zecfoundation
/
powersoftau-attestations
mirror of https://github.com/ZcashFoundation/powersoftau-attestations.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #5 from Souptacular/patch-1 

Update Hudson/Steven's Report
This commit is contained in:
ebfull 2017-11-16 20:23:52 -07:00 committed by GitHub
parent b560ede3c5 e2e3c42212
commit a44a856821
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 31 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
0006/report.asc
View File

@ -3,10 +3,10 @@ Hash: SHA256
Powers of Tau Operational writeup
=================================
Round: 5
Date: 2017-11-13
Name: Kobi Gurkan
Location: Netanya, Israel
Round: 6
Date: 2017-11-16
Name: Hudson Jameson and Steven Schroeder
Location: Texas, USA
Challenge (blake2b, sha256):
658a6f81174a3ba72abc3a549483b4891d5be2351c6d1965c5a0bd20f91ea654c2e33c85109401cbd418d474a8762a41e1b62034251e118958d3ff9b8c74
@ -17,52 +17,39 @@ f01f2679613a75ef9f94f588cc3253962c49c9129b174d914533611ada96e29c8c91a2131475ebdb
Preparation steps
=================
I built a docker image based on Andrew Miller's Dockerfile from: https://hub.docker.com/r/socrates1024/powersoftau/~/dockerfile/. The Dockerfile I used also verified that rustup.sh has a sha256 hash of value "22aa1f7f4c4b9be99a9d7e13ad45b2aec6714165a0578dd5ef81ca11f55ea24e". Nevertheless, building the image using the Dockerfile produced the "compute" binary based on Seans powersoftau rust repo, commit
9e1553c437183540392a7231d0788318a19b18a3 with the same sha256 hash reported by Andrew and others - 922b2e0a59841ecdaba7b4953d8c67e62b74b8f52f968624cff664dc086da93a.
I burned an Ubuntu 16.04.03 live cd to a blank DVD and the compute binary to another DVD.
I then took an old Xtreamer Ultra HTPC that I disassembled, removed the hard disk and removed the RAM stick for about 2 minutes (Image: https://pbs.twimg.com/media/DOkcOtqWsAAylKI.jpg:large).
The relevant technical specification of the PC are:
- - Samsung 4GB DDR3 (SO-DIMM/204pin/DDR3-1333/PC3-10600)
- - Intel Atom D525 (dual-core, 1.8 GHz)
I disconnected the electronic devices near the PC besides a Dell U2414H monitor connected by HDMI, a Microsoft Natural Ergonomic Keyboard 4000 and a Microsoft Comfort Mouse 3000, connected by USB.
After booting the live cd, I verified its MD5 and found the same one that appear on the Ubuntu web-site (http://releases.ubuntu.com/16.04.3/MD5SUMS):
0d9fe8e1ea408a5895cbbe3431989295 *ubuntu-16.04.3-desktop-amd64.iso (Image: https://pbs.twimg.com/media/DOkcWy_W0AUu8a1.jpg:large)
I also re-verified the hash of the compute binary from the second DVD and copied both the challenge and the compute binary to RAM (Image: https://pbs.twimg.com/media/DOkcg2_X0AE0NVU.jpg:large).
I prepared an external hard-drive I had for extraction of the report later on.
[Imgur gallary of photos/video: https://imgur.com/a/2rUDz]
- - Built a docker image based on Andrew Miller's Dockerfile from: https://hub.docker.com/r/socrates1024/powersoftau/~/dockerfile/.
- - Extracted the "compute" binary from the docker container.
- - Transferred the "compute" binary file and the challenge file to a brand new 8GB USB drive.
- - Burned an Ubuntu 16.04.02 live cd to a blank DVD.
- - Removed the hard drive and wireless card from an old Toshiba laptop I bought in 2009 [Specs: 4GB RAM + Intel Core 2 Duo (2.20 GHz), URL: https://www.newegg.com/Product/Product.aspx?Item=N82E16834114719].
- - Removed the RAM sticks from the laptop for 10 minutes.
- - Built a faraday cage with a box, Gorilla tape, and aluminum foil.
- - Placed the laptop in the Faraday cage and booted into Ubuntu.
- - Inserted the USB drive and ran the "compute" binary file with the "challenge" file as input.
Sidechannel defenses
====================
The PC I used was bought a few years ago. I disconnected the hard disk and all peripherals besides monitor, keyboard and mouse. I disconnected electronic devices around the PC such that the room had only the devices mentioned connected. I was in the house the entire time (although asleep).
- - The laptop we used was bought in 2009.
- - We disconnected the hard disk and wireless card.
- - We removed the RAM and re-inserted it after 10 minutes before the process.
- - The faraday cage was placed in a bathroom that is in the middle of the house, has no windows, and is at least 15 feet from any type of electronics.
- - We destroyed the RAM, USB drive, and CPU using a drill and hammer [Images/Video: https://imgur.com/a/2rUDz].
Postprocessing
==============
After compute finished its operation, I took a photo of the blake2b and sha256 hashes of the resulting response (Image: https://pbs.twimg.com/media/DOkcae4W4AAhBG7.jpg:large). Then, I copied the file to the USB external hard drive and then to my laptop.
I verified on my laptop that the sha256 hash is the same one calculated on the PC (laptop) and ran verify_transform.
I disconnected the PC from power and physically removed the RAM stick. I don't plan to use this computer in the coming weeks.
My upload link expired before I could upload the response, so I uploaded it to google drive: https://drive.google.com/file/d/1K7c0zbt0quZmAAMNiMPVjoE0WPn13Zh3/view?usp=sharing
- - The computation took roughly 45 minutes to complete.
- - After compute finished its operation, we took a photo of the blake2b hashes of the resulting response [Image: https://i.imgur.com/50vTNDf.jpg].
- - We uploaded the "response" file and shared the blake2b hash via image and shared the hash with Sean and others in the MPC chat channel.
- - We destroyed the RAM, USB drive, and laptop using a drill and hammer [Images/Video: https://imgur.com/a/2rUDz].
-----BEGIN PGP SIGNATURE-----
Version: Mailvelope v2.0.0
Comment: https://www.mailvelope.com
wsFcBAEBCAAQBQJaCo55CRBEcm3jN1yF3gAAFVIQAKBR+Tj+KUsj4pZt/iRF
Ltgy5Yq1X3wNdDHkgad2mrUO2KGdD+1i1O+Wj+IaURhis5ZiGhB3G460/kVc
+3XijxDO3HIaZaBPwCr8b1vjbwIUGW0C7E66XzJ7EYkfZJ+i2FAd83gfVrDl
tLk2VAo/S8S4vpklkED2sNYT59QDO59cLxJ1TzxsxSbKzyDxtJt6Lc82Vus4
VbRM9SzUzb4URQ3fBHxQWM0oyr06KxUdS95QOw1uO5icdEzSPcnzljihDRY0
U5ogEhDOs+nKHPCsfyT2SSW+ty/jXEitWpy2R4w8WS/E2XHZKhEIpOtSLLBd
Txqa3qqqeyfrb1Q7sfUYzYEEjhA+5J0pRe76Uyu0qyNbkXfyw1oa7c7y+4cj
VHGJtbDpksrul69g+XQ6yYT+dUVN9yS2dN80Z014bX10qnJjeGjX2NLPqTex
hdEKm7UfalFVutAm2jKoerCm2YdKpVaSkpnpPu4ZKBr0UzNNHkGpR73deoKr
F2Dh31+M721DTFY1nHszUFhohcS0dCmW5i2gx32oN6UZpdewHv9jmpAioYIX
Da+Ybl8E3pWYAIOTcBOGThknKdrSqmXMsUJK+i2ZyyDS8COgmZ0XuCq7kNWI
RsU4WZRnitHn6mnDU92w+7kh5Ayl+pSgns1mFe9Kp2LqmAePf5+cvJtL8nlR
LHES
=r6L2
iQEzBAEBCAAdFiEEQJOwBcP8NxBh5a9xfU+4un9NJ5AFAloOUhsACgkQfU+4un9N
J5CBtAf/QBU18m4fvWJAqepR8CYHnI9yM2pI2iKKU7QfmiWM7jTN4CXkFDoNXU38
/ifLIOGiE7E9e3IxYIs2fhEYQ3Nxd7mBZnDpNWV9RdtPQCme65SbtrXjK63F0uPa
ryPcs+JPE8uwTdu99d4uw2G3YRk7ecNRl4eL3S+HlVC5CMXlXbrlhTFfmolRK3aE
F8Fe3Mm4cdV+C2FxRGTZtGwGFTpm8PnjnnTiXna5UJ7pJ4nItYCw8Cz72rBLkuLe
bF7ROblfS/hayaAhiUrXUs1dhrYuOLT1BzLLstdwyiRJftisE5ki3nqozGEzLJib
iT+n0CzUdlMJEf00sILQab6FWX5EDg==
=8tOe
-----END PGP SIGNATURE-----