147 lines
6.4 KiB
Plaintext
147 lines
6.4 KiB
Plaintext
|
-----BEGIN PGP SIGNED MESSAGE-----
|
|||
|
Hash: SHA1
|
|||
|
|
|||
|
Powers of Tau Operational writeup
|
|||
|
=================================
|
|||
|
|
|||
|
Round: 41
|
|||
|
Principals: Ryan Pierce and Andrew Miller
|
|||
|
Date: 2018-01-20
|
|||
|
Location: North Illinois and Southern Wisconsin
|
|||
|
Altitude: 3,000' AMSL / approx. 2200' AGL
|
|||
|
Commit version: 9e1553c437183540392a7231d0788318a19b18a3
|
|||
|
SHA256 of ./compute: 922b2e0a59841ecdaba7b4953d8c67e62b74b8f52f968624cff664dc086da93a
|
|||
|
SHA256 of challenge file: c48fbf0a267ea9a9596c09aaf91f6acc18b48430e9239c18de583055b32d503d
|
|||
|
|
|||
|
blake2sum of response:
|
|||
|
8a5a9bcb a9c3ab76 c7e3a881 2ccd01e6
|
|||
|
9af2153b 5d0f9668 9f790493 37de1fb3
|
|||
|
28873f5f 771adef1 adf0486e 4904b28d
|
|||
|
96fe602c 8866f42e 8047ce3b dafe2f9e
|
|||
|
73c7d2cd 1b0c023d 3831a462 42bd6fc9
|
|||
|
|
|||
|
|
|||
|
Preparation steps
|
|||
|
=================
|
|||
|
|
|||
|
As we know, Powers of Tau is all about generating and safely disposing
|
|||
|
of cryptographic "toxic waste." So, what better way to generate
|
|||
|
entropy than with actual radioactive toxic waste?
|
|||
|
|
|||
|
For our contribution, the entropy source was a hardware-based random
|
|||
|
number generator utilizing a Geiger tube and a radioactive source,
|
|||
|
constructed and programmed by Ryan Pierce. It was based off of the
|
|||
|
MightyOhm Geiger Counter kit, available for purchase at
|
|||
|
http://mightyohm.com/geiger
|
|||
|
|
|||
|
The radioactive source chosen was a very small, low activity sample of
|
|||
|
the graphite moderator ejected from the core of the Chernobyl Unit 4
|
|||
|
nuclear reactor during the 1986 explosion and meltdown. The primary
|
|||
|
activity of the source comes from the fission products Cs-137 (a gamma
|
|||
|
and beta emitter) and Sr-90 (a beta emitter.) Gamma activity at the
|
|||
|
surface of the sample container was approx. 0.7 uSv/h, falling
|
|||
|
substantially below all thresholds that might restrict its
|
|||
|
transportation by air, and posing no health risk. This dose rate is
|
|||
|
only a few times the dose rate of normal background radiation.
|
|||
|
|
|||
|
The specific Geiger tube used was a Soviet SI-22G that was recovered
|
|||
|
from the Chernobyl Exclusion Zone. This tube is sensitive to gamma and
|
|||
|
hard beta radiation.
|
|||
|
|
|||
|
Ryan re-wrote the firmware for the kit's ATtiny2313 AVR
|
|||
|
microcontroller to act as a random number generator, using the
|
|||
|
difference in timing between consecutive pairs of Geiger tube pulses,
|
|||
|
measured in microseconds. The idea for this method came from John
|
|||
|
Walker, who implemented this in 1996. See
|
|||
|
https://www.fourmilab.ch/hotbits/
|
|||
|
|
|||
|
Ryan's source code is available at
|
|||
|
https://github.com/RyanPierce/GeigerRNG
|
|||
|
|
|||
|
To sanity check the output of the generator, we ran a standard battery
|
|||
|
of statistical tests, all of which passed:
|
|||
|
|
|||
|
dieharder -a -k2 -Y 1 -f geigersamples.input >
|
|||
|
geigersamples.output
|
|||
|
|
|||
|
The Geiger input and output files are available via github, above. For
|
|||
|
information on dieharder, see
|
|||
|
https://webhome.phy.duke.edu/~rgb/General/dieharder.php
|
|||
|
|
|||
|
The code is configured to output a stream of 64 bytes of random
|
|||
|
entropy, expressed as 128 hex characters, followed by a CRLF, when a
|
|||
|
user presses a button on the Geiger counter RNG. The interface is a 6
|
|||
|
pin FTDI header, and it transmits TTL serial data at 9600 baud. A
|
|||
|
standard FTDI USB cable connects the Geiger counter RNG to the
|
|||
|
laptop. The serial TTY was configured as follows:
|
|||
|
|
|||
|
stty -F /dev/ttyUSB0 9600 raw
|
|||
|
|
|||
|
Pressing the button caused 64 bytes of entropy to be entered into the
|
|||
|
computation program, without displaying it to the laptop screen, using
|
|||
|
the following command:
|
|||
|
|
|||
|
head -c 128 /dev/ttyUSB0 | ./compute
|
|||
|
|
|||
|
A picture of the RNG, tube, and source can be seen at
|
|||
|
https://twitter.com/RyanPierce_Chi/status/954044819856347137
|
|||
|
|
|||
|
Side channel defenses
|
|||
|
=====================
|
|||
|
|
|||
|
Andrew procured a laptop to serve as the compute node, purchased from
|
|||
|
a randomly chosen 1 out 4 nearby Walmarts and/or Best Buys. The laptop
|
|||
|
purchased was an HP Jaguar 15‑bs060wm, with 8GB of RAM and an Intel
|
|||
|
i3-7100U processor (2.4 GHz, 2 cores). The laptop was booted from a
|
|||
|
USB drive with Ubuntu 16.04. The hard drives and wifi were disabled in
|
|||
|
software, but were *not* removed due to the difficulty in unscrewing
|
|||
|
the laptop.
|
|||
|
|
|||
|
To reduce the risk of side channel attacks, we performed our
|
|||
|
contribution to the ceremony while airborne in Ryan's Piper
|
|||
|
Cherokee. Ryan and Andrew were the only occupants in the aircraft. No
|
|||
|
mobile phones were powered on during the flight. The only mobile
|
|||
|
device in use was an iPad 2, with cellular and WiFi disabled but
|
|||
|
Bluetooth and GPS enabled, running ForeFlight electronic flight bag
|
|||
|
software. We departed on a VFR flight from Waukegan airport (KUGN),
|
|||
|
located in Illinois, near the Wisconsin border. Once we reached 3,000
|
|||
|
feet AMSL, Ryan performed a 360 degree steep turn to assure ourselves
|
|||
|
that no aircraft or drones were following us. We set up the Geiger
|
|||
|
counter RNG and laptop and began the computation. During this time, we
|
|||
|
made occasional random turns, flying over northern Illinois and
|
|||
|
southern Wisconsin while remaining outside the O'Hare Class B
|
|||
|
airspace, until the compute finished. We observed no suspicious
|
|||
|
aircraft attempting to follow us. The total compute time took around
|
|||
|
30 minutes. We then flew to Schaumburg Airport (06C) where we uploaded
|
|||
|
the response file at Pilot Pete's restaurant. We made a return flight
|
|||
|
to Waukegan later that afternoon.
|
|||
|
|
|||
|
Pictures from the trip:
|
|||
|
|
|||
|
https://twitter.com/RyanPierce_Chi/status/954776352225398784
|
|||
|
https://twitter.com/RyanPierce_Chi/status/954777461782470656
|
|||
|
https://twitter.com/RyanPierce_Chi/status/954779454961745921
|
|||
|
https://twitter.com/RyanPierce_Chi/status/954854952396050432
|
|||
|
https://twitter.com/RyanPierce_Chi/status/954908555873849344
|
|||
|
https://twitter.com/RyanPierce_Chi/status/954855811951550464
|
|||
|
|
|||
|
We’re also currently producing a short video about our trip, which we
|
|||
|
plan to publish to Youtube and notify the zapps-wg mailing list.
|
|||
|
-----BEGIN PGP SIGNATURE-----
|
|||
|
Version: GnuPG v1
|
|||
|
|
|||
|
iQIcBAEBAgAGBQJaZisvAAoJEFvUyhfk+7ICLOYQAIX7+nSe6CRVKFuwkjHYXJyu
|
|||
|
Ll5G+X9+Kjrhq0RYXmjix50pEgkpEZhTzKnPxo4tNiiaRc34waKpCAFZpn2Yfpq5
|
|||
|
8o3R3rTDjYlGcMVyWciipUvbtzxfxrs5GRXknTGhtLvhljZM+fq09O4raPn+oj5Y
|
|||
|
tDiFKAO0tKx5wXqlg8diM5AxUfveX6Kov0844ctV+7rP6OYOgCEjqD/o/vM0kVUR
|
|||
|
R5wvh7dqY2VHvh7LYAjUSOwbQ4M+3LCw9fK0dAZrXqT9Yn5DquGYKj39QsHJoJ9R
|
|||
|
4uoDb6ltPJuZDCJ0wBKHiyfMr3++UKTDj6dRkHF2OD7aBk4jPZUC6YCC5zgQFPxL
|
|||
|
MrBv137EBijmtu4uFfT2YM7SJkKa+AGXnhzsIdFKy5U4Ahqa7meA9sDdAHdOgR9W
|
|||
|
RVq9wuO3OnL12Oj53N/PEVtxgmWxHVZfIKP5EPihhSklWC6RU8XVgV4OlfGkkYkA
|
|||
|
YyrYNGjSTDI6YXVNXl4uKttzVg965tSt5+83HhuEFepR3+HFgmXz+suYa53J8rxX
|
|||
|
njESFI0qV7j7VzLnwthAjV5u0ZAY0y9vOTnMB1nLwVZEKl/g3/WNZhDes9xuyYqV
|
|||
|
fAXjVfM2YQ2mQui9U60g0XfSgnO/tnLVG8Fsiv3Jy2yx5baZect8nl3wX6qyWAiM
|
|||
|
d/vM2xKNhdf49qfltNQn
|
|||
|
=rmAp
|
|||
|
-----END PGP SIGNATURE-----
|