Cloudflare Blog on Encryption & Randomness: Add some lava lamps

[WMGroomAK]

Thought that this was a neat technical article from Clouflare on how they are obtaining random values to feed their cryptographically secure pseudorandom number generators (CSPRNG).  Essentially, their San Francisco office has a camera pointed at a wall of lava lamps that it is constantly watching and will convert the image into a numeric value to feed into the CSPRNG to generate a secure encryption key, thus making it extremely difficult (try to never use the impossible term) to actually break their key.  In a separate article from August, they mention that their London office uses a similar technique but instead is focusing on three double pendulum setups while their Singapore office has a Geiger counter measuring the radioactive decay of a uranium pellet in a glass bell in the lobby.  

https://blog.cloudflare.com/lavarand-in-production-the-nitty-gritty-technical-details/

 

Quote

While the probability is obviously very low that somebody will manage to predict or modify the output of the entropy sources on our production machines, it would be irresponsible of us to pretend that it is impossible. Similarly, while cryptographic attacks against state-of-the-art CSPRNGs are rare, they do occasionally happen. It’s important that we hedge against these possibilities by adding extra layers of defense.
That’s where LavaRand comes in.
In short, LavaRand is a system that provides an additional entropy source to our production machines. In the lobby of our San Francisco office, we have a wall of lava lamps (pictured above). A video feed of this wall is used to generate entropy that is made available to our production fleet

We're not the first ones to do this. Our LavaRand system was inspired by a similar system first proposed and built by Silicon Graphics and patented in 1996 (the patent has since expired).
The flow of the “lava” in a lava lamp is very unpredictable,6 and so the entropy in those lamps is incredibly high. Even if we conservatively assume that the camera has a resolution of 100x100 pixels (of course it’s actually much higher) and that an attacker can guess the value of any pixel of that image to within one bit of precision (e.g., they know that a particular pixel has a red value of either 123 or 124, but they aren’t sure which it is), then the total amount of entropy produced by the image is 100x100x3 = 30,000 bits (the x3 is because each pixel comprises three values - a red, a green, and a blue channel). This is orders of magnitude more entropy than we need.

The overall design of the LavaRand system is pictured above. The flow of entropy can be broken down into the following steps: 
The wall of lava lamps in the office lobby provides a source of true entropy. 
In the lobby, a camera is pointed at the wall. It obtains entropy from both the visual input from the lava lamps and also from random noise in the individual photoreceptors. 
In the office, there’s a server which connects to the camera. The server has its own entropy system, and the output of that entropy system is mixed with the entropy from the camera to produce a new entropy feed. 
In one of our production data centers, there’s a service which connects to the server in the office and consumes its entropy feed. That service combines this entropy feed with output from its own local entropy system to produce yet another entropy feed. This feed is made available for any production service to consume.

Here is the articel from August talking at a lot less technical level and also mentions the London and Singapore offices...

 

https://www.fastcodesign.com/90137157/the-hardest-working-office-design-in-america-encrypts-your-data-with-lava-lamps

 

As I said, this is actually a really neat implementation for achieving randomness in security and it is actually kind of functional as office art.

[captain_to_fire]

Tom Scott made the video about that 

 

[Ryois]

That's very cool. As a user of Cloudflare user I have always wondered how they did their CSPRNG.

[sazrocks]

This is pretty cool. I would be more interested in hearing about their radioactive seed generator though.

[mr moose]

2 minutes ago, sazrocks said:

This is pretty cool. I would be more interested in hearing about their radioactive seed generator though.

That one got my interest too.

[WMGroomAK]

19 minutes ago, sazrocks said:

This is pretty cool. I would be more interested in hearing about their radioactive seed generator though.

 

17 minutes ago, mr moose said:

That one got my interest too.

The radioactive seed generator (at least to my understanding) basically is a Geiger counter measuring the decay of a pellet of Uranium and translating the rate of decay into a seed value to add into their CSPRNG.  Since the decay of any one atom of Uranium is random, the release it gives off would also be random.  They are basically taking what would be a school experiment (as the pellet used is the same as what would be used in this experiment) to explain radiation, half-life and decay and turning it into a part of their model.  

[sazrocks]

4 minutes ago, WMGroomAK said:

 

The radioactive seed generator (at least to my understanding) basically is a Geiger counter measuring the decay of a pellet of Uranium and translating the rate of decay into a seed value to add into their CSPRNG.  Since the decay of any one atom of Uranium is random, the release it gives off would also be random.  They are basically taking what would be a school experiment (as the pellet used is the same as what would be used in this experiment) to explain radiation, half-life and decay and turning it into a part of their model.  

Oh I know all that; I was just curious as to their exact setup.

[vorticalbox]

No one else concerned about the about of power that uses? It must make a tonne of heat too.

 

there are 80 lamps in the picture, assuming that's the while wall now lava lamp bulbs I find on eBay are around 30w meaning that wall 2400 w which is the same as my cooker. 

 

 

[Bananasplit_00]

12 minutes ago, vorticalbox said:

No one else concerned about the about of power that uses? It must make a tonne of heat too.

 

there are 80 lamps in the picture, assuming that's the while wall now lava lamp bulbs I find on eBay are around 30w meaning that wall 2400 w which is the same as my cooker. 

 

 

That's an insignificant amount of their power bill if you think about what servers they probably have... 

[GDRRiley]

7 hours ago, vorticalbox said:

No one else concerned about the about of power that uses? It must make a tonne of heat too.

 

there are 80 lamps in the picture, assuming that's the while wall now lava lamp bulbs I find on eBay are around 30w meaning that wall 2400 w which is the same as my cooker. 

 

 

we are talking about a small number in the server hosting world. a rack can take 25,000W of power or more so this a drop in the bucket. 

[silberdrachi]

https://xkcd.com/221/

 

Not sure why people are going to these lengths to ensure randomness, pretty sure we figured it out ages ago. Bonus, its only 1 line of code!

 

Sorry someone had to link the relevant XKCD, pretty sure its a law

[ScratchCat]

8 hours ago, vorticalbox said:

No one else concerned about the about of power that uses? It must make a tonne of heat too.

 

there are 80 lamps in the picture, assuming that's the while wall now lava lamp bulbs I find on eBay are around 30w meaning that wall 2400 w which is the same as my cooker. 

 

 

As as other people have said it is insignificant for them, as well as the fact that filament bulbs are so good at turning electrical energy into thermal energy that they don't need to have the heating of the building as high.

 

That purchase must have been rather awkward: 

employee: " Boss we need to buy 300 lava lamps and hang them up by the entrance"

Cryptographically Uneducated boss: " Are you out of your mind? what for?!"