This Company Uses a Wall of 100 Lava Lamps to Encrypt Data

It appears that there may be a second life in store for the iconic lava lamp (and no, it doesn’t involve music festivals or tie-dye t-shirts).

They will be employed as a stealthy fleet of Internet security guards. San-Francisco-based web performance and security company Cloudflare uses 100 of them to generate a code that is both unique and difficult to predict and most importantly, more difficult for hackers to crack. It hopes the technique can be used to support large, yet finite, work of random number generation carried out most many computers. The result is a 10% encryption rate of the information on the Internet passing through targeted sites like FitBit, OKCupid, and Uber, among others.

Randomness from lava lamps. @Cloudflare #InternetSummit pic.twitter.com/MtWGE3IPHC

— Jon Cotton (@JonCotton) September 15, 2017

Cloudflare's Head of Cryptology Nick Sullivan shared the details about the process: “We videotape these lava lamps, take these pictures and turn it into a stream of random unpredictable byte. This is what we use to create the keys that encrypt the data that passes through our network. This is not just a stunt; it's feeding into our real systems.” 

The Reasoning Behind the Lava Lamp Set Up

Cloudflare envisions the lava lamps as an alternative to traditional algorithm-generated code, explaining that in the are of cryptography, the definition of the term randomness in large part drives the approach to code generation: “[O]btaining true random values is usually expensive and slow, so using them directly in cryptographic algorithms is impractical. Instead, we use pseudorandomness. Pseudorandomness is generated through the use of a deterministic algorithm that takes as input some other random value called a seed and produces a larger amount of random output.”

“The flow of the 'lava' in a lava lamp is very unpredictable, and so the entropy in those lamps is incredibly high.”

“The flow of the 'lava' in a lava lamp is very unpredictable, and so the entropy in those lamps is incredibly high,” Cloudflare explained in its blog. “Even if we conservatively assume that the camera has a resolution of 100x100 pixels (of course it's actually much higher) and that an attacker can guess the value of any pixel of that image to within one bit of precision (e.g., they know that a particular pixel has a red value of either 123 or 124, but they aren't sure which it is), then the total amount of entropy produced by the image is 100x100x3 = 30,000 bits (the x3 is because each pixel comprises three values - a red, a green, and a blue channel).”

CloudFlare uses a stream of an HD video of a wall of lavalamps shot through a rotating crystal to generate entropy pic.twitter.com/WT0tVlSijM

— SwiftOnSecurity (@SwiftOnSecurity) May 6, 2016

The company has also installed impressive—though not as sophisticated as the San Francisco set up—random number generators utilizing in its two other main offices located in Singapore and London. They use a Geiger counter and pendulum, respectively.

And in all honesty, it does not get more random than a lava lamp. There is a truly mesmerizing effect caused by the maneuvering of the waxy compound throughout the liquid, as a result of changes in density and temperature (it’s small wonder that it became synonymous with mind-altering drugs in the 1960s). We’re just happy to know that the future of the lava lamp, thanks to Cloudflare, is secure, at least for now.