From e2e3c42212f4667a419d95a61641c4feba20438b Mon Sep 17 00:00:00 2001 From: Hudson Jameson Date: Thu, 16 Nov 2017 21:07:08 -0600 Subject: [PATCH] Update report.asc --- 0006/report.asc | 75 ++++++++++++++++++++----------------------------- 1 file changed, 31 insertions(+), 44 deletions(-) diff --git a/0006/report.asc b/0006/report.asc index 9d0f86f..6656b5c 100644 --- a/0006/report.asc +++ b/0006/report.asc @@ -3,10 +3,10 @@ Hash: SHA256 Powers of Tau Operational writeup ================================= -Round: 5 -Date: 2017-11-13 -Name: Kobi Gurkan -Location: Netanya, Israel +Round: 6 +Date: 2017-11-16 +Name: Hudson Jameson and Steven Schroeder +Location: Texas, USA Challenge (blake2b, sha256): 658a6f81174a3ba72abc3a549483b4891d5be2351c6d1965c5a0bd20f91ea654c2e33c85109401cbd418d474a8762a41e1b62034251e118958d3ff9b8c74 @@ -17,52 +17,39 @@ f01f2679613a75ef9f94f588cc3253962c49c9129b174d914533611ada96e29c8c91a2131475ebdb Preparation steps ================= -I built a docker image based on Andrew Miller's Dockerfile from: https://hub.docker.com/r/socrates1024/powersoftau/~/dockerfile/. The Dockerfile I used also verified that rustup.sh has a sha256 hash of value "22aa1f7f4c4b9be99a9d7e13ad45b2aec6714165a0578dd5ef81ca11f55ea24e". Nevertheless, building the image using the Dockerfile produced the "compute" binary based on Sean’s powersoftau rust repo, commit -9e1553c437183540392a7231d0788318a19b18a3 with the same sha256 hash reported by Andrew and others - 922b2e0a59841ecdaba7b4953d8c67e62b74b8f52f968624cff664dc086da93a. - -I burned an Ubuntu 16.04.03 live cd to a blank DVD and the compute binary to another DVD. - -I then took an old Xtreamer Ultra HTPC that I disassembled, removed the hard disk and removed the RAM stick for about 2 minutes (Image: https://pbs.twimg.com/media/DOkcOtqWsAAylKI.jpg:large). -The relevant technical specification of the PC are: -- - Samsung 4GB DDR3 (SO-DIMM/204pin/DDR3-1333/PC3-10600) -- - Intel Atom D525 (dual-core, 1.8 GHz) - -I disconnected the electronic devices near the PC besides a Dell U2414H monitor connected by HDMI, a Microsoft Natural Ergonomic Keyboard 4000 and a Microsoft Comfort Mouse 3000, connected by USB. - -After booting the live cd, I verified its MD5 and found the same one that appear on the Ubuntu web-site (http://releases.ubuntu.com/16.04.3/MD5SUMS): -0d9fe8e1ea408a5895cbbe3431989295 *ubuntu-16.04.3-desktop-amd64.iso (Image: https://pbs.twimg.com/media/DOkcWy_W0AUu8a1.jpg:large) - -I also re-verified the hash of the compute binary from the second DVD and copied both the challenge and the compute binary to RAM (Image: https://pbs.twimg.com/media/DOkcg2_X0AE0NVU.jpg:large). - -I prepared an external hard-drive I had for extraction of the report later on. +[Imgur gallary of photos/video: https://imgur.com/a/2rUDz] +- - Built a docker image based on Andrew Miller's Dockerfile from: https://hub.docker.com/r/socrates1024/powersoftau/~/dockerfile/. +- - Extracted the "compute" binary from the docker container. +- - Transferred the "compute" binary file and the challenge file to a brand new 8GB USB drive. +- - Burned an Ubuntu 16.04.02 live cd to a blank DVD. +- - Removed the hard drive and wireless card from an old Toshiba laptop I bought in 2009 [Specs: 4GB RAM + Intel Core 2 Duo (2.20 GHz), URL: https://www.newegg.com/Product/Product.aspx?Item=N82E16834114719]. +- - Removed the RAM sticks from the laptop for 10 minutes. +- - Built a faraday cage with a box, Gorilla tape, and aluminum foil. +- - Placed the laptop in the Faraday cage and booted into Ubuntu. +- - Inserted the USB drive and ran the "compute" binary file with the "challenge" file as input. Sidechannel defenses ==================== -The PC I used was bought a few years ago. I disconnected the hard disk and all peripherals besides monitor, keyboard and mouse. I disconnected electronic devices around the PC such that the room had only the devices mentioned connected. I was in the house the entire time (although asleep). +- - The laptop we used was bought in 2009. +- - We disconnected the hard disk and wireless card. +- - We removed the RAM and re-inserted it after 10 minutes before the process. +- - The faraday cage was placed in a bathroom that is in the middle of the house, has no windows, and is at least 15 feet from any type of electronics. +- - We destroyed the RAM, USB drive, and CPU using a drill and hammer [Images/Video: https://imgur.com/a/2rUDz]. Postprocessing ============== -After compute finished its operation, I took a photo of the blake2b and sha256 hashes of the resulting response (Image: https://pbs.twimg.com/media/DOkcae4W4AAhBG7.jpg:large). Then, I copied the file to the USB external hard drive and then to my laptop. -I verified on my laptop that the sha256 hash is the same one calculated on the PC (laptop) and ran verify_transform. -I disconnected the PC from power and physically removed the RAM stick. I don't plan to use this computer in the coming weeks. - -My upload link expired before I could upload the response, so I uploaded it to google drive: https://drive.google.com/file/d/1K7c0zbt0quZmAAMNiMPVjoE0WPn13Zh3/view?usp=sharing +- - The computation took roughly 45 minutes to complete. +- - After compute finished its operation, we took a photo of the blake2b hashes of the resulting response [Image: https://i.imgur.com/50vTNDf.jpg]. +- - We uploaded the "response" file and shared the blake2b hash via image and shared the hash with Sean and others in the MPC chat channel. +- - We destroyed the RAM, USB drive, and laptop using a drill and hammer [Images/Video: https://imgur.com/a/2rUDz]. -----BEGIN PGP SIGNATURE----- -Version: Mailvelope v2.0.0 -Comment: https://www.mailvelope.com -wsFcBAEBCAAQBQJaCo55CRBEcm3jN1yF3gAAFVIQAKBR+Tj+KUsj4pZt/iRF -Ltgy5Yq1X3wNdDHkgad2mrUO2KGdD+1i1O+Wj+IaURhis5ZiGhB3G460/kVc -+3XijxDO3HIaZaBPwCr8b1vjbwIUGW0C7E66XzJ7EYkfZJ+i2FAd83gfVrDl -tLk2VAo/S8S4vpklkED2sNYT59QDO59cLxJ1TzxsxSbKzyDxtJt6Lc82Vus4 -VbRM9SzUzb4URQ3fBHxQWM0oyr06KxUdS95QOw1uO5icdEzSPcnzljihDRY0 -U5ogEhDOs+nKHPCsfyT2SSW+ty/jXEitWpy2R4w8WS/E2XHZKhEIpOtSLLBd -Txqa3qqqeyfrb1Q7sfUYzYEEjhA+5J0pRe76Uyu0qyNbkXfyw1oa7c7y+4cj -VHGJtbDpksrul69g+XQ6yYT+dUVN9yS2dN80Z014bX10qnJjeGjX2NLPqTex -hdEKm7UfalFVutAm2jKoerCm2YdKpVaSkpnpPu4ZKBr0UzNNHkGpR73deoKr -F2Dh31+M721DTFY1nHszUFhohcS0dCmW5i2gx32oN6UZpdewHv9jmpAioYIX -Da+Ybl8E3pWYAIOTcBOGThknKdrSqmXMsUJK+i2ZyyDS8COgmZ0XuCq7kNWI -RsU4WZRnitHn6mnDU92w+7kh5Ayl+pSgns1mFe9Kp2LqmAePf5+cvJtL8nlR -LHES -=r6L2 +iQEzBAEBCAAdFiEEQJOwBcP8NxBh5a9xfU+4un9NJ5AFAloOUhsACgkQfU+4un9N +J5CBtAf/QBU18m4fvWJAqepR8CYHnI9yM2pI2iKKU7QfmiWM7jTN4CXkFDoNXU38 +/ifLIOGiE7E9e3IxYIs2fhEYQ3Nxd7mBZnDpNWV9RdtPQCme65SbtrXjK63F0uPa +ryPcs+JPE8uwTdu99d4uw2G3YRk7ecNRl4eL3S+HlVC5CMXlXbrlhTFfmolRK3aE +F8Fe3Mm4cdV+C2FxRGTZtGwGFTpm8PnjnnTiXna5UJ7pJ4nItYCw8Cz72rBLkuLe +bF7ROblfS/hayaAhiUrXUs1dhrYuOLT1BzLLstdwyiRJftisE5ki3nqozGEzLJib +iT+n0CzUdlMJEf00sILQab6FWX5EDg== +=8tOe -----END PGP SIGNATURE-----