Merge pull request #3 from MDrollette/mdrollette
signed response for Matt Drollette
This commit is contained in:
commit
7779c45579
|
@ -1,6 +1,9 @@
|
|||
# Matt Drollette
|
||||
|
||||
* Software Engineer
|
||||
* https://matt.drollette.com/
|
||||
* Mailing list post: <https://lists.z.cash.foundation/pipermail/zapps-wg/20171112/000018.html>
|
||||
* See `./report.asc` for the signed attestation.
|
||||
|
||||
Response file:
|
||||
|
||||
|
|
|
@ -0,0 +1,112 @@
|
|||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA512
|
||||
|
||||
Powers of Tau Operational writeup
|
||||
=================================
|
||||
|
||||
Round: 4
|
||||
Date: 2017-11-12
|
||||
Name: Matt Drollette
|
||||
Location: Dallas, Texas
|
||||
|
||||
Challenge:
|
||||
9b80a6140d42bd234fbe43eea542296df8bcb4c834ea5d0a16a194964b72fd11a6ee9efae9364eb74f99bb4471e7fb4ac9cb2bb3aa8e03fe22c6279a104f367b
|
||||
|
||||
Response:
|
||||
53b6dc5a91d04c3000037cbc4f6f4bc9e9daf9448a41f997746b156c643a84f481c49bf7dadce388b3c9e8c147f94c12c5dacb5350a54e112ee45f57ffd8f34c
|
||||
|
||||
|
||||
Preparation steps
|
||||
=================
|
||||
|
||||
I noticed most participants were taking on a significant responsibility in
|
||||
securing their own hardware and infrastructure in order to participate in this
|
||||
process. I took a different approach in that I wanted to leverage the security
|
||||
work done by people much more qualified than myself. I therefore used Google
|
||||
Cloud Platform to generate my response (https://cloud.google.com/security/).
|
||||
|
||||
First, I created a new GCP project under a gmail account not belonging to any
|
||||
other organizations and configured with Advanced Protection
|
||||
(https://landing.google.com/advancedprotection/).
|
||||
|
||||
Next, I created a Compute Instance with an external IP to serve as the bastion
|
||||
for external network access and collecting the responses.
|
||||
|
||||
I then created three compute instances in three different regions having three
|
||||
different instance types. Each instance was running Google's Container-Optimized
|
||||
OS (https://cloud.google.com/container-optimized-os/docs/concepts/security) and
|
||||
did not have an external IP address.
|
||||
|
||||
Next, on the bastion I built a Docker image containing the compute binary built
|
||||
from https://github.com/ebfull/powersoftau at commit 9e1553c437183540392a7231d0788318a19b18a3
|
||||
|
||||
I downloaded the challenge file to the bastion host and then transferred it to
|
||||
each compute instance along with the compute Docker image via scp over the
|
||||
internal network. I verified the sha256 hash of each challenge and compute
|
||||
binary on each instance and then began the computation using different random
|
||||
inputs for each process.
|
||||
|
||||
```
|
||||
bastion
|
||||
480c27457c467362a1d3dd3d972844e1230abde236f4d153d80938ab7ec19f7d challenge
|
||||
4952c8b4e8d3e75ded8fafa28bffb4082e26732f17ec8176c7cd26591adaf93e powersoftau.docker
|
||||
922b2e0a59841ecdaba7b4953d8c67e62b74b8f52f968624cff664dc086da93a /powersoftau/target/x86_64-unknown-linux-musl/release/compute
|
||||
|
||||
instance-1
|
||||
480c27457c467362a1d3dd3d972844e1230abde236f4d153d80938ab7ec19f7d challenge
|
||||
4952c8b4e8d3e75ded8fafa28bffb4082e26732f17ec8176c7cd26591adaf93e powersoftau.docker
|
||||
922b2e0a59841ecdaba7b4953d8c67e62b74b8f52f968624cff664dc086da93a /powersoftau/target/x86_64-unknown-linux-musl/release/compute
|
||||
|
||||
instance-2
|
||||
480c27457c467362a1d3dd3d972844e1230abde236f4d153d80938ab7ec19f7d challenge
|
||||
4952c8b4e8d3e75ded8fafa28bffb4082e26732f17ec8176c7cd26591adaf93e powersoftau.docker
|
||||
922b2e0a59841ecdaba7b4953d8c67e62b74b8f52f968624cff664dc086da93a /powersoftau/target/x86_64-unknown-linux-musl/release/compute
|
||||
|
||||
instance-3
|
||||
480c27457c467362a1d3dd3d972844e1230abde236f4d153d80938ab7ec19f7d challenge
|
||||
4952c8b4e8d3e75ded8fafa28bffb4082e26732f17ec8176c7cd26591adaf93e powersoftau.docker
|
||||
922b2e0a59841ecdaba7b4953d8c67e62b74b8f52f968624cff664dc086da93a /powersoftau/target/x86_64-unknown-linux-musl/release/compute
|
||||
```
|
||||
|
||||
|
||||
Sidechannel defenses
|
||||
====================
|
||||
|
||||
The scale of GCP and sheer number of compute instances makes a targeted
|
||||
sidechannel attack practically impossible. Also, Google takes great care in
|
||||
preventing known attack methods
|
||||
(https://cloudplatform.googleblog.com/2017/01/7-ways-we-harden-our-KVM-hypervisor-at-Google-Cloud-security-in-plaintext.html).
|
||||
|
||||
In addition to Google's security practices, I also ran multiple compute
|
||||
instances in multiple regions computing responses on the same challenge file at
|
||||
the same time. I then selected only one of these responses at random to submit
|
||||
and destroyed the others. I do not know which node computed the response that I
|
||||
submitted.
|
||||
|
||||
|
||||
Postprocessing
|
||||
==============
|
||||
|
||||
Once the responses were computed on each instance, I recorded the hashes of each
|
||||
response file and transferred all 3 files back to the bastion host and deleted
|
||||
the 3 compute instances. I did not record which instance computed which
|
||||
response. I then selected one of the 3 response files by dice roll and submitted
|
||||
its hash to the mailing list and uploaded the file to S3. I then deleted the
|
||||
bastion compute instance and deleted the entire GCP project.
|
||||
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAEBCgAdFiEEcCbF98RdwnWkGV4WMFJx9gHK8m4FAloI+EMACgkQMFJx9gHK
|
||||
8m69Lg/9Hpa33wVPdjSjfarwHEveAnIjryoIxemMI2OThJfK27aIhuKVjW94/t4W
|
||||
eaX9KCYejcFOY8gXfLVlKd+/ZGGlt0tajSUwT1A6Nz9E8IKc3WnXaEyFWuFFiS/v
|
||||
DyOeSAjjsJpAGNs2tIDFQZkmY/cKzC+L/G7PzVu6KLgWKpl0LXXPyVw7og9AcCIP
|
||||
LiJaHcqDMbLrhQoL+13K2chtDU8exU6972Z6YH0di8EuhykTQ6ILX9/Ebju8/Tat
|
||||
m4Mq/GpKMxqZUHMQwDlEkYdaf8q/b23iVmcl/+5UXfivA2vnqi7h05lbgr0QCoC/
|
||||
KFLJoZ3qCMw2iTqZVrcAejrgcHXaHXyE2jrPpMN+b/1Ot9rcnKMOilKPuDCTSYSr
|
||||
7/4hhEQQk8wBgikLeCbgkJD6UldWG1KSfZ7mH4f/5ywddSt7cctFVNk5kHjzvxJ2
|
||||
N/0j8ZNZ0pQ9ME6oP9WlnzUhiMn6eA1BPMjOfzRZhvFV6F/+RMQwjEWx2ujYN30O
|
||||
JF6VZ+RT8EqpG3rrdW7CvMIJs+EQ2M3EH5KEBZae+DRUNElIqrgx5gmYWrafdBI9
|
||||
c4+qr16+6CN36XKvQr6o89xqjiSA19e+D5PLGAOLeMI2Xmokp2bd0R59Vzn7Ys24
|
||||
0XK09E0zzIC3VM0S6eSVE2/b7bL6VP5ou/5a/6Agt34epTWsYrg=
|
||||
=acF8
|
||||
-----END PGP SIGNATURE-----
|
|
@ -3,4 +3,5 @@
|
|||
1. [Andrew Miller](./0001/) [[report.asc]](./0001/report.asc) 15729e0edc4201dc5ee6241437d926f614cb4214ff1b9c6fbd73daf401639f7a4238cf04bc94edac9f2ad037003daab9a4408ba7c62a4413dc2a0ddd683bd719
|
||||
2. [Jason Davies](./0002/) [[report.asc]](./0002/report.asc) 2f728af894524f55bda7a3e2c2e2db6a57a992811e90ed57456d62aead5106cdc5c97c86532d14b5185cc74d169f1b0c2c0ef1e582231ffa7936da55047c0cb2
|
||||
3. [Jared Tobin](./0003/) [[report.asc]](./0003/report.asc) cb48afb82ab4c476ae741633c3eb6643e7700dc7b2b4701af91e3cc932270b96c375e5f3a5c20c96fac6c9b40a5bba6c956d66f223f090c545c277aa05427757
|
||||
4. [Matt Drollette](./0004/) 53b6dc5a91d04c3000037cbc4f6f4bc9e9daf9448a41f997746b156c643a84f481c49bf7dadce388b3c9e8c147f94c12c5dacb5350a54e112ee45f57ffd8f34c
|
||||
4. [Matt Drollette](./0004/) [[report.asc]](./0004/report.asc) 53b6dc5a91d04c3000037cbc4f6f4bc9e9daf9448a41f997746b156c643a84f481c49bf7dadce388b3c9e8c147f94c12c5dacb5350a54e112ee45f57ffd8f34c
|
||||
|
||||
|
|
Loading…
Reference in New Issue