diff --git a/0008/report.asc b/0008/report008.asc similarity index 69% rename from 0008/report.asc rename to 0008/report008.asc index 8af1aa7..2234009 100644 --- a/0008/report.asc +++ b/0008/report008.asc @@ -1,123 +1,131 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -Powers of Tau Operational Writeup -================================= - -Date: 2017-11-17 -Name: Cody Burns -Location: MTR train >> Hong Kong China - -Challenge: -4f86db7dd1edf502d28d3febe59018e865c9227e2ab33eeee0fb33c91d761c11891bc076bbf80b7fbea911f354eec509b5dadd8ba678c6b53dbc6e5479d3117a -Response: -3002034f75e83f530d9a949071e6fb28a9f1e39c563bced27d91bf5cc45f0c16e866ffb30c912cf7648bde08f0709f1846d758ecfcec62dcdc2eb16c685e60d1 - -Preparation Steps -================= - -Git repository: https://github.com/ebfull/powersoftau -Commit hash: 9e1553c437183540392a7231d0788318a19b18a3 -Compiler: rustc 1.21.0 (3b72af97e 2017-11-09) - cargo 0.22.0 (3423351a5 2017-10-06) -Build: cargo build --release --features=u128-support - -vm: VirtualBox-5.1.28-117968-Win; b2sum: -f59139212d894bee17ecce234ad57bae188348856b5d85ca4cea46247d9b87e453c807e002b3277cf348df61502a6caaf549a154af0a8b8648b87ddf2d627326 -Level 1: ubuntu-16.04.3-desktop-amd64.iso; b2sum: -fa6650810ad70a6a13b5baf33180499f115c2fd160e655b329fa1f708e1f0803432b5a70446e64522107eff67097222e77bd592420c536ed634b2677c5b9befc - -sha256sum: -b2sum-amd64-windows.exe:914abb5152d7f179ca377c843494fe718a87023320edcbbfe8dba6010f57e94a -b2sum-amd64-linux: -529c90f8cd003b3485defef239a5ae7f62470342c3a65493abfba9e190413451 - -- - From random street market vendors in Hong Kong -4x4 puzzle cube -- unhashable - -2 usb drives -(so much virus scanning and formating) -Spongebob usb formatted and installed Ubuntu -I reformatted a pikichu USB stick to ext4, then copied the -`challenge` file and the `target/release/compute` binary. - -Side channel Defenses -==================== - -Entropy source: using "4x4 cube" toy, -- key/value wordlist created on flight Houston >> San Francisco. Hand -written on "air sick" bag -- eBook reader last updated: 7/7/2017 -- 1 book from 168 chosen based on first 2 numbers of b2sum sha256, -"Nueromancer" (fitting) -- Key: 6 page numbers chosen at random -- Value: 6 unique words chosen per page -- Mapping: Center color square == key; reading left to right, top to -bottom, color == value for word -- Process: -- on "compute trip" -- random turns to scramble set -- solve 6 center squares -- "roll cube like dice" -- enter word set -- repeat 3 times: 36 total words (key square omitted from set) - -Physical/electronic monitoring: -All steps preformed on an airgapped laptop in "blackout bag" on a moving -train under the city of Hong Kong so -no casual monitoring could be employed, -any physical altercations would be highly unlikely, -and I would be traveling hundreds of km per hour in a faraday cage over -under rock and chaos - -Procedure -========= - -Prep: on the first leg of multi-leg flight created wordlist - -Dwell time: Stay in coffin hotel in questionable part of town with only -paper checkin and no english, purchase supplie;received new Challenge from -Sean - -Compute: -Level 0 - -Computer in airplane mode wifi chip disabled - I started windows and the vm with ubuntu 16 desktop(level 1) with -no network bridging. - -Level 1: -I compiled the compute binary, and transfered to spongebob -Level 2: loaded linux Pikichu usb -"Try Ubuntu" (Live CD mode). - I imported the previous challenge/response codes and verified them. - Enter the train. - I then began the entropy creation "ceremony" and entered the values. - Wrote down BLAKE2b hash, unmounted drives - - -Postprocessing -============== - -Destroyed level 2 and level 1 vm image - -I took the USB stick and transferred the response file to level zero, and -then -uploaded it using the laptop to the aws s3 site from my phone using tor -over airport wifi and posted the image hash on twitter as well as the -mailing list - -image: ipfs/QmZkVPctuTTDbNfT5fM3aYbDPwBB9hMFjBDSRhNswNx9j3 -- - -- -Cody Burns, CodyWBurns.com -… - -Ethereum Classic Development community -Blockchain Architect -codywburns.com +Powers of Tau Operational Writeup +================================= + +Date: 2017-11-17 +Name: Cody Burns +Location: MTR train >> Hong Kong China + +Challenge: +4f86db7dd1edf502d28d3febe59018e865c9227e2ab33eeee0fb33c91d761c11891bc076bbf80b7fbea911f354eec509b5dadd8ba678c6b53dbc6e5479d3117a +Response: +3002034f75e83f530d9a949071e6fb28a9f1e39c563bced27d91bf5cc45f0c16e866ffb30c912cf7648bde08f0709f1846d758ecfcec62dcdc2eb16c685e60d1 + +Preparation Steps +================= + +Git repository: https://github.com/ebfull/powersoftau +Commit hash: 9e1553c437183540392a7231d0788318a19b18a3 +Compiler: rustc 1.21.0 (3b72af97e 2017-11-09) + cargo 0.22.0 (3423351a5 2017-10-06) +Build: cargo build --release --features=u128-support + +vm: VirtualBox-5.1.28-117968-Win; b2sum: +f59139212d894bee17ecce234ad57bae188348856b5d85ca4cea46247d9b87e453c807e002b3277cf348df61502a6caaf549a154af0a8b8648b87ddf2d627326 +Level 1: ubuntu-16.04.3-desktop-amd64.iso; b2sum: +fa6650810ad70a6a13b5baf33180499f115c2fd160e655b329fa1f708e1f0803432b5a70446e64522107eff67097222e77bd592420c536ed634b2677c5b9befc + +sha256sum: +b2sum-amd64-windows.exe:914abb5152d7f179ca377c843494fe718a87023320edcbbfe8dba6010f57e94a +b2sum-amd64-linux: +529c90f8cd003b3485defef239a5ae7f62470342c3a65493abfba9e190413451 + +- - - From random street market vendors in Hong Kong +4x4 puzzle cube -- unhashable + +2 usb drives +(so much virus scanning and formating) +Spongebob usb formatted and installed Ubuntu +I reformatted a pikichu USB stick to ext4, then copied the +`challenge` file and the `target/release/compute` binary. + +Side channel Defenses +==================== + +Entropy source: using "4x4 cube" toy, +- - key/value wordlist created on flight Houston >> San Francisco. Hand +written on "air sick" bag +- - eBook reader last updated: 7/7/2017 +- - 1 book from 168 chosen based on first 2 numbers of b2sum sha256, +"Nueromancer" (fitting) +- - Key: 6 page numbers chosen at random +- - Value: 6 unique words chosen per page +- - Mapping: Center color square == key; reading left to right, top to +bottom, color == value for word +- - Process: +- - on "compute trip" +- - random turns to scramble set +- - solve 6 center squares +- - "roll cube like dice" +- - enter word set +- - repeat 3 times: 36 total words (key square omitted from set) + +Physical/electronic monitoring: +All steps preformed on an airgapped laptop in "blackout bag" on a moving +train under the city of Hong Kong so +no casual monitoring could be employed, +any physical altercations would be highly unlikely, +and I would be traveling hundreds of km per hour in a faraday cage over +under rock and chaos + +Procedure +========= + +Prep: on the first leg of multi-leg flight created wordlist + +Dwell time: Stay in coffin hotel in questionable part of town with only +paper checkin and no english, purchase supplie;received new Challenge from +Sean + +Compute: +Level 0 - +Computer in airplane mode wifi chip disabled + I started windows and the vm with ubuntu 16 desktop(level 1) with +no network bridging. + +Level 1: +I compiled the compute binary, and transfered to spongebob +Level 2: loaded linux Pikichu usb -"Try Ubuntu" (Live CD mode). + I imported the previous challenge/response codes and verified them. + Enter the train. + I then began the entropy creation "ceremony" and entered the values. + Wrote down BLAKE2b hash, unmounted drives + + +Postprocessing +============== + +Destroyed level 2 and level 1 vm image + +I took the USB stick and transferred the response file to level zero, and +then +uploaded it using the laptop to the aws s3 site from my phone using tor +over airport wifi and posted the image hash on twitter as well as the +mailing list + +image: ipfs/QmZkVPctuTTDbNfT5fM3aYbDPwBB9hMFjBDSRhNswNx9j3 +- - - -- +Cody Burns, CodyWBurns.com +… + +Ethereum Classic Development community +Blockchain Architect +codywburns.com -----BEGIN PGP SIGNATURE----- -iJwEAQECAAYFAloO12oACgkQEfOYz7+6WMLjmAP/VpszJATk2ezn++KsBwR9+Xt4 -TEEW9xAtx4mtqrvQ/LtW3tPaGPYN5nXHHqvbqw9tYJgL/fN/IZte6W+fP/sI00Tr -9Xr7bM/p+8yfohbLahXlozowNvSrLkRZeOUhkUmxxa345UCkfkCQhGGnhsN5SaDc -Ljnx7uU6/s0LiQck+KU= -=/z6t +iQIcBAEBAgAGBQJaH6SeAAoJEKqQJQBqHvzPLx0P/05P9UcuV/knVys+T2b3r8We +tICwRr1EHYhzxgqczUvE0T4GgHz2TqfYvYdpbnJNFcO8urru8cSrp60UL6W2rtSB +IeBzyAETK/sfkV7SJVVSRY8d2AsjQzHHX4IoCv5HxElpb/NhbfqH0+z+xukJciW2 +sc93x6S4OWqR4OvGkNIbjSL+Nu/ZnTYHOMUxw8vq8vrrPPUuRDv6D9E43U0Ga3uQ +XixDYqaXbrqmy7MzjOQZY9Dg+DTJXddemgYPdUEHmBCY4CBO4v4DuH8y2q7VRpVF +AsHyJ5soS2VS5LUVYF8Vy1YE8ukVi0z8JDvdsZCMChz1dP0vA0vHnMfehj0vNEcq +pqZNnoPoKZTLrkNrUDxBuvaiiMAK0ixT+4F5JwNeSbMwR5w2SoCn8so8+o0v0GWv +ltiLMgiqFfFzGuxtWXvTGqpv0zhnh6DzKU33mGLL4YiGOI662sZPaV0ow3R5oCp3 +rlfQhoYeMEN3cygi+4rB9qgkvkkIBX2ELFrMpg4/UCXWGFuopTIRGO+dnVKwLwt5 +57FD3UE3qPKlv0Azh8J37lvR0oPDLNEKOf65sbt1cZhe0XUCCDG3cTGmgeZPg8aV +aP5tVrvcUbeu7rkCpd5wDaoTl1+ss+ApfR6bUUd1Jc0LTfnjU2MMX8pradMrLLOA +iHNx5oiEBQ9xWjC+mhGD +=iHp+ -----END PGP SIGNATURE-----