The Internet is a vast place made up of almost unlimited servers, and some of the largest websites need to rely on Content Distribution Networks (CDNs) to ensure that their sites are available to the masses. These servers are spread around the world to serve versions of a website in a local area, which means that users experience lower latency as requests from a global user base are spread across multiple servers. Cloudflare is one of the largest CDN providers in the world, so businesses and individuals alike rely on it.
Giving control of huge portions of your website to a third party requires a great deal of trust, and Cloudflare has a number of new solutions to modern-day problems. One of the most interesting is the lava lamps’ corporate wall, which serves as a way to ensure the strength of the encryption it uses to deliver pages to users. While it sounds crazy at first, its significance is due to a coding concept called entropy.
What is entropy?
Computers, being logical devices, struggle with randomness generation. They need some data to build a “random” generation from, and if you can predict the original data you’re using, it won’t actually be random anymore. This is how the real world can help by generating entropy. Entropy in the real world usually refers to chaos, but in cryptography, it refers to unpredictability. This is better for coding because the higher level of entropy in the data means that few or no patterns can be found.
Encryption is a predictable process in the sense that the encrypted data plus the correct key will give you access to the decrypted data, but the encryption keys must be unpredictable, otherwise the attacker can try to discover patterns. If the key used is not random enough, the data is at risk of being compromised by an attacker. This is where lava lamps come in. It is an inherently random variable that will always change.
Why does Cloudflare use lava lamps in the entropy wall?
Generating randomness is important to creating entropy, and it doesn’t get much more random than a photo taken of 100 lava lamps at any time of the day in different lighting conditions, in different positions, and even with people occasionally passing by in front of the camera. That’s why Cloudflare calls it the “wall of entropy.”
Pictures stored as data on a computer are just a string of 1s and 0s at the end of the day, and slight changes in an image can mean those strings change dramatically. As a result, each image becomes a random cryptographic “seed” that can be used to generate secure encryption keys.
These encryption keys are generated using a pseudo-random number generator that takes this source as input. If you ever played Maine Craft And you used a custom stub to create a world, you have experience with that. the seed Seemingly Random for you, but if you generate a world with the same seed every time, you’ll end up with the same world every time too. The same applies to encryption, and the same entry to generate encryption keys will give the same encryption keys every time. This is why a variable input value for an image taken from lava lamps provides an extra layer of security.
Lava lamps are an inherently random variable that will always change.
However, there is nothing particularly special about lava lamps, which is why Cloudflare has two other projects with a similar goal in mind. I reached out to the company, and a spokesperson for the company told me about two similar projects, one of which is currently under construction.
The first, in the company’s London office, is known as the “chaotic pendulum”. The movements are chaotic and “virtually impossible” to predict, and Cloudflare uses readings from those devices to make long strings of numbers to generate the keys.
The second, which is currently under construction at the company’s Austin office, is called Hanging Rainbows. How it works is pretty cool too. Entropy is generated by the patterns projected onto the walls, ceiling, and floor, and mobile phones of various shapes and colors suspended in the air. The company also says that “as cell phones rotate and light sources fluctuate during the day, unique arrangements of light spectrum and reflections create a colorful show in a room.”
What happens if the camera is turned off?
If the camera is turned off and the company has to fall back to a different process to generate the keys, there are alternatives. The company has other sources of randomness, including the aforementioned pendulums, the upcoming hanging rainbow system, and measurements of uranium decay taken at the company’s Singapore office formerly.
Not only that, but since the camera is housed in a Cloudflare-owned and well-staffed building, it’s a quick and painless process to quickly fix, restart, or replace the camera if needed.
The entropy wall is a clever solution to a unique problem
Given that computers cannot inherently generate true randomness, the entropy wall is a novel solution to a problem that has plagued computers since their inception. The “random” function you can call in a programming language isn’t really random, and for example, in C you can use the current Unix era as your harbinger of “random” generation. This presents its own problems, and for a company of Cloudflare’s size, it’s not the most secure.
As you surf the Internet and navigate through the plethora of content distribution networks run by the likes of Cloudflare, rest assured that a wall of lava lamps in San Francisco is part of the security system that keeps your browsing safe.