Placeholder Image

字幕列表 影片播放

  • Computers aren't very good at picking random numbers.

  • Every part of a computer is designed to be predictable,

  • and to follow logical patterns.

  • You put the same numbers in,

  • you're going to get the same numbers out.

  • Which is a problem, because all modern encryption,

  • including that padlock up in your browser

  • that tells you that you're safe,

  • all of that relies on big, properly random numbers.

  • If you can somehow predict those numbers,

  • you can start breaking those locks.

  • Which is why I'm here,

  • at the headquarters of Cloudflare, in San Francisco.

  • Cloudflare is a service that protects websites and web services,

  • and sort of sits in front of them as a gatekeeper.

  • Somewhere around 10% of the web flows through Cloudflare's network.

  • Cloudflare was one of the first companies

  • to provide free SSL encryption for websites.

  • So the connection between your web browser and the website you're going to

  • is fully encrypted and invisible for eavesdroppers

  • to be able to look at.

  • In short, these folks deal with a lot of encrypted Internet traffic,

  • so they need a lot of random numbers.

  • It is possible to write code that will simulate randomness,

  • and that's good enough for a lot of uses,

  • but in theory, those numbers could be predicted.

  • They're just being generated by code,

  • so the servers here have to get their randomness

  • from an external and entirely unpredictable source.

  • A lot of home computers treat their own users as sources of randomness,

  • tiny twitches of mouse movement,

  • the exact milliseconds between keystrokes,

  • or on a phone maybe even the accelerometer or other sensors.

  • In all those cases, they generally discard the bigger parts,

  • the bits that could just be influenced by humans,

  • and go off the tiny little decimal places,

  • the bits that you couldn't control precisely,

  • even if you wanted to.

  • But that sort of human interaction is nowhere

  • near enough for an operation on this scale,

  • hence lava lamps.

  • We videotape these lava lamps and take the pictures and video,

  • and turn it into a stream of random, unpredictable bytes.

  • And this unpredictable data is what we use to help create the keys

  • that encrypt the traffic that flows through Cloudflare's network.

  • This data is then fed into our data centres

  • and then fed into the Linux kernel which

  • then uses it to help seed random number generators

  • that are used to generate keys.

  • Every time that you take a picture with a camera

  • there's going to be some sort of static, some sort of noise.

  • So it's not only just where the bubbles are flowing through the lava lamp,

  • it's the state of the air, the ambient light,

  • every tiny change impacts the stream of data.

  • A cryptographic hash function is something that we use

  • where even if you have one static image and one little bit changes,

  • it changes the entire stream.

  • So we use that to help scatter the randomness

  • as much as possible.

  • We also collect randomness around the world.

  • So in our London office, we have this thing

  • called a chaotic pendulum.

  • It has three pieces and it's unpredictable in

  • which way they twist and turn together.

  • We videotape that and feed it into our randomness source, as well.

  • In our Singapore office, we have a radioactive source

  • that we use to feed into the randomness system, as well.

  • So this is not just some stunt that we pulled,

  • it's actually being fed into our real systems.

  • Whether anything in the world is truly random

  • is arguably a question of philosophy and not science.

  • Maybe everything is just complicated clockwork.

  • But these lava lamps are so chaotic

  • that simulating that camera shot with perfect pixel accuracy,

  • far enough ahead to be useful

  • while figuring out everything else those images are being put through,

  • it's roughly the same level of difficulty as just brute-forcing the encryption in the first place.

  • And even if you could simulate all that,

  • you'd only have one piece of the puzzle.

  • These folks aren't the first to do this.

  • "Lavarand" was patented by a company called Silicon Graphics in 1996,

  • but that only lasted a couple of years.

  • Now of course, there are less flashy and

  • more practical ways to generate random numbers,

  • but then I wouldn't be here.

  • I would be at some other company who'd gone and,

  • I don't know, pointed a camera at a basket of kittens.

  • That'd be a bit higher maintenance, though.

Computers aren't very good at picking random numbers.

字幕與單字

單字即點即查 點擊單字可以查詢單字解釋

B1 中級

有助於維護互聯網安全的熔岩燈。 (The Lava Lamps That Help Keep The Internet Secure)

  • 2 0
    林宜悉 發佈於 2021 年 01 月 14 日
影片單字