How Cloudflare’s wall of lava lamps helps keep the internet safe – XDA Developers

admin on April 4, 2023 Leave a Comment

The internet is a vast place made up of near-limitless servers, and some of the biggest websites need to rely on Content Distribution Networks (CDN) to ensure their sites are available to the masses. These servers are spread out across the globe to serve versions of a website in a locality, meaning that users experience reduced latency while also spreading out the requests of a global user base across multiple servers. Cloudflare is one of the largest providers of CDNs in the world, so companies and people alike rely on it.

Giving control of huge portions of your website to a third party requires a lot of trust, and Cloudflare has a number of novel solutions to modern-day problems. One of the most interesting is the company's wall of lava lamps, which serves as a way to guarantee the strength of the encryption that it employs for delivering pages to users. While it sounds crazy at first, its importance is due to a cryptographic concept called entropy.

Computers, being logical devices, struggle with generating randomness. They need some data to base the creation of "random" off of, and if you can predict the original data it uses, it's not actually random anymore. That's how the real world can help by generating entropy. Entropy in the real world typically refers to disorder, but in cryptography, it refers to unpredictability. This is better for encryption because a higher level of entropy in data means little to no meaningful patterns can be found.

Encryption is a predictable process, in the sense that the encrypted data plus the right key will give you access to the decrypted data, but encryption keys need to be unpredictable, or else an attacker can try to detect patterns. If the key used isn't random enough, then the data is at risk of being compromised by an attacker. That's where lava lamps come in. They're an inherently random variable that will always change.

Generating randomness is important to create entropy, and it doesn't get a lot more random than a picture taken of 100 lava lamps at any time of the day in different lighting conditions, in different positions, and even with people occasionally crossing in front of the camera. That's why Cloudflare dubs it the "Wall of Entropy."

Images stored as data on a computer are just a string of 1s and 0s at the end of the day, and minor changes in a photo can mean those strings massively change. As a result, each image becomes a random cryptographic "seed" that can be used for generating secure encryption keys.

These encryption keys are generated using a pseudorandom number generator that takes this seed as input. If you've ever played Minecraft and used a custom seed to generate a world, then you have experience with these. The seed is seemingly random to you, but if you create a world with the same seed every time you'll end up with the same world every time, too. The same applies in cryptography, and the same input to create encryption keys will give the same encryption keys every time. That's why the changing input value of an image taken of lava lamps offers that additional layer of security.

Lava lamps are an inherently random variable that will always change.

However, there's nothing particularly special about lava lamps, and it's why Cloudflare has two other projects to achieve a similar goal. I reached out to the company, and a spokesperson told me about two other similar projects, one of which is currently being built.

The first, in the company's London office, is known as the "Chaotic Pendulums." The movements are chaotic and "practically impossible" to predict, and Cloudflare uses readings from those devices to make long strings of numbers for key generation.

The second, which is currently under construction in the company's Austin office, is called "Suspended Rainbows." How it works is pretty cool, too. Entropy is generated via patterns projected on walls, the ceiling, and the floor, and mobiles with various shapes and colors are suspended in the air. The company also says that "as the mobiles rotate and the light sources fluctuate during the day, unique arrangements of the light spectrum and reflections create a colorful display in the room."

If the camera turns off and the company has to fall back on a different process for key generation, there are alternatives. The company has other sources of randomization, including the above pendulums, the upcoming suspended rainbows system, and previously, uranium decay measurements that were taken at the company's Singapore office.

Not only that, but given that the camera is in a Cloudflare-owned building filled with employees, it's a quick and painless process to quickly fix the camera, turn it back on, or replace it if needs be.

Given that computers cannot inherently generate true randomness, the Wall of Entropy is a novel solution to a problem that has plagued computers since their inception. A "random" function that you can call in a programming language isn't truly random, and for example, in C, you might use the current Unix epoch as your seed for "random" generation. That poses its own problems, and for a company of Cloudflare's scale, isn't the safest.

As you browse the internet and navigate a swathe of content distribution networks operated by the likes of Cloudflare, rest assured that a wall of lava lamps in San Francisco is part of the security system that keeps your browsing safe.

See the article here:
How Cloudflare's wall of lava lamps helps keep the internet safe - XDA Developers

Related Posts
Posted in Encryption

Comments are closed.