At Martha AI we're looking to be an industry-leader in security. This is why we invest heavily into different ways to securely generate cryptographic keys in order to secure our service.
We're going to be diving into how we secure data, what data is fully encrypted and the ways we secure your data.
Introduction
Some of you may be aware that the San Francisco office of Cloudflare has a wall made of lava lights in the lobby that they utilise for cryptography.
We at Martha AI were inspired by this approach and chose to implement it in a real-world setting to generate cryptographic keys for particular data at Martha AI.
LavaRand
LavaRand is a system that was originally designed and patented by Silicon Graphics Inc in US Patent US5732138A in 1996, which is described as a "Method for seeding a pseudo-random number generator with a cryptographic hash of a digitization of a chaotic system"
As this patent is expired, we decided to look into it a bit further. How could we, practically as a startup, make this happen?
The way LavaRand works is a bit more than just a camera and lava lamps. Heres a (smaller) breakdown of how it actually works:
The breakdown of entropy
The definition of entropy is, according to the definitions of the Oxford Languages: "lack of order or predictability; gradual decline into disorder."
The way LavaRand works is that it has a camera pointing towards the wall of lava lamps. In every frame there is a random number of bytes which is how they seed these random keys. However, it is not just the lava lamps which they use for entropy.
In every picture you take, there is going to be noise and static which is changed by pretty much everything you can think of: ambient light, the state of the air - every change brings in more entropy to the bytes. This means that its not just the bubbles in the lava lamps that are feeding these random seeds to create your keys. If one, tiny, singular pixel changes in a picture it changes the entire encoding of the image/frame.
So, why the lava lamps?
The lava lamps are there to make it so the frame changes every second. It creates a higher scale of randomness to the frame, meaning the bytes and keys that are generated are 100% different to every single request for a key and there is no possibility of it being different.
If you actually go to the San Francisco office of Cloudflare, they regularly do demonstrations infront of the lava lamps (hence you usually see a table in any images of it) and encourage people to walk infront of the camera and take photos. Nobody else will see it, and it just generates more randomness to the keys.
How we implemented it
After doing digging into the way that Cloudflare does it, we brainstormed. Our solution was simple.
Our own "wall of entropy"
As a startup, we do not have access to the funds that Cloudflare does, so we couldn't actually setup a wall of entropy like Cloudflare has in their office. However, we had an idea.
There are thousands of popular streaming sites which allow you to access live feeds of cameras in popular destinations such as New York and West Virginia to even traffic cameras in the United Kingdom. Therefore, we had a solution to our "wall of entropy" — all we had to do was get these live feeds and pipe them into a software that every time there was a request, it'd pull a frame from a random list of live feeds and get the bytes from the picture, encrypt them and spit them out.
How we did it
After looking into the over 24 feeds of NYC EarthCam provides and the over 4000 traffic cameras National Highways uses, all we did was write a program that would get these feeds, load them, load 1 frame, copy the bytes and encrypt them using AES256 level encryption and spit out a key. Easier said that done.
All we had to do was just put this on a server and put it into production. Encryption was done!
Looking into how Cloudflare does it?
Top comments (0)