Have you ever seen a lava lamp? For some, these colorful decorations represent a relic of a bygone era when disco was all the rage and people said things like “groovy” or “boogie.” For others, they represent a fun nostalgia that can brighten up a room, both literally and figuratively. But for an internet security company in Palo Alto, they’re tools that help protect millions of websites from hackers and malicious attacks.
It may seem strange. How can lava lamps protect websites? They are just lamps with colored bubbles. They don’t even connect to the internet.
Well, to understand how lava lamps can be so useful, we must first understand a fundamental element that holds everything together on the Internet: cryptography.
Julius Caesar can’t keep a secret
How come you can go to your browser and enter your credit card number to order food, open a new tab and log into Instagram to catch up on your feed, then go to your bank on a third tab to pay your bills, all without having any of your information stolen? The answer is cryptography – the design of secure communication through encrypted messages.
Encryption is basically scrambling a message to hide its contents from unwanted prying eyes. Humans have been sending secret messages for as long as we have been sending written messages. One of the most famous encryption techniques – the Caesar cipher – is said to have been used by Julius Caesar himself over 2,000 years ago to encrypt his messages. This technique consists of shifting each letter of a target message in the alphabet by a predetermined number so that the text is scrambled.
Since the time of Caesar, people have strived to develop stronger encryption methods, as advances in cryptanalysis render old techniques easily breakable and therefore useless. These days, the Caesar cipher doesn’t even count as encryption anymore, because it can be cracked with a computer almost instantly.
Encryption alone doesn’t get us far, though. The trick is that the intended recipient can read the hidden message while eavesdroppers are left in the dark. This implies that the sender and the receiver must share certain information so that the receiver can reverse the operation that the sender performs on the text to reveal the message.
In the field of cryptography, this information is called key. So in the Caesar cipher, the key would be the number that determines how much each letter in the message is shifted.
Alice, Bob and Eve
Imagine that two friends, Alice and Bob, want to communicate with each other safely, away from prying eyes and prying ears like Eve. They would like to use a stronger encryption technique than the Caesar cipher, but they still need to agree on a key before they begin their communication, so they can encrypt and decrypt each other’s messages.
Eve is very cunning and watches Alice and Bob’s communications very closely. It can intercept every message along the way, read its contents, and send it to reach its destination as if nothing had happened.
Alice and Bob now find themselves in a no-win situation. In order to establish secure communication, they must agree on a key; but to agree on a key, they must send messages in public, because they cannot encrypt their messages without a key. They might send their initial messages unencrypted and hope Eve doesn’t intercept them, but they can’t guarantee that. If Eve gets her hands on the encryption key, she can read all subsequent messages between Alice and Bob. Another option is to meet physically and decide the key that way, but what if they can’t meet? What if they don’t even live next to each other?
It’s called the key exchange problem, and it plagued cryptographers for centuries before a clever solution changed everything.
If one key isn’t enough, get a second one
The previous example of an encryption system is what is called “symmetric encryption” – an encryption system where the same key is used to both encrypt and decrypt messages. This is how cryptography was practiced for centuries until the end of the 20th century, when another form of cryptography was developed: asymmetric encryption.
As its name suggests, an asymmetric encryption system uses two keys: one to encrypt messages and another to decrypt them. How this works can be visualized by thinking back to our friends Alice and Bob.
Now imagine that Alice and Bob keep abreast of cryptographic advances and want to use asymmetric encryption to their advantage. Alice begins by generating a key pair. Both keys are generated using a mathematical technique called modulus arithmetic, so they are fundamentally related to each other but cannot be derived from each other.
Once both keys are generated, Alice will choose one at random to designate as her secret key that absolutely no one else will be able to see. The pair’s other key becomes their public key and can be shared with everyone. Once Bob has also generated a secret and public key, they can start communicating.
The nice way two keys in an asymmetric pair are linked is that any message encrypted with one key in the pair can only be decrypted with the other key – not even by the same key. It’s the key on how asymmetric encryption works. To send a secure message to Bob, Alice can encrypt her message using Bob’s public key, knowing that it can only be decrypted by the secret key that only Bob can access. Similarly, Bob can encrypt messages using Alice’s public key, knowing that they can only be decrypted by her secret key. The key exchange problem has been worked around; no keys should be exchanged in this system.
This leaves the possibility for Eve to use Bob’s public key to send him messages and pretend to be Alice. To overcome this, Alice can encrypt her messages with her own secret key, before encrypting them with Bob’s public key. This way, after Bob decrypts the message with his secret key, he tries to decrypt the second layer with Alice’s public key. If it works, it means the message was encrypted with Alice’s secret key that only she can access, thus functioning as a signature of authenticity.
roll dice
Today, all communication on the Internet relies on similar asymmetric encryption systems, which means that each computer must generate many key pairs for each communication.
Since the keys for asymmetric encryption are of the utmost importance, it is necessary to ensure that they are strong and unbreakable. The best way to achieve this is to introduce randomness into the generation process. However, since computers can only execute the instructions given to them and nothing more, there is no way to generate true randomness using an algorithm – by definition, any algorithm is predictable. .
Internet security company Cloudflare gets around this problem by using a wall of lava lamps. By pointing a video camera at a wall covered in lava lamps, they can effectively harvest the randomness of bubbles, minute air fluctuations, and ambient noise created by the camera lens as random data to use. to generate secure keys to use. in online encryption.
Without cryptography and encryption, many of the things we take for granted today would not exist. Institutions such as banks, stock markets, and government networks depend on good cryptography, and society as we know it would crumble if our cryptographic systems failed. So, while lava lamps may seem like mildly interesting novelties, we should not underestimate their importance to the functioning of our society.
Comments are closed.