The web performance and security company, Cloudflare provides security and domain name services for companies such as Cisco (CSCO), FitBit, OKCupid, Uber, and Zendesk. It serves a total of 10 million website domains and the average Internet user touches its services around 500 times per day, according to its website.
The company hopes to leverage its solid reputation for its secure encryption into a 2019 $3.5 billion IPO. Cloudflare’s reputation is based in part on a shelf full of lava lamps.
The lava lamps in the lobby of Cloudflare’s San Francisco headquarters ensure randomness for generating encryption keys. ID Quantique explains that the strength of any cryptographic system lies in its keys – the random stream of bits used by the cryptographic algorithm to transform plain text into ciphertext and back again.
Lava laps provide Internet security
The secret to a secure key is the amount of randomness, or entropy used to generate the key. The greater the degree of entropy, the more secure the key is. Because conventional computers cannot generate true randomness, information from inputs such as mouse movements, disc interrupts, or system timers are all placed into a ‘pool’ of numbers, from which a ‘seed’ is picked. This ‘seed’ is then used in the pseudo-random number generation (PRNG) which generates the keys.
Instead of using mouse movements, disc interrupts or system timers, Cloudflare videotapes its wall of colorful constantly morphing lava lamps and translates that video information into unique cryptographic keys. The lava lamps work because fluid dynamics are hard, and no one has figured out how to predict the movements inside a lava lamp, let alone a wall of them. That means the random numbers being used in Cloudflare’s encryption are effectively random.
Nick Sullivan, Cloudfare’s head of cryptography, explained that instead of relying on code to generate these numbers for cryptographic purposes, the lava lamps and the random lights, swirling blobs, and movements are recorded and photographs are taken. This footage is then turned into a “stream of random, unpredictable bytes.” According to Mr. Sullivan, “… this unpredictable data is what we use to help create the keys that encrypt the traffic that flows through Cloudflare’s network.”
Mr. Sullivan continued,
Every time you take a picture with a camera there’s going to be some sort of static, some sort of noise,” . “So it’s not only just where the bubbles are flowing through the lava lamp; it is the state of the air, the ambient light — every tiny change impacts the stream of data.
The information is then fed into a data center and Linux kernels which then seed random number generators used to create keys to encrypt traffic.
rb-
Who didn’t have a lava lamp in college? Not only is Cloudflare’s wall of entropy fun, but it makes it harder for bad actors to break encryption.
Related articles
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.