commit
51c5c5e918
|
@ -1,5 +1,8 @@
|
|||
# Ryan Pierce and Andrew Miller
|
||||
|
||||
Report:
|
||||
* https://github.com/ZcashFoundation/powersoftau-attestations/blob/master/0041/attestation.txt.asc
|
||||
|
||||
Response file:
|
||||
|
||||
* https://powersoftau-transcript.s3-us-west-2.amazonaws.com/9af2153b5d0f96689f79049337de1fb328873f5f771adef1adf0486e4904b28d96fe602c8866f42e8047ce3bdafe2f9e73c7d2cd1b0c023d3831a46242bd6fc9
|
||||
|
|
|
@ -0,0 +1,146 @@
|
|||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA1
|
||||
|
||||
Powers of Tau Operational writeup
|
||||
=================================
|
||||
|
||||
Round: 41
|
||||
Principals: Ryan Pierce and Andrew Miller
|
||||
Date: 2018-01-20
|
||||
Location: North Illinois and Southern Wisconsin
|
||||
Altitude: 3,000' AMSL / approx. 2200' AGL
|
||||
Commit version: 9e1553c437183540392a7231d0788318a19b18a3
|
||||
SHA256 of ./compute: 922b2e0a59841ecdaba7b4953d8c67e62b74b8f52f968624cff664dc086da93a
|
||||
SHA256 of challenge file: c48fbf0a267ea9a9596c09aaf91f6acc18b48430e9239c18de583055b32d503d
|
||||
|
||||
blake2sum of response:
|
||||
8a5a9bcb a9c3ab76 c7e3a881 2ccd01e6
|
||||
9af2153b 5d0f9668 9f790493 37de1fb3
|
||||
28873f5f 771adef1 adf0486e 4904b28d
|
||||
96fe602c 8866f42e 8047ce3b dafe2f9e
|
||||
73c7d2cd 1b0c023d 3831a462 42bd6fc9
|
||||
|
||||
|
||||
Preparation steps
|
||||
=================
|
||||
|
||||
As we know, Powers of Tau is all about generating and safely disposing
|
||||
of cryptographic "toxic waste." So, what better way to generate
|
||||
entropy than with actual radioactive toxic waste?
|
||||
|
||||
For our contribution, the entropy source was a hardware-based random
|
||||
number generator utilizing a Geiger tube and a radioactive source,
|
||||
constructed and programmed by Ryan Pierce. It was based off of the
|
||||
MightyOhm Geiger Counter kit, available for purchase at
|
||||
http://mightyohm.com/geiger
|
||||
|
||||
The radioactive source chosen was a very small, low activity sample of
|
||||
the graphite moderator ejected from the core of the Chernobyl Unit 4
|
||||
nuclear reactor during the 1986 explosion and meltdown. The primary
|
||||
activity of the source comes from the fission products Cs-137 (a gamma
|
||||
and beta emitter) and Sr-90 (a beta emitter.) Gamma activity at the
|
||||
surface of the sample container was approx. 0.7 uSv/h, falling
|
||||
substantially below all thresholds that might restrict its
|
||||
transportation by air, and posing no health risk. This dose rate is
|
||||
only a few times the dose rate of normal background radiation.
|
||||
|
||||
The specific Geiger tube used was a Soviet SI-22G that was recovered
|
||||
from the Chernobyl Exclusion Zone. This tube is sensitive to gamma and
|
||||
hard beta radiation.
|
||||
|
||||
Ryan re-wrote the firmware for the kit's ATtiny2313 AVR
|
||||
microcontroller to act as a random number generator, using the
|
||||
difference in timing between consecutive pairs of Geiger tube pulses,
|
||||
measured in microseconds. The idea for this method came from John
|
||||
Walker, who implemented this in 1996. See
|
||||
https://www.fourmilab.ch/hotbits/
|
||||
|
||||
Ryan's source code is available at
|
||||
https://github.com/RyanPierce/GeigerRNG
|
||||
|
||||
To sanity check the output of the generator, we ran a standard battery
|
||||
of statistical tests, all of which passed:
|
||||
|
||||
dieharder -a -k2 -Y 1 -f geigersamples.input >
|
||||
geigersamples.output
|
||||
|
||||
The Geiger input and output files are available via github, above. For
|
||||
information on dieharder, see
|
||||
https://webhome.phy.duke.edu/~rgb/General/dieharder.php
|
||||
|
||||
The code is configured to output a stream of 64 bytes of random
|
||||
entropy, expressed as 128 hex characters, followed by a CRLF, when a
|
||||
user presses a button on the Geiger counter RNG. The interface is a 6
|
||||
pin FTDI header, and it transmits TTL serial data at 9600 baud. A
|
||||
standard FTDI USB cable connects the Geiger counter RNG to the
|
||||
laptop. The serial TTY was configured as follows:
|
||||
|
||||
stty -F /dev/ttyUSB0 9600 raw
|
||||
|
||||
Pressing the button caused 64 bytes of entropy to be entered into the
|
||||
computation program, without displaying it to the laptop screen, using
|
||||
the following command:
|
||||
|
||||
head -c 128 /dev/ttyUSB0 | ./compute
|
||||
|
||||
A picture of the RNG, tube, and source can be seen at
|
||||
https://twitter.com/RyanPierce_Chi/status/954044819856347137
|
||||
|
||||
Side channel defenses
|
||||
=====================
|
||||
|
||||
Andrew procured a laptop to serve as the compute node, purchased from
|
||||
a randomly chosen 1 out 4 nearby Walmarts and/or Best Buys. The laptop
|
||||
purchased was an HP Jaguar 15‑bs060wm, with 8GB of RAM and an Intel
|
||||
i3-7100U processor (2.4 GHz, 2 cores). The laptop was booted from a
|
||||
USB drive with Ubuntu 16.04. The hard drives and wifi were disabled in
|
||||
software, but were *not* removed due to the difficulty in unscrewing
|
||||
the laptop.
|
||||
|
||||
To reduce the risk of side channel attacks, we performed our
|
||||
contribution to the ceremony while airborne in Ryan's Piper
|
||||
Cherokee. Ryan and Andrew were the only occupants in the aircraft. No
|
||||
mobile phones were powered on during the flight. The only mobile
|
||||
device in use was an iPad 2, with cellular and WiFi disabled but
|
||||
Bluetooth and GPS enabled, running ForeFlight electronic flight bag
|
||||
software. We departed on a VFR flight from Waukegan airport (KUGN),
|
||||
located in Illinois, near the Wisconsin border. Once we reached 3,000
|
||||
feet AMSL, Ryan performed a 360 degree steep turn to assure ourselves
|
||||
that no aircraft or drones were following us. We set up the Geiger
|
||||
counter RNG and laptop and began the computation. During this time, we
|
||||
made occasional random turns, flying over northern Illinois and
|
||||
southern Wisconsin while remaining outside the O'Hare Class B
|
||||
airspace, until the compute finished. We observed no suspicious
|
||||
aircraft attempting to follow us. The total compute time took around
|
||||
30 minutes. We then flew to Schaumburg Airport (06C) where we uploaded
|
||||
the response file at Pilot Pete's restaurant. We made a return flight
|
||||
to Waukegan later that afternoon.
|
||||
|
||||
Pictures from the trip:
|
||||
|
||||
https://twitter.com/RyanPierce_Chi/status/954776352225398784
|
||||
https://twitter.com/RyanPierce_Chi/status/954777461782470656
|
||||
https://twitter.com/RyanPierce_Chi/status/954779454961745921
|
||||
https://twitter.com/RyanPierce_Chi/status/954854952396050432
|
||||
https://twitter.com/RyanPierce_Chi/status/954908555873849344
|
||||
https://twitter.com/RyanPierce_Chi/status/954855811951550464
|
||||
|
||||
We’re also currently producing a short video about our trip, which we
|
||||
plan to publish to Youtube and notify the zapps-wg mailing list.
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: GnuPG v1
|
||||
|
||||
iQIcBAEBAgAGBQJaZisvAAoJEFvUyhfk+7ICLOYQAIX7+nSe6CRVKFuwkjHYXJyu
|
||||
Ll5G+X9+Kjrhq0RYXmjix50pEgkpEZhTzKnPxo4tNiiaRc34waKpCAFZpn2Yfpq5
|
||||
8o3R3rTDjYlGcMVyWciipUvbtzxfxrs5GRXknTGhtLvhljZM+fq09O4raPn+oj5Y
|
||||
tDiFKAO0tKx5wXqlg8diM5AxUfveX6Kov0844ctV+7rP6OYOgCEjqD/o/vM0kVUR
|
||||
R5wvh7dqY2VHvh7LYAjUSOwbQ4M+3LCw9fK0dAZrXqT9Yn5DquGYKj39QsHJoJ9R
|
||||
4uoDb6ltPJuZDCJ0wBKHiyfMr3++UKTDj6dRkHF2OD7aBk4jPZUC6YCC5zgQFPxL
|
||||
MrBv137EBijmtu4uFfT2YM7SJkKa+AGXnhzsIdFKy5U4Ahqa7meA9sDdAHdOgR9W
|
||||
RVq9wuO3OnL12Oj53N/PEVtxgmWxHVZfIKP5EPihhSklWC6RU8XVgV4OlfGkkYkA
|
||||
YyrYNGjSTDI6YXVNXl4uKttzVg965tSt5+83HhuEFepR3+HFgmXz+suYa53J8rxX
|
||||
njESFI0qV7j7VzLnwthAjV5u0ZAY0y9vOTnMB1nLwVZEKl/g3/WNZhDes9xuyYqV
|
||||
fAXjVfM2YQ2mQui9U60g0XfSgnO/tnLVG8Fsiv3Jy2yx5baZect8nl3wX6qyWAiM
|
||||
d/vM2xKNhdf49qfltNQn
|
||||
=rmAp
|
||||
-----END PGP SIGNATURE-----
|
Loading…
Reference in New Issue