69 lines
4.2 KiB
Plaintext
69 lines
4.2 KiB
Plaintext
|
-----BEGIN PGP SIGNED MESSAGE-----
|
|||
|
Hash: SHA256
|
|||
|
|
|||
|
Powers of Tau Operational writeup
|
|||
|
=================================
|
|||
|
Round: 5
|
|||
|
Date: 2017-11-13
|
|||
|
Name: Kobi Gurkan
|
|||
|
Location: Netanya, Israel
|
|||
|
|
|||
|
Challenge (blake2b, sha256):
|
|||
|
658a6f81174a3ba72abc3a549483b4891d5be2351c6d1965c5a0bd20f91ea654c2e33c85109401cbd418d474a8762a41e1b62034251e118958d3ff9b8c74
|
|||
|
3f8938fdaa30ea4232939629d722ed0d1a40c5bd4268cbbf5bb6bbbbe34ac802
|
|||
|
|
|||
|
Response (blake2b):
|
|||
|
f01f2679613a75ef9f94f588cc3253962c49c9129b174d914533611ada96e29c8c91a2131475ebdbd081e526bd4d738447385b95e95d5043764786f01441
|
|||
|
|
|||
|
Preparation steps
|
|||
|
=================
|
|||
|
I built a docker image based on Andrew Miller's Dockerfile from: https://hub.docker.com/r/socrates1024/powersoftau/~/dockerfile/. The Dockerfile I used also verified that rustup.sh has a sha256 hash of value "22aa1f7f4c4b9be99a9d7e13ad45b2aec6714165a0578dd5ef81ca11f55ea24e". Nevertheless, building the image using the Dockerfile produced the "compute" binary based on Sean’s powersoftau rust repo, commit
|
|||
|
9e1553c437183540392a7231d0788318a19b18a3 with the same sha256 hash reported by Andrew and others - 922b2e0a59841ecdaba7b4953d8c67e62b74b8f52f968624cff664dc086da93a.
|
|||
|
|
|||
|
I burned an Ubuntu 16.04.03 live cd to a blank DVD and the compute binary to another DVD.
|
|||
|
|
|||
|
I then took an old Xtreamer Ultra HTPC that I disassembled, removed the hard disk and removed the RAM stick for about 2 minutes (Image: https://pbs.twimg.com/media/DOkcOtqWsAAylKI.jpg:large).
|
|||
|
The relevant technical specification of the PC are:
|
|||
|
- - Samsung 4GB DDR3 (SO-DIMM/204pin/DDR3-1333/PC3-10600)
|
|||
|
- - Intel Atom D525 (dual-core, 1.8 GHz)
|
|||
|
|
|||
|
I disconnected the electronic devices near the PC besides a Dell U2414H monitor connected by HDMI, a Microsoft Natural Ergonomic Keyboard 4000 and a Microsoft Comfort Mouse 3000, connected by USB.
|
|||
|
|
|||
|
After booting the live cd, I verified its MD5 and found the same one that appear on the Ubuntu web-site (http://releases.ubuntu.com/16.04.3/MD5SUMS):
|
|||
|
0d9fe8e1ea408a5895cbbe3431989295 *ubuntu-16.04.3-desktop-amd64.iso (Image: https://pbs.twimg.com/media/DOkcWy_W0AUu8a1.jpg:large)
|
|||
|
|
|||
|
I also re-verified the hash of the compute binary from the second DVD and copied both the challenge and the compute binary to RAM (Image: https://pbs.twimg.com/media/DOkcg2_X0AE0NVU.jpg:large).
|
|||
|
|
|||
|
I prepared an external hard-drive I had for extraction of the report later on.
|
|||
|
|
|||
|
Sidechannel defenses
|
|||
|
====================
|
|||
|
The PC I used was bought a few years ago. I disconnected the hard disk and all peripherals besides monitor, keyboard and mouse. I disconnected electronic devices around the PC such that the room had only the devices mentioned connected. I was in the house the entire time (although asleep).
|
|||
|
|
|||
|
Postprocessing
|
|||
|
==============
|
|||
|
After compute finished its operation, I took a photo of the blake2b and sha256 hashes of the resulting response (Image: https://pbs.twimg.com/media/DOkcae4W4AAhBG7.jpg:large). Then, I copied the file to the USB external hard drive and then to my laptop.
|
|||
|
I verified on my laptop that the sha256 hash is the same one calculated on the PC (laptop) and ran verify_transform.
|
|||
|
I disconnected the PC from power and physically removed the RAM stick. I don't plan to use this computer in the coming weeks.
|
|||
|
|
|||
|
My upload link expired before I could upload the response, so I uploaded it to google drive: https://drive.google.com/file/d/1K7c0zbt0quZmAAMNiMPVjoE0WPn13Zh3/view?usp=sharing
|
|||
|
-----BEGIN PGP SIGNATURE-----
|
|||
|
Version: Mailvelope v2.0.0
|
|||
|
Comment: https://www.mailvelope.com
|
|||
|
|
|||
|
wsFcBAEBCAAQBQJaCo55CRBEcm3jN1yF3gAAFVIQAKBR+Tj+KUsj4pZt/iRF
|
|||
|
Ltgy5Yq1X3wNdDHkgad2mrUO2KGdD+1i1O+Wj+IaURhis5ZiGhB3G460/kVc
|
|||
|
+3XijxDO3HIaZaBPwCr8b1vjbwIUGW0C7E66XzJ7EYkfZJ+i2FAd83gfVrDl
|
|||
|
tLk2VAo/S8S4vpklkED2sNYT59QDO59cLxJ1TzxsxSbKzyDxtJt6Lc82Vus4
|
|||
|
VbRM9SzUzb4URQ3fBHxQWM0oyr06KxUdS95QOw1uO5icdEzSPcnzljihDRY0
|
|||
|
U5ogEhDOs+nKHPCsfyT2SSW+ty/jXEitWpy2R4w8WS/E2XHZKhEIpOtSLLBd
|
|||
|
Txqa3qqqeyfrb1Q7sfUYzYEEjhA+5J0pRe76Uyu0qyNbkXfyw1oa7c7y+4cj
|
|||
|
VHGJtbDpksrul69g+XQ6yYT+dUVN9yS2dN80Z014bX10qnJjeGjX2NLPqTex
|
|||
|
hdEKm7UfalFVutAm2jKoerCm2YdKpVaSkpnpPu4ZKBr0UzNNHkGpR73deoKr
|
|||
|
F2Dh31+M721DTFY1nHszUFhohcS0dCmW5i2gx32oN6UZpdewHv9jmpAioYIX
|
|||
|
Da+Ybl8E3pWYAIOTcBOGThknKdrSqmXMsUJK+i2ZyyDS8COgmZ0XuCq7kNWI
|
|||
|
RsU4WZRnitHn6mnDU92w+7kh5Ayl+pSgns1mFe9Kp2LqmAePf5+cvJtL8nlR
|
|||
|
LHES
|
|||
|
=r6L2
|
|||
|
-----END PGP SIGNATURE-----
|