How lava lamps and pendulums protect the internet
Fun Fact: Lava Lamps Protect the Internet!
Did you know that lava lamps are safeguarding us from major hacker attacks? Credit cards, cryptocurrencies, and even nuclear arms facilities are protected thanks to these unique lamps. Located at the headquarters of Cloudflare, these lamps play a crucial role in internet security.
As of 2022, more than 20% of the Internet relies on Cloudflare for its web security services, including about 8 million websites. To encrypt information and keep it safe from hackers, Cloudflare needs random numbers. They discovered the grooviest solution: a wall of lava lamps!
The mesmerizing movements inside these lava lamps are converted into random numbers. These numbers are so unpredictable that it’s nearly impossible for hackers to crack the codes.
LavaRand
At the headquarters of Cloudflare, a web security and content company in San Francisco, there’s a wall adorned with 100 lava lamps of various colors. These aren’t just for decoration or a throwback to the psychedelic 60s. They serve a crucial purpose: helping to encrypt the worldwide web. The system is called LavaRand or The Wall of Entropy.
The Science of Randomness
Computers, by design, are logical and predictable machines. They’re not naturally good at creating the random data needed for secure encryption. Enter the lava lamp, an emblem of randomness. The “lava” in a lava lamp never takes the same shape twice, making it a perfect source of random data.
The Art of Encryption
A camera is set up to take photos of these lava lamps at regular intervals. Each digital image, a series of numbers with each pixel having its own numerical value, becomes a string of totally random numbers. This unpredictable data is then used to create the keys that encrypt the traffic flowing through Cloudflare’s network.
The Unpredictable Key
In the realm of cryptography, random doesn’t just mean statistically random; it also means unpredictable. If encrypted data is predictable, it might as well already be compromised. Hence, the more random a cryptographic key, the more difficult it is to crack.
So, the next time you see a lava lamp, remember, it’s not just a funky piece of decor. It could be a crucial player in the grand game of internet encryption, turning psychedelic swirls into secure cyphers.
Why is it so hard for an algorithm to make a random number?
It’s impossible to create an algorithm on a computer that produces a truly random number without any seed or external input. Here’s why:
- Computers are Deterministic Machines: Computers operate based on a set of instructions and manipulate data in a predictable way. There’s no inherent randomness within their workings. Think about it; say you made a formula to create a random number e.g. 3×5+46573571/9,878-1412, it’s always going to be the same answer right? (3,115) In this example you could say the seed was 3.
- Algorithms are Defined Sequences: An algorithm is a finite set of instructions. Given the same input (seed), the algorithm will always produce the same output. Without any input (seed) to influence the process, the algorithm can’t magically generate true randomness.
However, there are techniques to get very close to true randomness by using external sources of randomness:
- Physical Phenomena: We can utilize unpredictable physical phenomena as seeds. Examples include measuring thermal noise (noise generated when electrons pass through a transistor in the machine), radioactive decay, or atmospheric disturbances. These external sources introduce true randomness into the process.
- Hardware Random Number Generators (HRNGs): Some computer systems have dedicated hardware components that exploit physical phenomena to generate random numbers. These HRNGs provide a good source of randomness to seed algorithms.
The Multi-state Lottery Association even used a Geiger counter to measure the radiation in the air to use as a seed for their random numbers.
The Man Who Cracked the Lottery – NY Times
Even with these techniques, the generated numbers are technically pseudo-random, as it is not true random, but the quality of randomness is significantly improved by incorporating external, unpredictable elements.
Entropy – lack of order or predictability
Oxford Languages
JavaScript keeps it a secret how their random algorithm works
You can use the command Math.random() to create a random number in javascript.
There’s no official specification on how different JavaScript engines create the initial seed for Math.random. It might be based on factors like:
System time
Internal browser state
Other unpredictable factors
Other possible seeds in random algorithms could include System temperature, Weather readings or any other unpredictable external source (like lava lamps!)
Pendulums and Hanging Mobiles as random seeds
Whilst the San Francisco Cloudflare office uses lava lamps, their offices in Austin and London use hanging mobiles and pendulums.
In London probably a poor intern’s job is to go and reset the pendulums every once in a while. They serve the same process as the lava lamps as a webcam takes photos of the pendulums or mobiles and converts those into numbers that are used as part of the entropy mix to produce the random numbers necessary for encryption.
Does that mean if you had access to the pictures of the lava lamps you could hack the internet?
Lava lamps are just one fascinating piece of the entire entropy puzzle at Cloudflare. These are only a small part of the overall entropy mix used to secure the internet. Even if someone managed to access images of the lava lamps, it wouldn’t be enough to crack the codes. The system combines multiple sources of randomness, ensuring that the security is robust and nearly impossible to breach. The lava lamps add an extra layer of unpredictability, but they are complemented by other sophisticated methods, making hacking attempts futile.