132 lines
4.6 KiB
Plaintext
132 lines
4.6 KiB
Plaintext
-----BEGIN PGP SIGNED MESSAGE-----
|
||
Hash: SHA1
|
||
|
||
Powers of Tau Operational Writeup
|
||
=================================
|
||
|
||
Date: 2017-11-17
|
||
Name: Cody Burns
|
||
Location: MTR train >> Hong Kong China
|
||
|
||
Challenge:
|
||
4f86db7dd1edf502d28d3febe59018e865c9227e2ab33eeee0fb33c91d761c11891bc076bbf80b7fbea911f354eec509b5dadd8ba678c6b53dbc6e5479d3117a
|
||
Response:
|
||
3002034f75e83f530d9a949071e6fb28a9f1e39c563bced27d91bf5cc45f0c16e866ffb30c912cf7648bde08f0709f1846d758ecfcec62dcdc2eb16c685e60d1
|
||
|
||
Preparation Steps
|
||
=================
|
||
|
||
Git repository: https://github.com/ebfull/powersoftau
|
||
Commit hash: 9e1553c437183540392a7231d0788318a19b18a3
|
||
Compiler: rustc 1.21.0 (3b72af97e 2017-11-09)
|
||
cargo 0.22.0 (3423351a5 2017-10-06)
|
||
Build: cargo build --release --features=u128-support
|
||
|
||
vm: VirtualBox-5.1.28-117968-Win; b2sum:
|
||
f59139212d894bee17ecce234ad57bae188348856b5d85ca4cea46247d9b87e453c807e002b3277cf348df61502a6caaf549a154af0a8b8648b87ddf2d627326
|
||
Level 1: ubuntu-16.04.3-desktop-amd64.iso; b2sum:
|
||
fa6650810ad70a6a13b5baf33180499f115c2fd160e655b329fa1f708e1f0803432b5a70446e64522107eff67097222e77bd592420c536ed634b2677c5b9befc
|
||
|
||
sha256sum:
|
||
b2sum-amd64-windows.exe:914abb5152d7f179ca377c843494fe718a87023320edcbbfe8dba6010f57e94a
|
||
b2sum-amd64-linux:
|
||
529c90f8cd003b3485defef239a5ae7f62470342c3a65493abfba9e190413451
|
||
|
||
- - - From random street market vendors in Hong Kong
|
||
4x4 puzzle cube -- unhashable
|
||
|
||
2 usb drives
|
||
(so much virus scanning and formating)
|
||
Spongebob usb formatted and installed Ubuntu
|
||
I reformatted a pikichu USB stick to ext4, then copied the
|
||
`challenge` file and the `target/release/compute` binary.
|
||
|
||
Side channel Defenses
|
||
====================
|
||
|
||
Entropy source: using "4x4 cube" toy,
|
||
- - key/value wordlist created on flight Houston >> San Francisco. Hand
|
||
written on "air sick" bag
|
||
- - eBook reader last updated: 7/7/2017
|
||
- - 1 book from 168 chosen based on first 2 numbers of b2sum sha256,
|
||
"Nueromancer" (fitting)
|
||
- - Key: 6 page numbers chosen at random
|
||
- - Value: 6 unique words chosen per page
|
||
- - Mapping: Center color square == key; reading left to right, top to
|
||
bottom, color == value for word
|
||
- - Process:
|
||
- - on "compute trip"
|
||
- - random turns to scramble set
|
||
- - solve 6 center squares
|
||
- - "roll cube like dice"
|
||
- - enter word set
|
||
- - repeat 3 times: 36 total words (key square omitted from set)
|
||
|
||
Physical/electronic monitoring:
|
||
All steps preformed on an airgapped laptop in "blackout bag" on a moving
|
||
train under the city of Hong Kong so
|
||
no casual monitoring could be employed,
|
||
any physical altercations would be highly unlikely,
|
||
and I would be traveling hundreds of km per hour in a faraday cage over
|
||
under rock and chaos
|
||
|
||
Procedure
|
||
=========
|
||
|
||
Prep: on the first leg of multi-leg flight created wordlist
|
||
|
||
Dwell time: Stay in coffin hotel in questionable part of town with only
|
||
paper checkin and no english, purchase supplie;received new Challenge from
|
||
Sean
|
||
|
||
Compute:
|
||
Level 0 -
|
||
Computer in airplane mode wifi chip disabled
|
||
I started windows and the vm with ubuntu 16 desktop(level 1) with
|
||
no network bridging.
|
||
|
||
Level 1:
|
||
I compiled the compute binary, and transfered to spongebob
|
||
Level 2: loaded linux Pikichu usb -"Try Ubuntu" (Live CD mode).
|
||
I imported the previous challenge/response codes and verified them.
|
||
Enter the train.
|
||
I then began the entropy creation "ceremony" and entered the values.
|
||
Wrote down BLAKE2b hash, unmounted drives
|
||
|
||
|
||
Postprocessing
|
||
==============
|
||
|
||
Destroyed level 2 and level 1 vm image
|
||
|
||
I took the USB stick and transferred the response file to level zero, and
|
||
then
|
||
uploaded it using the laptop to the aws s3 site from my phone using tor
|
||
over airport wifi and posted the image hash on twitter as well as the
|
||
mailing list
|
||
|
||
image: ipfs/QmZkVPctuTTDbNfT5fM3aYbDPwBB9hMFjBDSRhNswNx9j3
|
||
- - - --
|
||
Cody Burns, CodyWBurns.com
|
||
<EFBFBD>
|
||
|
||
Ethereum Classic Development community
|
||
Blockchain Architect
|
||
codywburns.com
|
||
-----BEGIN PGP SIGNATURE-----
|
||
|
||
iQIcBAEBAgAGBQJaH6SeAAoJEKqQJQBqHvzPLx0P/05P9UcuV/knVys+T2b3r8We
|
||
tICwRr1EHYhzxgqczUvE0T4GgHz2TqfYvYdpbnJNFcO8urru8cSrp60UL6W2rtSB
|
||
IeBzyAETK/sfkV7SJVVSRY8d2AsjQzHHX4IoCv5HxElpb/NhbfqH0+z+xukJciW2
|
||
sc93x6S4OWqR4OvGkNIbjSL+Nu/ZnTYHOMUxw8vq8vrrPPUuRDv6D9E43U0Ga3uQ
|
||
XixDYqaXbrqmy7MzjOQZY9Dg+DTJXddemgYPdUEHmBCY4CBO4v4DuH8y2q7VRpVF
|
||
AsHyJ5soS2VS5LUVYF8Vy1YE8ukVi0z8JDvdsZCMChz1dP0vA0vHnMfehj0vNEcq
|
||
pqZNnoPoKZTLrkNrUDxBuvaiiMAK0ixT+4F5JwNeSbMwR5w2SoCn8so8+o0v0GWv
|
||
ltiLMgiqFfFzGuxtWXvTGqpv0zhnh6DzKU33mGLL4YiGOI662sZPaV0ow3R5oCp3
|
||
rlfQhoYeMEN3cygi+4rB9qgkvkkIBX2ELFrMpg4/UCXWGFuopTIRGO+dnVKwLwt5
|
||
57FD3UE3qPKlv0Azh8J37lvR0oPDLNEKOf65sbt1cZhe0XUCCDG3cTGmgeZPg8aV
|
||
aP5tVrvcUbeu7rkCpd5wDaoTl1+ss+ApfR6bUUd1Jc0LTfnjU2MMX8pradMrLLOA
|
||
iHNx5oiEBQ9xWjC+mhGD
|
||
=iHp+
|
||
-----END PGP SIGNATURE-----
|