zecfoundation
/
powersoftau-attestations
mirror of https://github.com/ZcashFoundation/powersoftau-attestations.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
powersoftau-attestations/0005/report.asc

69 lines
4.2 KiB
Plaintext
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Powers of Tau Operational writeup
=================================
Round: 5
Date: 2017-11-13
Name: Kobi Gurkan
Location: Netanya, Israel
Challenge (blake2b, sha256):
658a6f81174a3ba72abc3a549483b4891d5be2351c6d1965c5a0bd20f91ea654c2e33c85109401cbd418d474a8762a41e1b62034251e118958d3ff9b8c74
3f8938fdaa30ea4232939629d722ed0d1a40c5bd4268cbbf5bb6bbbbe34ac802
Response (blake2b):
f01f2679613a75ef9f94f588cc3253962c49c9129b174d914533611ada96e29c8c91a2131475ebdbd081e526bd4d738447385b95e95d5043764786f01441
Preparation steps
=================
I built a docker image based on Andrew Miller's Dockerfile from: https://hub.docker.com/r/socrates1024/powersoftau/~/dockerfile/. The Dockerfile I used also verified that rustup.sh has a sha256 hash of value "22aa1f7f4c4b9be99a9d7e13ad45b2aec6714165a0578dd5ef81ca11f55ea24e". Nevertheless, building the image using the Dockerfile produced the "compute" binary based on Seans powersoftau rust repo, commit
9e1553c437183540392a7231d0788318a19b18a3 with the same sha256 hash reported by Andrew and others - 922b2e0a59841ecdaba7b4953d8c67e62b74b8f52f968624cff664dc086da93a.
I burned an Ubuntu 16.04.03 live cd to a blank DVD and the compute binary to another DVD.
I then took an old Xtreamer Ultra HTPC that I disassembled, removed the hard disk and removed the RAM stick for about 2 minutes (Image: https://pbs.twimg.com/media/DOkcOtqWsAAylKI.jpg:large).
The relevant technical specification of the PC are:
- - Samsung 4GB DDR3 (SO-DIMM/204pin/DDR3-1333/PC3-10600)
- - Intel Atom D525 (dual-core, 1.8 GHz)
I disconnected the electronic devices near the PC besides a Dell U2414H monitor connected by HDMI, a Microsoft Natural Ergonomic Keyboard 4000 and a Microsoft Comfort Mouse 3000, connected by USB.
After booting the live cd, I verified its MD5 and found the same one that appear on the Ubuntu web-site (http://releases.ubuntu.com/16.04.3/MD5SUMS):
0d9fe8e1ea408a5895cbbe3431989295 *ubuntu-16.04.3-desktop-amd64.iso (Image: https://pbs.twimg.com/media/DOkcWy_W0AUu8a1.jpg:large)
I also re-verified the hash of the compute binary from the second DVD and copied both the challenge and the compute binary to RAM (Image: https://pbs.twimg.com/media/DOkcg2_X0AE0NVU.jpg:large).
I prepared an external hard-drive I had for extraction of the report later on.
Sidechannel defenses
====================
The PC I used was bought a few years ago. I disconnected the hard disk and all peripherals besides monitor, keyboard and mouse. I disconnected electronic devices around the PC such that the room had only the devices mentioned connected. I was in the house the entire time (although asleep).
Postprocessing
==============
After compute finished its operation, I took a photo of the blake2b and sha256 hashes of the resulting response (Image: https://pbs.twimg.com/media/DOkcae4W4AAhBG7.jpg:large). Then, I copied the file to the USB external hard drive and then to my laptop.
I verified on my laptop that the sha256 hash is the same one calculated on the PC (laptop) and ran verify_transform.
I disconnected the PC from power and physically removed the RAM stick. I don't plan to use this computer in the coming weeks.
My upload link expired before I could upload the response, so I uploaded it to google drive: https://drive.google.com/file/d/1K7c0zbt0quZmAAMNiMPVjoE0WPn13Zh3/view?usp=sharing
-----BEGIN PGP SIGNATURE-----
Version: Mailvelope v2.0.0
Comment: https://www.mailvelope.com
wsFcBAEBCAAQBQJaCo55CRBEcm3jN1yF3gAAFVIQAKBR+Tj+KUsj4pZt/iRF
Ltgy5Yq1X3wNdDHkgad2mrUO2KGdD+1i1O+Wj+IaURhis5ZiGhB3G460/kVc
+3XijxDO3HIaZaBPwCr8b1vjbwIUGW0C7E66XzJ7EYkfZJ+i2FAd83gfVrDl
tLk2VAo/S8S4vpklkED2sNYT59QDO59cLxJ1TzxsxSbKzyDxtJt6Lc82Vus4
VbRM9SzUzb4URQ3fBHxQWM0oyr06KxUdS95QOw1uO5icdEzSPcnzljihDRY0
U5ogEhDOs+nKHPCsfyT2SSW+ty/jXEitWpy2R4w8WS/E2XHZKhEIpOtSLLBd
Txqa3qqqeyfrb1Q7sfUYzYEEjhA+5J0pRe76Uyu0qyNbkXfyw1oa7c7y+4cj
VHGJtbDpksrul69g+XQ6yYT+dUVN9yS2dN80Z014bX10qnJjeGjX2NLPqTex
hdEKm7UfalFVutAm2jKoerCm2YdKpVaSkpnpPu4ZKBr0UzNNHkGpR73deoKr
F2Dh31+M721DTFY1nHszUFhohcS0dCmW5i2gx32oN6UZpdewHv9jmpAioYIX
Da+Ybl8E3pWYAIOTcBOGThknKdrSqmXMsUJK+i2ZyyDS8COgmZ0XuCq7kNWI
RsU4WZRnitHn6mnDU92w+7kh5Ayl+pSgns1mFe9Kp2LqmAePf5+cvJtL8nlR
LHES
=r6L2
-----END PGP SIGNATURE-----
Reference in New Issue View Git Blame Copy Permalink