The lava lamps provide a source of true randomness, or entropy.

The movement of the globs of hot wax are unpredictable.

A camera takes video of the lamps.

Because the ‘lava’ bubbles with no pattern, each snapshot of video is unique. The camera’s imprecision provides additional randomness. Noise from its photoreceptors change the pixels in imperceptible but unpredictable ways.

The frame below is from June 12, 2019.

Pixels are numbers
An image is a series of pixels, each of which is a single color and can be represented by their composition of red, green, and blue values.
188,150,127,220,180,147,239,195,151,251,200,148,150,125,110,185,158,134,212,184,149,233,200,158,125,112,104,152,139,123,173,158,134,191,173,140,120,115,117,142,137,134,148,143,131,149,141,123

The information for this image is stored as a string of numbers and letters.

Data from the pixels are encoded as base64, which makes it easier to transmit.

The number is shortened via an algorithm.

It is run through a one-way cryptographic hashing function, creating a new unique value. The hashing process makes it nearly impossible to determine the initial value from the output value alone.

Other sources of entropy are added

Randomly generated data from Cloudflare’s other sources are mixed in. That includes measures of background radiation in their Singapore office, and the movement of a double pendulum in their London location.

“We feed it all into the same pool of randomness. And the reality is any one of those could go off line and we wouldn’t actually lose. It wouldn’t matter.”

The output of the hash seeds a random number generator.

This happens in a server, which adds its own noise to the process via the Linux random number generator, and produces a new source of random numbers.

Data centers around the world connect to the server and consume its output of randomness.

Combined yet again with entropy via Linux, the output is used as the seed for another random number generator. This provides a final source of randomness.

Randomness can be used.

At this point, Cloudflare services can access the random numbers for use. This output is cryptographically secure.