« Back to article Print this article

# The simple number trick behind secure communication

September 15, 2019 09:00 IST

This is one of the wonderful paradoxes of modern technology. Having designed machines to predictably and accurately perform the same tasks again and again, we protect these machines by finding numbers that are as unpredictable as possible, says Devangshu Datta.

*IMAGE: Random numbers, which are unpredictable and hard to guess, are crucial for cryptography and secure communications.. Photograph: Kind courtesy dylan nolte/Unsplash.com

Magicians do a "mentalist" trick where they ask someone to think of a random number and then they guess it.

There are various ways to pull this off and none involve hypnosis or telepathy.

Usually, the mentalist is setting some hidden constraints to ensure that the chosen number isn't really random.

They also rely on their ability to read body language and get help from secret assistants.

Creating a truly random number, or a set of random numbers, is surprisingly difficult.

It is also really important.

Random numbers, which are unpredictable and hard to guess, are crucial for cryptography and secure communications.

They are also useful for many other tasks.

A simple example would be the one-time passwords we receive for all kinds of transactions.

If those OTPs were predictable, financial transactions would not be secure.

Random numbers are necessary for most forms of cryptography.

Random numbers are also used in lotteries, of course, and in jury selection for legal trials.

"Randoms" are also vital for many scientific and social experiments.

For example, medical trials require random sampling.

So does opinion polling.

Monte Carlo methods of testing investment strategies, or running physics experiments, also rely on random numbers.

If you could actually guess random numbers, you could break many forms of encryption and networks would become insecure.

Most modern encryption methods rely on using a long random number (or sequences of long random numbers) as the key.

And that number itself may have been generated using another random number.

A large random number is chosen as a "seed".

That seed is run through various mathematical operations (multiplied and divided by other numbers, for example) to generate a new number, which is then used as a key for an encryption system.

One of the problems is that it is quite hard to generate a seed, which is entirely random and unpredictable.

Computers are brilliant at doing repetitive tasks, which actually makes it hard for them to generate a string of new, entirely random numbers on demand.

It is also possible, even likely, that a codebreaker will know or understand the cryptographic procedure in use.

In systems, such as the popular Public Key Encryption (PKE), the cryptographic algorithm is known to everybody and the message transmitted is often in the public domain.

This is also the case with peer-to-peer processing of Bitcoin transactions.

Everybody understands the algorithm in use.

And yet, it is very difficult to forge a transaction or to understand a public key encryption message because every user uses a private key.

Programmers have found ingenious ways to get around the limitations of computers by finding strange ways to generate random numbers.

One of the most elegant methods involves the use of lava lamps -- those decorative artefacts with coloured liquids flowing inside them.

Cloudflare is a major DNS service provider.

It processes around 10 per cent of the Internet's traffic.

It must protect its own traffic and also provide security against hackers and Denial of Service attacks to its many clients.

This means that it needs to generate a constant stream of large random numbers.

Cloudflare uses a wall of about 100 lava lamps in its San Francisco office to generate the seeds.

The mechanics of these devices are simple.

Pick two insoluble liquids (various oils, for example).

These must have different colours but similar density and viscosity.

Put the liquids into a transparent container with an electric bulb at the bottom.

The bulb heats the liquid, which rises and is replaced by cooler liquid from the top.

In turn, this liquid is heated and rises, etc.

This process creates unpredictable random patterns, which look like volcanic lava flows.

Now, every digital image is recorded, pixel by pixel, as a string of numbers.

So pictures of that Cloudflare wall automatically become long random numbers!

There are other less aesthetic methods of generating seeds.

For example, some systems use the decimal points of local temperature, or the computer's internal temperature.

Other methods use natural, unpredictable phenomena like the exact durations of earthquakes, or the exact moments at which a tremor was recorded.

This is one of the wonderful paradoxes of modern technology.

Having designed machines to predictably and accurately perform the same tasks again and again, we protect these machines by finding numbers that are as unpredictable as possible.

Devangshu Datta in Mumbai
Source: