How Lava Lamps Help Protect Your Data
They're at the heart of a groovy encryption method
En español | Ah, the lava lamp: icon of hippie coolness, setter of moods, instant nostalgia generator. Also, a warrior in the battle to protect your digital data. What?!
It’s true. A wall of 100 lava lamps, located in the lobby of the San Francisco headquarters for internet service and security company Cloudflare, is part of a Rube Goldberg–like method to securely encrypt data. And it's a lot of data: Cloudflare says it handles more than 10 percent of all http and https traffic (the most common types of web page requests) on the internet. Its customers include some of the world's biggest digital-commerce giants.
Cloudflare calls its invention the Entropy Wall and uses it as a backup to more traditional encryption methods. You can see it in action in this YouTube video.
The wall is, well, a groovy way of addressing a surprisingly difficult tech question: How do you create a truly random number?
Those numbers are vital to the process of securely encrypting data, but generating them by computer creates a potential problem. Computers “can execute the same code a million times, and so long as they are given the same inputs each time, they’ll always come up with the same outputs,” Joshua Liebow-Feeser, a security engineer at Cloudflare, writes in a company blog post. In other words, it’s at least theoretically conceivable that a computer-generated random number can be predicted and the encryption can be broken.
But the 100 lava lamps scramble that digital thinking. The flow of the “lava” (actually a wax compound) in those lamps can potentially be affected by all sorts of factors — variances in room temperature, vibration from a nearby copy machine, someone touching a lamp, light bulbs in the bases that run hotter or colder than usual, or pretty much anything that can make the lava move. That throws a chunk of random real-world chaos into this digital process.
All of this is made digital by pointing a camera at the lamps and sending the feed into a computer. That feed is converted into data, which are then used to generate random numbers that serve as the basis for encryption.
Engineers at the company call the system LavaRand and point out that it’s not an original idea. Computer and software manufacturer Silicon Graphics proposed and patented the system in 1996, but that patent has expired.
“Hopefully, the primary sources of randomness used by our production servers will remain secure, and LavaRand will serve little purpose beyond adding some flair to our office,” Liebow-Feeser says in the blog post. “But if it turns out that we’re wrong, and that our randomness sources in production are actually flawed, then LavaRand will be our hedge, making it just a little bit harder to hack Cloudflare.”
So the next time you fire up your lava lamp, remember, it's a vital security tool.