July 6, 2022
Sitting on a shelf at the Cloudflare office in San Francisco, California are 100 lava lamps that are responsible in part for 10 percent of the world’s internet encryption. That’s right- a lava from the 60’s is used for security.
When I first heard of this, I immediately looked it up because I thought there is no way this could be true. A lava lamp is wax and oil sitting on a hot incandescent light bulb. There is noting electronic about it.
What I learned was that the science here is not in the electronics but rather in the randomness of the wax blobs in the oil. There is a camera pointed at the wall that records the presence of a blob of wax. This string of reflective wax and non-reflective oil is then converted into a string of numbers that is considered to be truly random. Furthermore, the randomness changes 1000 times every second. This allows Cloudflare to generate unlimited amounts of random numbers without the use of a generator or algorithm. By removing the need for an algorithm in their quest for randomness, they are preventing hackers from being able to predict the security keys that protect the internet.
Basically, thermal dynamics of fluid and entropy are source for a truly random number. Beyond fluid thermal dynamics there are other common sources of randomness. Other companies use radioactive decay and a Geiger counter or in the case of random.org they use a roof top microphone that recodes atmospheric noise and converts that to a random number.
The next time you go to a website and see the lock icon next to the address at the top left side of the browser window you may just be using an SSL certificate that uses an encryption key that was generated by lava lamps.
If your company is in need of randomness or SSL certs for the internet, please reach out to us!