Added mmarco report

0012/README.md

@@ -1,6 +1,9 @@
 # Miguel Angel Marco Buzunariz
 
+* Assistant professor, Universidad de Zaragoza
+* https://riemann.unizar.es/~mmarco/
 * Mailing list post: <https://lists.z.cash.foundation/pipermail/zapps-wg/20171120/000073.html>
+* See `./report.asc` for the signed attestation.
 
 Response file:
 

0012/plancommit.txt

@@ -0,0 +1,50 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+# Plan for running the powersoftau multiparty computation.
+
+## Setup:
+
+ - An air-gapped machine. It consists on a laptop with the following modifications:
+    - The hard drive has been phisically removed.
+    - The wireless card has been phisically removed.
+    - No network cable will be connected to it during or after the computation.
+ - Another machine, connected to the internet, running a gentoo linux system.
+    - compile the powersoftau binary on the gentoo machine.
+      - compiled from commit `d47a1d3d1f007063cbcc35f1ab902601a8b3bd91`
+      - the obtained `compute` binary has a sha256 hash `2603d31c9394ac624a0a3bceb5c9d227f73447dac29c4e2a598dd69590c92cd3`
+      - burn a  a Linux Mint 18.2 "Sonya" KDE .iso image on several usb(1) thumb drives
+
+## Steps to follow:
+    
+  - When my turn to go comes:
+    - Get the challenge file from the network in the gentoo box
+    - Copy it to a several usb drives(2), together with the `compute` binary
+    - Randomly choose one of the usb drives(1) to boot the airgapped. The rest will be kept untouched to allow future audits(*).
+    - Randomly choose one of the usb drives(2), plug it and mount in the airgapped machine. The rest will be kept untouched to allow future audits (*).
+    - run there the `compute` binary
+      - as a source of entropy, I will just press many keys at random, and then add the result of rolling a dice 50 times.
+    - burn the resulting `response` file in deveral different dvd's.
+    - choose one of those dvd's at random, keep the others for possible future audits(*).
+    - read the chosen dvd in the gentoo machine, and send the response file back.
+
+
+    
+(*) The rationale behind this is to prevent attacks based on tampering with the drives. If there is something malicious in the drives whose traces would be erased after pluging it in a second machine, the other copies would allow to detect it. I don't have the resources to perform the kind of audit necessary to detect this, but will keep the evidence in case someone volunteers to do the audit.
+
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCAAdFiEEZqJ2ok+i5RbOpE2l3QEU7bdBBZIFAloPX5EACgkQ3QEU7bdB
+BZIntw/+I04gmgWGhgAIATI8nG0WR0rRlwaWEnCdgry3PUQ2e4BBro+oDvG9qe7h
+Xw4CGvoOQboQvUaKcUEOUls1Li+P3LCKP1P40z8q8KU9sGI44yqiNnq6JUfHvsXZ
+qWDlwUGyf+sW+qcfGoJLv2j1tlPQoJRoJwWTSnJYq1/yb2+qltvYCzmS85lhztkK
+Qea5ZWawl74i6xzE6lOlKN3Sceog34j7k5rL+GES4I80unJYEGqHifed7nz1bK8f
+wb6ksBDJ9hdJaw6ZIGdgZa7qzvojmtE7yE3y49rig6WjETEr16Wp/WuzRg0dKMfl
+LFlzNbXKHIcNwiQLLWXPwTwPrx9orz+8ckf4U8HJDy/3FsDmEEf9Lcrm5LO0+P3t
+oknxsLQF8yNJXTKILCugQGoVghbo0OgLlcw4IaQSmMilRabvOLd0/TYvsS3SfAu6
+6s/jGLcjr+VtQE/oIaAI7bRHkB8BC77OSeOGiGBRq0T+HCvtaZGwG/l0u17sY1Rs
+OILLUXdN/sg17ApnfnqLbo2hioLVrdTyK/amgDhlCrNHvniKxBkFhyvlfJRmRCpb
+W9MWj618fBflH2u+aF/56HmpeP4Yt/ngkqJvCkV+Sq+9EdZTlRbopltZQ3YSKdQI
+GaaqJHsVbFS2U13vth7klh1a6DhJXD2M9/iONsIhulma+NSX0g4=
+=6Vgh
+-----END PGP SIGNATURE-----

0012/report.asc

@@ -0,0 +1,74 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+Powers of Tau Operational Write-up
+=============================
+
+Round: 12
+
+Date: 2017-11-20
+
+Name: Miguel Angel Marco Buzunariz
+
+Location: Spain
+
+Response: BLAKE2b 22fd2b37f794b19dab85cfbb3dd018c8ab7a07e44b34394449ab1b28ed7ef133e8ca0fc77a497670a622dfb1e74e8af57cda01cc9b8614ba65a29a0d64dadadf
+
+Procedure
+=================
+
+* Followed the plan written in plancommit.txt (sha256hash 8829a8a45363c98ced7d6059e90b9095f875863c78ba8474ea9017e9e9820405), to which I commited in the mailing list.
+
+* Preparation:
+    * Downloaded [Powers of Tau](https://github.com/ebfull/powersoftau) commit d47a1d3d1f007063cbcc35f1ab902601a8b3bd91, and compiled it in a gentoo linux box with rustc 1.21.0-dev (compiled in the same system). Obtained a `compute` binary with sha256hash 2603d31c9394ac624a0a3bceb5c9d227f73447dac29c4e2a598dd69590c92cd3 
+    * Take the hard drive and wifi card out of an old core2duo laptop with 4GB RAM to be used as airgapped node
+    * Download a Linux Mint 18.2 Kde .iso file from its website, and (sha256hash 9173901fbead7d2ece2454f8f51dbb375e1dfdfc74cfaef450342a3144955fe1) and burn it in six different usb drives.
+* Ceremony
+    * Downloaded the `challenge` file from https://s3-us-west-2.amazonaws.com/powersoftau/lOg9HOyt0u1cxR0djXfFX1gmwLnU0y56/index.html, checked its sha256hash f767da9aa257a15869ead2e2c7b9019f5cbb3ae9454bf9cff2456b0cf73dd36e
+    * Copied the `challenge` file and the `compute` binary to six different usb drives.
+    * Chose one of the 6 Linux Mint usb drives at random (rolling a dice) and boot the airgapped node with it. Keep the other five untouched.
+    * Chose one of the 6 usb drives with the `challenge` and `compute` files at random (dice roll) and insert it in the airgapped machine. Keep the other five untouched.
+    * Checked the hash of the `compute` and `challenge`files in the airgapped machine, and run `compute`
+    * Inserted the source of entropy: a bunch of random keys, plus the result of 50 dice rolls.
+    * Copied the sha256hash of the `response` file ( d7c3f0f75867bed812e056a7ddef6b7994d2d9b3c658c60cbdd18f1e6a06dacf )
+    * Burnt the `response` file to six different DVD-R
+    * Chose one of the DVD-R at random with a dice, insert it in the network node, copied its content to the hard drive and verified the hash. The other five were kept untouched.
+    * Uploaded the response file to the [Amazon S3 bucket](https://s3-us-west-2.amazonaws.com/powersoftau/lOg9HOyt0u1cxR0djXfFX1gmwLnU0y56/index.html)
+
+Side channel defenses
+=================
+
+Entropy source: Many keys pressed at random, plus the result of 50 dice rolls.
+
+Computation took place on an airgapped machine, with no wifi card nor hard drive. The media that was used to move information between the compute mode was copied in 6 different devices, only one of each (chosen at random with a dice) was inserted in the other machine, the other five will be kept untouched for several months at least.
+
+The following material will be kept available for forensic audit in case someone is interested in doing it:
+
+* airgapped machine (will be kept turned off, with no battery and no power cable).
+* the six usb drives with the live linux system (the one actually used and the other five that didn't gt in touch with the airgapped machine)
+* the six usb drives with the `compute` binary, and the `challenge` file (again one was used, and the other five didn't get in contact with the airgapped machine)
+* the six DVD-R with the `response` file  (again, one was actually inserted in the network node, and the other five never touched it)
+
+I plan to keep this material for several months. If someone is interested in auditing it, please get in touch with me. In case nobody shows interest, I might decide to reuse all or part of it at some point.
+
+
+
+Miguel Angel Marco Buzunariz
+Universidad de Zaragoza
+mmarco@unizar.es
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCAAdFiEEZqJ2ok+i5RbOpE2l3QEU7bdBBZIFAloT5/MACgkQ3QEU7bdB
+BZIuMQ//Q8muX3qddgaAMUVUTrPv83tnLI5Ltx/T5qKw3JlCKB/fWeH9a2CGTQ6+
+25FW4uzf92IZzWQqLQ/nmaF/VJza23ZRa8tcgASljefs0/CXHSaDETXjT59KDtIZ
+ARQZ9DyyyFoxdnmJy1JxFV1sDzo4P4Jc2BkhgRgrf/Wh8t0N7DO5rOeIZQDB+O4e
+l4LAMf/hUDUavBYcMtdUOHEukjpsuO+qOzA82Hdk4Go+6GMeUNTj+9WRVohR5uWL
+GqNItlWEQfub33VJ+H+BeTsT8x5FvFPPIJ9SYLnDjlMPaU0d5WHoEImh861sSbl5
+TQK4/XCUFcJfaMoAQO/sii0Zwa+fYwVcZta6MZA6R7PJt7BW3gbPnLN+1ou70PKR
+aKYZ1NksUFczadqYhbp57YQaG04R2hMVXX0jV9/DVApJOYCibarTMCf4cC5X3Hy8
+QYDlL5h9KxuRKXGvQIpKif2WIDewrSWrT4tFS1/5XtRb0yPaZ7tgW76Fsko5kiF3
+z7xgfDgeUdMhCweM5onK5dNH2lAOcmgiJ6PLbuPY9eMB+v0JIYx5xSy1Jm75nLNi
+2gksiLvsLhYSiKakp2Mg5lusPmomE1hfObiyF80paSZ6IXwxlW/cxSLEAIZ9fyDI
+wh7pQx35PG/m+N480rOcVHUrpkW+UbMSk1d+Y2WDKuvdPRo5OO4=
+=5Gb6
+-----END PGP SIGNATURE-----