Cloudflare uses lava lamps to generate random cryptographic keys

This reads like an April Fools' Day post but apparently content delivery network Cloudflare is using lava lamps to bolster its security. Over at the headquarter in San Francisco, the company has a big wall of lava lamps that it nicknames the Entropy Wall.

The internet company uses the Entropy Wall for its LavaRand cryptography system, to generate keys that are truly random. One of the problems with cryptography is that the process for generating random bits needs to be unpredictable. Obtaining true random values is usually expensive and slow so this is where the LavaRand comes in. Cloudflare uses a video feed of this wall to ensure its production machines always have access to secure randomness even if their local entropy sources are compromised. A full technical explanation can be read at the company's blog.

The flow of the “lava” in a lava lamp is very unpredictable, and so the entropy in those lamps is incredibly high. Even if we conservatively assume that the camera has a resolution of 100x100 pixels (of course it’s actually much higher) and that an attacker can guess the value of any pixel of that image to within one bit of precision (e.g., they know that a particular pixel has a red value of either 123 or 124, but they aren’t sure which it is), then the total amount of entropy produced by the image is 100x100x3 = 30,000 bits (the x3 is because each pixel comprises three values - a red, a green, and a blue channel). This is orders of magnitude more entropy than we need.