Add Sean Kelly.
This commit is contained in:
parent
1cf483e374
commit
bad783b0c7
|
@ -0,0 +1,7 @@
|
|||
# Sean Kelly
|
||||
|
||||
* Mailing list post: <https://lists.z.cash.foundation/pipermail/zapps-wg/2018/000259.html>
|
||||
|
||||
Response file:
|
||||
|
||||
* <https://powersoftau-transcript.s3-us-west-2.amazonaws.com/40db756cfdceae765472590bc0dd9ec17fa70475f1cc9ef5fdf99e0d750cd6a2ce010c95b59130c6d8c12eb2c7fe52968858fca9d6ba7bcb67b391cfb1f5401d>
|
|
@ -0,0 +1,97 @@
|
|||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA256
|
||||
|
||||
Powers of Tau Attestation
|
||||
=============================
|
||||
|
||||
Round: 57
|
||||
Date: 2018-02-13
|
||||
Name: Sean Kelly
|
||||
Location: Galway, Ireland
|
||||
|
||||
The BLAKE2b hash of `./response` is:
|
||||
40db756c fdceae76 5472590b c0dd9ec1
|
||||
7fa70475 f1cc9ef5 fdf99e0d 750cd6a2
|
||||
ce010c95 b59130c6 d8c12eb2 c7fe5296
|
||||
8858fca9 d6ba7bcb 67b391cf b1f5401d
|
||||
|
||||
Methodology
|
||||
=============================
|
||||
|
||||
Firstly, thank you for organising this and for the opportunity to participate.
|
||||
|
||||
In a similar way to Matt in round 4, I decided to leverage a cloud
|
||||
provider's security (this time Microsofts) by running the computation
|
||||
using Azure (https://docs.microsoft.com/en-us/azure/security/azure-security),
|
||||
thus introducing an additional channel that would need to be
|
||||
compromised by an attacker (now Microsofts cloud security will need to
|
||||
have been compromised as well as Google's and all other participants).
|
||||
|
||||
>From Azure Managent Portal, I created a "Jumpbox" Compute Instance
|
||||
(D2s v3) with public IP for downloading Rust, the Powers of Tau
|
||||
utility and the challenge file. I created 2 additional "Calculation"
|
||||
Compute Instances (E2s v3) without public IP's to perform the
|
||||
computations, these VMs were located in different datacenters (1 in
|
||||
Europe and 1 in the US). I used Ubuntu Server 16.04 as the OS for all
|
||||
VMs.
|
||||
|
||||
>From Azure Storage Manager, I created an Azure Files share that I
|
||||
would use to transfer the files to the Calculation instances.
|
||||
|
||||
>From the Jumpbox, I downloaded Rust (v1.23.0), Powers of Tau (from
|
||||
github.com/ebfull/powersoftau commit
|
||||
d47a1d3d1f007063cbcc35f1ab902601a8b3bd91) and the Challenge File (from
|
||||
S3). I transfered these files to the Calculation instances and ran the
|
||||
computation from each instance simultaneously using random keyboard
|
||||
inputs for additional entropy.
|
||||
|
||||
Once the responses were computed on both instance, I selected one of
|
||||
the 2 response files by the flip of a coin. I copied the file to the
|
||||
Jumpbox and deleted both Calculation instances. I then submitted its
|
||||
hash to the mailing list (above) and uploaded the file to S3. I also
|
||||
posted this hash on Twitter
|
||||
(https://twitter.com/SeanKe11y/status/963592537310203905). Finally, I
|
||||
deleted the Jumpbox compute instance and any other Azure resources
|
||||
that were used to support the process.
|
||||
|
||||
Sidechannel Defenses
|
||||
=============================
|
||||
|
||||
* I used my personal laptop (I'm reasonably confident that it's
|
||||
secure) for connecting to Azure, it didn't leave my sight for the
|
||||
duration of the process.
|
||||
* I used a free Azure subscription I have that had never been used
|
||||
before for any purpose.
|
||||
* I connected to a VPN server in a country that I had never connected
|
||||
to before prior to beginning the process.
|
||||
* I downloded a browser I had never used before and used this for some
|
||||
of the steps (I used PuTTY for everything else).
|
||||
* The computations took place within Azure's datacenters leveraging
|
||||
their security best practices.
|
||||
* I ran the computation on multiple VMs simultaneously in two
|
||||
different datacenters on different continents and randomly chose a
|
||||
response to use.
|
||||
* I deleted all VMs and associated Azure resources after the process
|
||||
was completed.
|
||||
* I didn't tell anyone I know that I was doing this, in case they are spies.
|
||||
|
||||
Sean Kelly
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: Mailvelope v2.1.1
|
||||
Comment: https://www.mailvelope.com
|
||||
|
||||
wsFcBAEBCAAQBQJag5fYCRCd9XEg9LQ87AAAiSwP/jHtBCVuB8skitvrAl6p
|
||||
IUQrWjsCbeBj878qlqc7ejAu3zUKwTlh9v7BAqDrT71IDzZo9kNbcZGFW9X5
|
||||
9c2Q7nnpo6Yk5Bf9Be7IoDLcrjPeM9O4aoKHirJlTdGpUmmmfHnDD6Og7DKk
|
||||
ARxDZzy1vliNfVVZ3YhTP/gX/de5E+naV+NZqDksO1wTzkggK+PWxyvTRtM5
|
||||
c7epzgJN0y7K/Zau0TpCF6pkZEN8FJTF+za8G7/+xF/HhS5u1p9gd/NZBHHf
|
||||
M4UBl0u5Ple8bOJxLfuE52s8O74G9vQ8byRzQJW5xAOAdmB0K4GZNFLeL7pj
|
||||
oVxoqTxzJQsK8g5DINnWwa9ZxoMpdvJ3u31lmFeX9meSOcSZW3z7z+e0rBlS
|
||||
jQ6dtdzGV4QC12lTWLbdBGbbS/smWYquly5Mvrx0rQ2nVwC2V38Hx31GEb7X
|
||||
HStmc3KK4IoaY4ZQ3ktLPkHgpGAdjoeHTWPQPoAwPKHE4pTyeJJAzi3amL6g
|
||||
So/E0X9WRWf2HPMiNqZynRMRIs2sPUGAzn6Yf0phzja/N50fx0nxnPLmKO3t
|
||||
W5EbGJIbVPmY7rzSkXJ/K8vjQ1GEwzaNVi+HedZYYSRSdezc6uP0I/HqxQn2
|
||||
Wifd6bTkAoR9TbIECQWBhn2+QKOsWX0RHrpMWqMYDd3SaFHTYvQv9xnkWxcZ
|
||||
6vfi
|
||||
=Cva/
|
||||
-----END PGP SIGNATURE-----
|
|
@ -58,6 +58,7 @@
|
|||
* d0e254dc319b760d7e9f42aafa87df4695c2f7ab8eebf17c303e5a44e7b3c41c02a73edad60c270bb6c643a7753cb275f72fd24fde8b01cf6711d83ab89795a8
|
||||
55. [Joseph Tobin](./0055/) [[report.asc]](./0055/report.asc) 2ddd4358b124100d724e62a06f158dbcc714ffbe8784f619887a40ff12f9fab044649dfa306a038506f95e0e25c6cfb332f46f57ea6331c8057f46bf5a079db4
|
||||
56. [Alok Menghrajani](./0056/) c13af4d4477f66e753f25d511b6c46249f20f79af63c20d8c64e34c9df90441b0bf89ae28c05d71c4ae9cb82e0a3aa4d41e99666c54261a9b0b75f6a5c455436
|
||||
57. [Sean Kelly](./0057/) [[report.asc]](./0057/report.asc) 40db756cfdceae765472590bc0dd9ec17fa70475f1cc9ef5fdf99e0d750cd6a2ce010c95b59130c6d8c12eb2c7fe52968858fca9d6ba7bcb67b391cfb1f5401d
|
||||
|
||||
## License
|
||||
|
||||
|
|
Loading…
Reference in New Issue