1

In this 2017 video by Computerphile's Tom Scott, "The Lava Lamps That Help Keep The Internet Secure", Scott tours Cloud Flare's facility and checks out their Wall of Entropy. This is essentially a wall of many lava lamps that has state capture with a webcam, digitized, and pushed into the kernel as a source of entropy.

You can see at t=55 Scott says that a computer's random number generator isn't "good enough" (for Cloudflare's use case), and that the Lava Lamps are "entirely random".

Later, a Cloud Flare employee, even goes so far as to claim that some of the very concerns I would have, add to security, you can see this here

Every time that you take a picture with a camera there is going to be some sort of static, some sort of noise, so it's not only where the bubbles are flowing through the lava lamp it's sort of the state of the air, the ambient light, every tiny change impacts the data.

But presumably in all of those changes the distributions are less random then the ones accepted and in the kernel.

He ends off with

This is not just some stunt that we pulled in, it's actually being fed into our real systems.

Does this idea of external entropy with lava lamps have any merit on improving on the guarantees of a modern (2017) random number generator?

Evan Carroll
  • 2,325
  • 4
  • 22
  • 29
  • 2
    Potential duplicates: https://security.stackexchange.com/questions/42428/is-generating-random-numbers-using-a-smartphone-camera-a-good-idea and https://security.stackexchange.com/questions/191296/for-a-normal-computer-user-does-it-make-a-difference-to-have-a-good-entropy-s/191306#191306 – schroeder Mar 06 '19 at 17:42
  • 1
    I guess the most important thing is that they can't possibly reduce entropy when using a mixing function. – Polynomial Mar 06 '19 at 17:46
  • Entropy is like money, you can never have too much. Well, not to feed fortuna at least... – dandavis Mar 06 '19 at 17:55

0 Answers0