Have you ever seen a lava lamp? For some, those colourful decorations represent a relic from a bygone era when disco was all the rage and people said things like “groovy” or “boogie.” For others, they represent a fun piece of nostalgia that can brighten up a room — both literally and figuratively. But for an internet security company in Palo Alto, they are tools that help protect millions of websites from hackers and malicious attacks.
This might seem odd. How can lava lamps protect websites? They’re just lamps with some colourful bubbles. They don’t even connect to the internet.
Well, to understand how lava lamps can be so useful, we must first understand a fundamental building block that holds everything on the internet together: cryptography.
Julius Caesar can’t keep a secret
How is it that you can go on your browser and enter your credit card number to order some food, open a new tab and log in to Instagram to catch up on your feed, and then go to your bank on a third tab to pay your bills, all without any of your information being stolen? The answer is cryptography — the design of secure communication through encrypted messages.
Encryption is basically the act of scrambling a message to obscure its content from unwanted prying eyes. Humans have been sending secret messages for as long as we’ve been sending written messages. One of the most famous encryption techniques — the Caesar cipher — is said to have been used by Julius Caesar himself, over 2,000 years ago, to encrypt his messages. This technique consists of shifting each letter in a target message over in the alphabet by a pre-decided number so that the text is scrambled.
Since the days of Caesar, people have been racing to develop stronger encryption methods as advances in cryptanalysis keep rendering older techniques easily breakable and therefore useless. Nowadays, the Caesar cipher doesn’t even count as encryption anymore, since it can be cracked with a computer almost instantaneously.
Encryption on its own doesn’t get us far, though. The trick is for the intended recipient to be able to read the hidden message while eavesdroppers are left in the dark. This implies that the sender and receiver need to share some piece of information so that the receiver can reverse the operation that the sender performs on the text to reveal the message.
In the field of cryptography, this piece of information is called a key. So in the Caesar cipher, the key would be the number that determines how much each letter in the message is shifted.
Alice, Bob, and Eve
Imagine that two friends, Alice and Bob, want to communicate with each other securely, free from the prying eyes and ears of eavesdroppers like Eve. They would like to use an encryption technique that’s stronger than the Caesar cipher, but they still need to agree on a key before they start their communication, in order to be able to encrypt and decrypt each other’s messages.
Eve is very cunning and is monitoring Alice and Bob’s communications very closely. She can intercept every message while it’s on the way, read its contents, and send it along so that it reaches its destination as if nothing happened.
Alice and Bob now find themselves in a catch-22 situation. In order to establish secure communication, they need to agree on a key; but in order to agree on a key, they need to send messages out in the open, since they can’t encrypt their messages without a key. They could send their initial messages unencrypted and hope that Eve isn’t intercepting them, but they can’t guarantee that. If Eve gets her hands on the encryption key, she can read every subsequent message between Alice and Bob. Another option is to meet up physically and decide on the key that way, but what if they can’t meet? What if they don’t even live close to each other?
This is called the key exchange problem, and it plagued cryptographers for centuries before a clever solution changed everything.
If one key won’t cut it, get a second one
The previous example of an encryption system is what’s called “symmetric encryption” — a system of encryption where the same key is used both to encrypt and decrypt messages. This was the way that cryptography was done for centuries until the late twentieth century, when another form of cryptography was developed: asymmetric encryption.
As its name implies, an asymmetric encryption system uses two keys: one to encrypt messages, and another to decrypt them. The way this works can be visualized by thinking about our friends Alice and Bob again.
Imagine now that Alice and Bob have been keeping up to date with cryptographic advancements and want to use asymmetric encryption to their advantage. Alice starts by generating a pair of keys. The two keys are generated using a mathematical technique called modulus arithmetic, so that they are fundamentally related to each other but one can’t be derived from the other.
Once the two keys are generated, Alice will pick one at random to designate as her secret key that absolutely no one else can see. The other key in the pair becomes her public key and can be shared with everyone. Once Bob also generates a secret and public key, they can start communicating.
The beautiful way that two keys in an asymmetric pair are related is that any message encrypted with one of the keys in the pair can only be decrypted with the other key — not even by the same key. This is the key to how asymmetric encryption works. To send a secure message to Bob, Alice can encrypt her message using Bob’s public key, knowing that it can only be decrypted by the secret key that only Bob can access. Similarly, Bob can encrypt messages using Alice’s public key, knowing that they can only be decrypted by her secret key. The key exchange problem has been circumvented; no keys need to be exchanged in this system.
This does leave the possibility of Eve using Bob’s public key to send him messages and impersonate Alice. To overcome this, Alice can encrypt her messages with her own secret key, before encrypting them with Bob’s public key. This way, after Bob decrypts the message with his secret key, he tries to decrypt the second layer with Alice’s public key. If this works, it means that the message was encrypted with Alice’s secret key which only she can access, effectively working as a signature of authenticity.
Roll of the dice
Nowadays, all communication over the internet is built upon similar asymmetric encryption systems, which means that each computer needs to generate many key pairs for each communication.
Since the keys in asymmetric encryption are of the utmost importance, it’s necessary to ensure that they are strong and unbreakable. The best way to do this is to introduce randomness into the process of generating them. However, since computers can only carry out whatever instructions they’re given and nothing more, there is no way to generate real randomness using an algorithm — by definition, any algorithm is predictable.
The internet security company Cloudflare gets around this by using a wall of lava lamps. By pointing a video camera at a wall covered with lava lamps, they can effectively harvest the randomness of the bubbles, the minute fluctuations in the air, and the ambient noise created by the camera’s lens as random data to use in generating secure keys for use in online encryption.
Without cryptography and encryption, many of the things we take for granted today would not exist. Institutions like banks, stock markets, and government networks are dependent on good cryptography, and society as we know it would fall apart if our cryptographic systems failed. So, while lava lamps might seem like mildly interesting novelty items, we shouldn’t underestimate their importance in keeping our society functioning.