algorithm to randomly generate secure passphrases in Welsh. As difficult as it would be for any human or computer to figure out a nonsense phrase like, “correct horse battery staple,” it would be even more difficult to guess, “stwffwl batri ceffyl cywir,” […]
Ross Anderson (previously) is one of the world's top cryptographers; the British academic and practitioner was honored by having his classic, Security Engineering, inducted into The Cybersecurity Canon; however, he was not able to attend the awards gala himself because the US government sat on his visa application for months, and ultimately did not grant […]
Banksy's anonymity makes it hard to authenticate his pieces and prints, so Banksy has created a nonprofit called "Pest Control" that issues certificates of authenticity: you send them an alleged Banksy print and £65 and if they agree that it's authentic, they'll return it with a certificate that has a torn-in-half "Di-faced" fake banknote with […]
Anyone who’s ever been fishing can attest to the fact that it can be mind-numbingly boring at times, which is where the intrepid GoFish Cam Wireless Underwater Fishing Camera comes into play. This WiFi-enabled camera will help you catch more fish and have more fun while you’re doing it, thanks to a 1080p lens that […]
Boxed wines have come a long way since their admittedly subpar debut, and it’s now possible to grab a box of wine that delivers a surprising amount of flavor and body for a price that won’t break the bank. This Boxxle Premium Wine Dispenser makes it even easier to enjoy your favorite bag-in-box wine by […]
If you’re interested in either beginning or furthering a career in graphic design, you need to have a thorough understanding of Adobe’s famed editing and illustration tools, and these bundles will get you to where you need to be for a fraction of what you’d pay for an in-class education. 1. The Essential Adobe Photoshop […]