Hacker News Comments on
The Lava Lamps That Help Keep The Internet Secure
Tom Scott
·
Youtube
·
56
HN points
·
6
HN comments
- This course is unranked · view top recommended courses
Hacker News Stories and Comments
All the comments and stories posted to Hacker News that reference this video.Alternatively, just do what Cloudflare does (did?), and have some cameras pointed at lava lamps[0].
It is referencing this bit at Cloudflare: https://www.youtube.com/watch?v=1cUUfMeOijg
⬐ jedbergActually I'd never seen that before. Using lava lamps to generate randomness predates Cloudflare by a few decades. :)⬐ cpetersoAnd Cloudflare's lava lamps are an homage to SGI's 1996 Lavarand:
You are most likely thinking of tom scotts video on that very topic: https://www.youtube.com/watch?v=1cUUfMeOijg
⬐ willis936I've submitted this[0] to HN a few times but it's never caught on. Unlike this, it isn't a publicity stunt and it's in your pocket. It's pretty neat to be able to short circuit most of the nation state tinfoil hat concerns by rolling your own private key. However, if you're going this far then you likely think most every internet connected, commercially available device is compromised. In that case then generating a private key on such a device would be pointless.0. https://medium.com/vault12/how-to-get-true-randomness-from-y...
⬐ ncmncm⬐ kkielhofnerThe article starts out with, "it is very hard to find sources of good randomness". Then it goes on to show that fantastically good sources of randomness are everywhere, on every phone, on every laptop. Even where there is no camera, there is often a radio receiver, or a microphone, and the low bits of the A/D converter from those are just as good.It goes on to belabor the issue of runs of zeroes from oversaturated pixels. Stirring the whole frame into your entropy pool, all the non-random bits simply fail to add any entropy; they are otherwise harmless, no-op bits. But every frame has more than enough entropy, so the only way it matters is that stirring in a string of zeroes consumes power without adding entropy. If it takes as much energy to filter out the zeroes as to stir them in, you have achieved nothing by filtering them.
I always though the approach of using SDR radios to provide entropy is interesting and relatively unknown:https://www.rtl-sdr.com/rtl-sdr-as-a-hardware-random-number-...
Disclaimer: I participated in the development of this.
⬐ notRobotThey're used by cloudflare to generate random numbers -- so a subset of the internet, the bits that use cloudflare.⬐ jareklupinskiNo Geiger counters? https://github.com/jareklupinski/passing-particles lmk if you want a >real< source of random-ness ;P⬐ ncmncm⬐ MikeDeltaRadioactivity is not a better source of random noise than shot noise in semiconductors, or resistive noise from current in non-superconducting materials. It is not better than black-body noise from a radio receiver, or pixel noise in an image sensor, or the low 20 bits of your processor cycle counter, sampled when a keystroke or packet comes in.What does matter is whether you have the entropy you need when you need it. Your favorite radioactive source might not have that. At device power-on, you might need entropy before the camera or radio receiver is initialized. That is when you need to consider carefully where to get some entropy, and how much of it you need right then. Maybe you can arrange to have saved enough over from when you were last powered up.
Silicon Graphics used this as well⬐ ncmncm⬐ phendrenad2"Used". I.e., made a publicity stunt out of.A blank wall would work equally well. The actual source of randomness is noise in the individual pixels affecting the least significant bits of the analog samples. Every camera supplies way more than enough entropy for any conceivable use.
⬐ MikeDeltaYes, I indeed meant "used" as in had this art installation. Plenty of better ways for entropy extraction.https://blog.cloudflare.com/randomness-101-lavarand-in-produ...It seems that they've pointed a camera at a wall of lava lamps, and the output video feed is fed into their randomness generator. I wonder how they account for the fact that: (A) Most of the video feed is constant, only the blobs in the lava lamps move (B) Lava lamps aren't actually all that random (C) The wall is visible from the street, and someone with nation-state-level surveillance technology could easily reconstruct what that camera is seeing.
⬐ ocdtrekkieBear in mind if you are creating any sort of hash from an original data source, even a very small change has a radically different outcome for a hash algorithm. A nation-state may be able to spy on the lamps, but recreating the exact feed would be much harder, which is what you'd need to do anything useful there... it'd be far simpler to hack the camera feed.⬐ shp0ngleit’s just a publicity stunt.They do feed it as a one source, but it’s basically for fun.
⬐ sterlind⬐ chrisseatonAny CA worth their salt uses some sort of true random number generator by now, right? Like measuring radioactive decay or something?I imagine if you (e.g.) XOR the state of a strong PRNG with the timestamp from an atomic clock whenever your Geiger counter goes off, you'd have infinite true random.
⬐ tatersolidPlease don’t use the described approach, which doesn’t un-bias or decorrelate the samples. And where do you get the seed for your PRNG anyway?There are literally thousands of academic papers written on the topic of un-biasing and “extracting entropy” from noise sources. Most are overly complex; if you want a practical but secure approach see Yarrow, Fortuna, or the Linux kernel entropy pool.
⬐ sterlindThe seed from the PRNG would come from e.g. a few thousand samples of the radioactive decay. Isn't radioactive decay true random because it's a quantum effect? How could you have biased/correlated Geiger blips?⬐ tatersolidLet’s assume you’re getting absolute time stamps or arrival intervals from your Geiger counter. How do you convert those into a uniformly random PRNG seed? They will all be biased to a small range depending on your radiation source and measurement apparatus.Secondly, non-cryptographic PRNGs leak their state from their outputs.
This is a solved problem. Many academic and engineering hours have been put into real solutions. Dear reader, please use a recognized secure scheme instead of the amateur ad-hoc approach recommended up-thread. It has no theoretic or engineering basis. Don’t roll your own crypto.
> nation-state-level surveillanceWhy do people so often say 'nation-state' when talking about intelligence? What have nation-states got to do with anything? Most of the biggest intelligence agencies aren't attached to nation-states anyway.
⬐ tijsvdThanks for that link. The article links to another article with more background:https://blog.cloudflare.com/lavarand-in-production-the-nitty...
Which answers all your questions. Tl;dr: the lava feed is only an additional entropy source, it's not like they generate keys directly from the video feed.
⬐ zarzavatJust a relatively small number of pixels would be sufficient.A secure hash function has the avalanche property that changing 1 bit in the input, has an independent 50% chance of flipping each bit in the output.
So you just need to ensure that you have enough entropy for your desired security level.
Anybody wanting to reconstruct what the camera is seeing would have to reconstruct it to the exact pixel values, including any noise. i.e. you would have to intercept the signal from the camera they are using, you couldn't just point another camera at the wall.
A Tom Scott video on this: https://www.youtube.com/watch?v=1cUUfMeOijg
Cloudflare uses a wall full of lava lamps, theres a tom scott video on it
There's a good Tom Scott video on this too. Like most of his stuff, it's well worth the watch.
⬐ woodandsteelOn the internet, nobody knows you're a lava lamp.
⬐ microcolonelNot only "Lava lamps as a source of encryption entropy", but "Lava lamps used as a source of encryption entropy in production at Cloudflare.".
⬐ blonkyI have a lava lamp on my desk. It generates a lot of heat. That wall must be pretty hot.Here's the link to Lavarand the reporter references at the end: https://en.wikipedia.org/wiki/Lavarand