Cloudflare, along with a group of individual and academic partners, is forming a new coalition that will provide truly random, unpredictable numbers for a variety of applications, including election systems and lotteries.
The problem of producing truly random numbers on a consistent basis has been a thorny one for cryptographers for many years. There have been plenty of efforts to establish sources of randomness, with some success, but one of the drawbacks is that any single randomness generator can be a target for abuse by privileged insiders or outside attackers. This is especially true in high-value applications that require random numbers, such as lottery or election systems. Also, if a given source of random numbers fails for any reason, the applications that rely on it can be crippled, as well.
To help address this problem, Cloudflare has teamed up with the University of Chile, the École polytechnique fédérale de Lausanne, and several individual researchers to form a consortium of randomness beacons distributed around the world. The system is based on the drand randomness beacon developed by Nicholas Gailly, a researcher at Protocol Labs, a research lab for network protocols, and the aim is to have a distributed network of beacons that will always be available.
“Our founding members are contributing their individual high-entropy sources to provide a more random and unpredictable beacon to generate publicly verifiable random values every sixty seconds. The fact that the drand beacon is decentralized and built using appropriate, provably-secure cryptographic primitives, increases our confidence that it possesses all the aforementioned properties,” Dina Kozlov, a product manager at Cloudflare, said.
“This global network of servers generating randomness ensures that even if a few servers are offline, the beacon continues to produce new numbers by using the remaining online servers. Even if one or two of the servers or their entropy sources were to be compromised, the rest will still ensure that the jointly-produced entropy is fully unpredictable and unbiasable.”
Random numbers are vital to many kinds of systems and there are plenty of hardware and software-based random number generators. But more than one RNG has been found to have a bias, whether intentional or accidental, so randomness beacons emerged. These beacons generate a random string at a regular interval and typically combine entropy from two RNGs at least. Randomness beacons are meant to be a public utility, available to any system or application that requires a regular source of randomness.
Cloudflare has provided a randomness beacon for some time already, based on its famous wall of lava lamps. The beacon uses the random flow of the lava in the lamps as an input for a random number generator. Other members of the group--which is known as the League of Entropy--have well-established beacons, too, and the idea is that the combination of their resources would make a more unpredictable and trustworthy source of randomness, even if a small number of the beacons were compromised or knocked offline.
Because the random strings generated by the beacons are announced publicly, Kozlov said no one should use them as the basis for generating a secret cryptographic key. However, public random numbers have specific value in applications such as election auditing, where the random string must be publicly known.
“Currently, most election ballots and precincts are randomly chosen by election officials. This approach is potentially vulnerable to bias by a corrupt insider who might select certain precincts to present a preferred outcome. Even in a situation where every voter district was tampered with, by using a robust, distributed, and most importantly, unpredictable and unbiasable beacon, election auditors can trust that a small sample of districts are enough to audit, as long as an attacker cannot predict district selection,” Kozlov said.