10% of Global Internet Traffic Would be Secured by Lava Lamps

//10% of Global Internet Traffic Would be Secured by Lava Lamps

At its headquarters in San Francisco, technology firm Cloudflare chose to assign a different function to lava lamps. This modern Internet giant is a DNS provider that works to manage and secure millions of domain names of websites. Based on information provided by the site analysis W3Tech, an estimated 6 to 10% of global HTTP and HTTPS requests pass through the secure channel technology company, a huge data flows that should definitely be protected, especially against denial of service attacks (DDoS) like the one that knocked down the DNS provider Dyn in 2016.

Cloudflare has, therefore, opted for a proven data security technique: encryption. And that’s where the famous lava lamps in the lobby of his office come in. In a recent blog post, the company has detailed the importance of these lamps in the data protection system. Contrary to appearances, its wall of lava lamps is an integral part of an elaborate encryption system that ensures the protection of a significant part of global Internet traffic.

Cryptography techniques are used to generate random and secret series of numbers so that an opponent can never guess them. But according to Cloudflare, the random generation of these numbers would not be enough to guarantee optimal data security. From the point of view of society, what cryptographers would need most is a factor of “unpredictability,” which alone can ensure an optimal level of security encryption.

For unpredictable sequels, computer security firms typically have two options. The first is to use completely unpredictable physical processes that take a long time to measure, for example, accurately measuring the temperature of a processor at a specific time. The second is through the use of pseudorandom number generation algorithms (CSPRNGs). They can generate large numbers of random numbers very quickly if they are “connected” to a truly unpredictable source.


The ideal would seem to be to set up a system that combines the speed of the second solution with the best security guarantees provided by the first solution. Better still, a system could be created that would provide a CSPRNG with a variety of unpredictable sources.

The system called LavaRand operated by CloudFlare was designed by Silicon Graphics and patented in 1996. The lamps unpredictably produce wax bubbles. In parallel, a camera installed in the corner of the room records the scene, and the images are transformed into “a stream of random and unpredictable bits,” which are then provided to the pseudo-random generator. The latter in turn generates large numbers of numbers to encrypt the data traffic eventually.

CloudFlare has a variety of physical systems to produce tamper-proof keys in offices around the world. Its office in London has a “chaotic clock,” and the Singapore office bases its encryption on a radioactive source. For simplicity, we can say that the company uses in its premises in San Francisco an algorithm, a camera, and a hundred lava lamps to generate random encryption keys.

LavaRand and other Cloudflare DIY systems (Do It Yourself) are currently only used as a last resort, in case, for example, the company’s main server-based encryption system, based on Linux, would be compromised. This initiative at least has the merit of reminding us that it is important to maintain innovation in encryption systems at a time when algorithms alone no longer seem to be sufficient. “Hopefully we’ll never need it,” the company said in its blog post.

By |2017-12-11T01:21:45+00:00December 11th, 2017|Technology|2 Comments


  1. Oswaldo Antonio December 22, 2017 at 10:44 pm - Reply

    The CEO of the company, Matthew Prince, explained in an interview in FastCompany how computers were designed to be predictable, and that is one of the reasons why generating random numbers is not easy: you force the computer to do something unpredictable.
    The generation of random numbers by a computer is much more complex than it might seem, and to create truly random numbers more and more go to external events.
    Maybe some of you have verified it by generating PGP keys in which the software asks you to move the mouse randomly for several seconds, but in Cloudflare they have been even more creative with that process. This is a good innovation that promises a safe interface, a safe system in digital technology where the main objective is going to be the data security. Interesting post!

  2. Daniel Ogeto O. December 23, 2017 at 9:44 pm - Reply

    Indeed, there are many ways to skin a cat, very interesting and innovative approach to security right here. Digital technology as inspired lots of creative Ideas with many innovative startups catching up with the times through such innovative solutions. Whether this stream can be “truly” random or not, this solution sure seems more unpredictable and chaotic than relying on just software. And bonus points for keeping things a little more surprising, fun and flashy. Encryption is a hot topic today. While law enforcement often clashes with digital technology providers over backdoors and strong encryption getting in the way of cracking criminal cases, online, encryption can keep communication, payments, and accounts secure. Whether or not anything is truly random is up for debate, but the more random a cryptographic key, the more difficult it is to brute-force, guess, or crack — especially if you use out-of-the-box ideas like lava lamp movements which are almost impossible to replicate. Creating randomness is an essential part of encryption because it lets you create something that an attacker won’t be able replicate. However, computers are actually very bad at coming up with random numbers, as they are designed to be precise

Leave A Comment