147 lines
6.4 KiB
Plaintext
147 lines
6.4 KiB
Plaintext
-----BEGIN PGP SIGNED MESSAGE-----
|
||
Hash: SHA1
|
||
|
||
Powers of Tau Operational writeup
|
||
=================================
|
||
|
||
Round: 41
|
||
Principals: Ryan Pierce and Andrew Miller
|
||
Date: 2018-01-20
|
||
Location: North Illinois and Southern Wisconsin
|
||
Altitude: 3,000' AMSL / approx. 2200' AGL
|
||
Commit version: 9e1553c437183540392a7231d0788318a19b18a3
|
||
SHA256 of ./compute: 922b2e0a59841ecdaba7b4953d8c67e62b74b8f52f968624cff664dc086da93a
|
||
SHA256 of challenge file: c48fbf0a267ea9a9596c09aaf91f6acc18b48430e9239c18de583055b32d503d
|
||
|
||
blake2sum of response:
|
||
8a5a9bcb a9c3ab76 c7e3a881 2ccd01e6
|
||
9af2153b 5d0f9668 9f790493 37de1fb3
|
||
28873f5f 771adef1 adf0486e 4904b28d
|
||
96fe602c 8866f42e 8047ce3b dafe2f9e
|
||
73c7d2cd 1b0c023d 3831a462 42bd6fc9
|
||
|
||
|
||
Preparation steps
|
||
=================
|
||
|
||
As we know, Powers of Tau is all about generating and safely disposing
|
||
of cryptographic "toxic waste." So, what better way to generate
|
||
entropy than with actual radioactive toxic waste?
|
||
|
||
For our contribution, the entropy source was a hardware-based random
|
||
number generator utilizing a Geiger tube and a radioactive source,
|
||
constructed and programmed by Ryan Pierce. It was based off of the
|
||
MightyOhm Geiger Counter kit, available for purchase at
|
||
http://mightyohm.com/geiger
|
||
|
||
The radioactive source chosen was a very small, low activity sample of
|
||
the graphite moderator ejected from the core of the Chernobyl Unit 4
|
||
nuclear reactor during the 1986 explosion and meltdown. The primary
|
||
activity of the source comes from the fission products Cs-137 (a gamma
|
||
and beta emitter) and Sr-90 (a beta emitter.) Gamma activity at the
|
||
surface of the sample container was approx. 0.7 uSv/h, falling
|
||
substantially below all thresholds that might restrict its
|
||
transportation by air, and posing no health risk. This dose rate is
|
||
only a few times the dose rate of normal background radiation.
|
||
|
||
The specific Geiger tube used was a Soviet SI-22G that was recovered
|
||
from the Chernobyl Exclusion Zone. This tube is sensitive to gamma and
|
||
hard beta radiation.
|
||
|
||
Ryan re-wrote the firmware for the kit's ATtiny2313 AVR
|
||
microcontroller to act as a random number generator, using the
|
||
difference in timing between consecutive pairs of Geiger tube pulses,
|
||
measured in microseconds. The idea for this method came from John
|
||
Walker, who implemented this in 1996. See
|
||
https://www.fourmilab.ch/hotbits/
|
||
|
||
Ryan's source code is available at
|
||
https://github.com/RyanPierce/GeigerRNG
|
||
|
||
To sanity check the output of the generator, we ran a standard battery
|
||
of statistical tests, all of which passed:
|
||
|
||
dieharder -a -k2 -Y 1 -f geigersamples.input >
|
||
geigersamples.output
|
||
|
||
The Geiger input and output files are available via github, above. For
|
||
information on dieharder, see
|
||
https://webhome.phy.duke.edu/~rgb/General/dieharder.php
|
||
|
||
The code is configured to output a stream of 64 bytes of random
|
||
entropy, expressed as 128 hex characters, followed by a CRLF, when a
|
||
user presses a button on the Geiger counter RNG. The interface is a 6
|
||
pin FTDI header, and it transmits TTL serial data at 9600 baud. A
|
||
standard FTDI USB cable connects the Geiger counter RNG to the
|
||
laptop. The serial TTY was configured as follows:
|
||
|
||
stty -F /dev/ttyUSB0 9600 raw
|
||
|
||
Pressing the button caused 64 bytes of entropy to be entered into the
|
||
computation program, without displaying it to the laptop screen, using
|
||
the following command:
|
||
|
||
head -c 128 /dev/ttyUSB0 | ./compute
|
||
|
||
A picture of the RNG, tube, and source can be seen at
|
||
https://twitter.com/RyanPierce_Chi/status/954044819856347137
|
||
|
||
Side channel defenses
|
||
=====================
|
||
|
||
Andrew procured a laptop to serve as the compute node, purchased from
|
||
a randomly chosen 1 out 4 nearby Walmarts and/or Best Buys. The laptop
|
||
purchased was an HP Jaguar 15‑bs060wm, with 8GB of RAM and an Intel
|
||
i3-7100U processor (2.4 GHz, 2 cores). The laptop was booted from a
|
||
USB drive with Ubuntu 16.04. The hard drives and wifi were disabled in
|
||
software, but were *not* removed due to the difficulty in unscrewing
|
||
the laptop.
|
||
|
||
To reduce the risk of side channel attacks, we performed our
|
||
contribution to the ceremony while airborne in Ryan's Piper
|
||
Cherokee. Ryan and Andrew were the only occupants in the aircraft. No
|
||
mobile phones were powered on during the flight. The only mobile
|
||
device in use was an iPad 2, with cellular and WiFi disabled but
|
||
Bluetooth and GPS enabled, running ForeFlight electronic flight bag
|
||
software. We departed on a VFR flight from Waukegan airport (KUGN),
|
||
located in Illinois, near the Wisconsin border. Once we reached 3,000
|
||
feet AMSL, Ryan performed a 360 degree steep turn to assure ourselves
|
||
that no aircraft or drones were following us. We set up the Geiger
|
||
counter RNG and laptop and began the computation. During this time, we
|
||
made occasional random turns, flying over northern Illinois and
|
||
southern Wisconsin while remaining outside the O'Hare Class B
|
||
airspace, until the compute finished. We observed no suspicious
|
||
aircraft attempting to follow us. The total compute time took around
|
||
30 minutes. We then flew to Schaumburg Airport (06C) where we uploaded
|
||
the response file at Pilot Pete's restaurant. We made a return flight
|
||
to Waukegan later that afternoon.
|
||
|
||
Pictures from the trip:
|
||
|
||
https://twitter.com/RyanPierce_Chi/status/954776352225398784
|
||
https://twitter.com/RyanPierce_Chi/status/954777461782470656
|
||
https://twitter.com/RyanPierce_Chi/status/954779454961745921
|
||
https://twitter.com/RyanPierce_Chi/status/954854952396050432
|
||
https://twitter.com/RyanPierce_Chi/status/954908555873849344
|
||
https://twitter.com/RyanPierce_Chi/status/954855811951550464
|
||
|
||
We’re also currently producing a short video about our trip, which we
|
||
plan to publish to Youtube and notify the zapps-wg mailing list.
|
||
-----BEGIN PGP SIGNATURE-----
|
||
Version: GnuPG v1
|
||
|
||
iQIcBAEBAgAGBQJaZisvAAoJEFvUyhfk+7ICLOYQAIX7+nSe6CRVKFuwkjHYXJyu
|
||
Ll5G+X9+Kjrhq0RYXmjix50pEgkpEZhTzKnPxo4tNiiaRc34waKpCAFZpn2Yfpq5
|
||
8o3R3rTDjYlGcMVyWciipUvbtzxfxrs5GRXknTGhtLvhljZM+fq09O4raPn+oj5Y
|
||
tDiFKAO0tKx5wXqlg8diM5AxUfveX6Kov0844ctV+7rP6OYOgCEjqD/o/vM0kVUR
|
||
R5wvh7dqY2VHvh7LYAjUSOwbQ4M+3LCw9fK0dAZrXqT9Yn5DquGYKj39QsHJoJ9R
|
||
4uoDb6ltPJuZDCJ0wBKHiyfMr3++UKTDj6dRkHF2OD7aBk4jPZUC6YCC5zgQFPxL
|
||
MrBv137EBijmtu4uFfT2YM7SJkKa+AGXnhzsIdFKy5U4Ahqa7meA9sDdAHdOgR9W
|
||
RVq9wuO3OnL12Oj53N/PEVtxgmWxHVZfIKP5EPihhSklWC6RU8XVgV4OlfGkkYkA
|
||
YyrYNGjSTDI6YXVNXl4uKttzVg965tSt5+83HhuEFepR3+HFgmXz+suYa53J8rxX
|
||
njESFI0qV7j7VzLnwthAjV5u0ZAY0y9vOTnMB1nLwVZEKl/g3/WNZhDes9xuyYqV
|
||
fAXjVfM2YQ2mQui9U60g0XfSgnO/tnLVG8Fsiv3Jy2yx5baZect8nl3wX6qyWAiM
|
||
d/vM2xKNhdf49qfltNQn
|
||
=rmAp
|
||
-----END PGP SIGNATURE-----
|