Looking good! I've added this response file to the transcript and will update the attestation repo soon.
I am letting someone see if they can contribute tonight before Alyssa tomorrow, but if they can't we'll just move on to Alyssa. Sean On Mon, Nov 20, 2017 at 4:05 PM, Miguel Angel Marco Buzunariz via zapps-wg <zapps...@lists.z.cash.foundation> wrote: > Powers of Tau Operational Write-up > ============================= > > Round: 12 > > Date: 2017-11-20 > > Name: Miguel Angel Marco Buzunariz > > Location: Spain > > Response: BLAKE2b > 22fd2b37f794b19dab85cfbb3dd018c8ab7a07e44b34394449ab1b28ed7ef133e8ca0fc77a497670a622dfb1e74e8af57cda01cc9b8614ba65a29a0d64dadadf > > Procedure > ================= > > * Followed the plan written in plancommit.txt (sha256hash > 8829a8a45363c98ced7d6059e90b9095f875863c78ba8474ea9017e9e9820405), to which I > commited in the mailing list. > > * Preparation: > * Downloaded [Powers of Tau](https://github.com/ebfull/powersoftau) commit > d47a1d3d1f007063cbcc35f1ab902601a8b3bd91, and compiled it in a gentoo linux > box with rustc 1.21.0-dev (compiled in the same system). Obtained a `compute` > binary with sha256hash > 2603d31c9394ac624a0a3bceb5c9d227f73447dac29c4e2a598dd69590c92cd3 > * Take the hard drive and wifi card out of an old core2duo laptop with 4GB > RAM to be used as airgapped node > * Download a Linux Mint 18.2 Kde .iso file from its website, and > (sha256hash 9173901fbead7d2ece2454f8f51dbb375e1dfdfc74cfaef450342a3144955fe1) > and burn it in six different usb drives. > * Ceremony > * Downloaded the `challenge` file from https://s3-us-west-2.amazonaws.com/ > powersoftau/lOg9HOyt0u1cxR0djXfFX1gmwLnU0y56/index.html, checked its > sha256hash f767da9aa257a15869ead2e2c7b9019f5cbb3ae9454bf9cff2456b0cf73dd36e > * Copied the `challenge` file and the `compute` binary to six different > usb > drives. > * Chose one of the 6 Linux Mint usb drives at random (rolling a dice) and > boot the airgapped node with it. Keep the other five untouched. > * Chose one of the 6 usb drives with the `challenge` and `compute` files > at > random (dice roll) and insert it in the airgapped machine. Keep the other five > untouched. > * Checked the hash of the `compute` and `challenge`files in the airgapped > machine, and run `compute` > * Inserted the source of entropy: a bunch of random keys, plus the result > of 50 dice rolls. > * Copied the sha256hash of the `response` file ( > d7c3f0f75867bed812e056a7ddef6b7994d2d9b3c658c60cbdd18f1e6a06dacf ) > * Burnt the `response` file to six different DVD-R > * Chose one of the DVD-R at random with a dice, insert it in the network > node, copied its content to the hard drive and verified the hash. The other > five > were kept untouched. > * Uploaded the response file to the [Amazon S3 > bucket](https://s3-us-west-2.amazonaws.com/powersoftau/lOg9HOyt0u1cxR0djXfFX1gmwLnU0y56/index.html) > > Side channel defenses > ================= > > Entropy source: Many keys pressed at random, plus the result of 50 dice rolls. > > Computation took place on an airgapped machine, with no wifi card nor hard > drive. The media that was used to move information between the compute mode > was copied in 6 different devices, only one of each (chosen at random with a > dice) was inserted in the other machine, the other five will be kept untouched > for several months at least. > > The following material will be kept available for forensic audit in case > someone is interested in doing it: > > * airgapped machine (will be kept turned off, with no battery and no power > cable). > * the six usb drives with the live linux system (the one actually used and the > other five that didn't gt in touch with the airgapped machine) > * the six usb drives with the `compute` binary, and the `challenge` file > (again > one was used, and the other five didn't get in contact with the airgapped > machine) > * the six DVD-R with the `response` file (again, one was actually inserted in > the network node, and the other five never touched it) > > I plan to keep this material for several months. If someone is interested in > auditing it, please get in touch with me. In case nobody shows interest, I > might decide to reuse all or part of it at some point. > > > > Miguel Angel Marco Buzunariz > Universidad de Zaragoza > mma...@unizar.es
