Zcash Genesis Ceremony

Read an account of the Zcash Genesis Ceremony as told by the seemingly confused (and possibly hacked) designated journalist. Answer the questions and post your answers below:

https://spectrum.ieee.org/tech-talk/computing/networks/the-crazy-security-behind-the-birth-of-zcash

Questions:

  1. How many ‘stations’ were there for the genesis ceremony?
  2. How many stations must be compromised to break Zcash’s encryption?
  3. What is the rationale for keeping the ceremony secret?
  4. What is a ‘side channel attack’?
  5. OPINION: Does this story give you more or less trust in the security of Zcash?
  1. There were 6 stations, 5 were immobile and one was mobile.
  2. All six have to be compromised.
  3. They increase the security of the procedure, because only a few people were aware about it.
  4. Side channel attacks are attempts to spy on a device without actually having access to it but just by observing its activity and working to understand the causes.
  5. It looks secure from a technical perspective and the people that handle it are certainly very capable, as proved by the mobile phone episode that is described. I would say that I trust it more than before, also because I didn’t know much of the concepts behind it.
2 Likes

1.There were 6 stations.The headquarters in Boulder was one of five “immobile” stations, all of which were participating in the ceremony from different cities across the planet. One mobile station was doing its part while making a mad dash across British Columbia. The generation of the keys was decentralized such that each station would only be responsible for creating a fragment of the bad key. For the ceremony, a cryptographic algorithm was custom designed that created a full version of the zk-SNARK parameters while keeping the pieces of the bad key segregated, a process that took two days of relaying data back and forth among the six stations.

2.The benefit of dividing up the work in this way is that no one participant can compromise the ceremony. Each fragment of the bad key is worthless unless it is combined with all the others. It cannot even be brought into existence unless all members of the ceremony collude or an attacker successfully compromises all six of the participating stations.

3.By keeping the details of the ceremony software secret, the Zcash team limited their security audit to just a handful of people inside the company, but they may also have made it more difficult for an attacker to make the kinds of preparations that would be necessary to mount a successful side channel attack.

4.The idea behind side channel attacks is that you don’t have to have direct access to a computer’s data in order to spy on it. Often, you can piece together some idea of what a computer is doing by examining what’s going on with the physical components. What frequencies are humming across the metal capacitors in a laptop? How much power is it pulling from the wall? How is the voltage fluctuating? The patterns in these signals can leak information about a software program’s operation, which, when you’re running a program that you want to keep secret, can be a problem.emphasized text

5.I dont know much about the security in Zcash from before. But it was a good story :slight_smile:

1 Like
  1. How many ‘stations’ were there for the genesis ceremony?

5 Immobile Stations and 1 Mobile Station

  1. How many stations must be compromised to break Zcash’s encryption?

All 6 stations

  1. What is the rationale for keeping the ceremony secret?

For the ceremony, a cryptographic algorithm was custom designed that created a full version of the zk-SNARK parameters while keeping the pieces of the bad key segregated, a process that took two days of relaying data back and forth among the six stations.

  1. What is a side-channel attack’?

The idea behind side channel attacks is that you don’t have to have direct access to a computer’s data in order to spy on it. Often, you can piece together some idea of what a computer is doing by examining what’s going on with the physical components.

  1. OPINION: Does this story give you more or less trust in the security of Zcash?

It gives me more trust in the security of Zcash. They are working tirelessly at making our private information private.

1 Like
  1. 6 Stations
  2. All of them
  3. If they were seeb, it could completely compromise the security of the currency.
    4.you don’t have to have direct access to a computer’s data in order to spy on it. Often, you can piece together some idea of what a computer is doing by examining what’s going on with the physical components. What frequencies are humming across the metal capacitors in a laptop? How much power is it pulling from the wall? How is the voltage fluctuating? The patterns in these signals can leak information about a software program’s operation, which, when you’re running a program that you want to keep secret, can be a problem.
  4. Personally, it gives me less trust. I find the technology behind XMR far more convincing.
1 Like
  1. How many ‘stations’ were there for the genesis ceremony?
    5

  2. How many stations must be compromised to break Zcash’s encryption?
    all of the them have to be compromised

  3. What is the rationale for keeping the ceremony secret?
    to prevent people extracting the master key through a coordinated attack

  4. What is a ‘side channel attack’?
    spying on computer data without direct access, for example listening to the sound while doing computations

  5. OPINION: Does this story give you more or less trust in the security of Zcash?
    no complete trust because this whole story could be made up or one of the participants in the ceremony could still have a secret backdoor. The problem is that this story cannot be fully audited.

1 Like
  1. How many ‘stations’ were there for the genesis ceremony?
    Five immobile and one mobile.

  2. How many stations must be compromised to break Zcash’s encryption?
    All of them.

  3. What is the rationale for keeping the ceremony secret?
    Protect the generation of the initial parameters for zk-SNARKS.

  4. What is a ‘side channel attack’?
    Extract information of the software running by a digital device studying its physical behaviour.

  5. OPINION: Does this story give you more or less trust in the security of Zcash?
    More trust… as we learn more about the digital surveillance we were/are under, this story makes more sense.

1 Like
  1. 6 stations
  2. All of them
  3. To increase the security
  4. The idea behind side channel attacks is that you don’t have to have direct access to a computer’s data in order to spy on it. Often, you can piece together some idea of what a computer is doing by examining what’s going on with the physical components.
  5. More trust and I will try it soon.
1 Like

1- 6 stations

2- All of them

3- For security reasons to preserve the integrity of the currency.

4- The idea behind side channel attacks is that you don’t have to have direct access to a computer’s data in order to spy on it. Often, you can piece together some idea of what a computer is doing by examining what’s going on with the physical components. What frequencies are humming across the metal capacitors in a laptop? How much power is it pulling from the wall? How is the voltage fluctuating? The patterns in these signals can leak information about a software program’s operation, which, when you’re running a program that you want to keep secret, can be a problem.

5- I don’t make conclusions from one article, I need to know much more about the coin to make any conclusions.

2 Likes

Thanks diogozas… :v:

2 Likes
  1. How many ‘stations’ were there for the genesis ceremony?
    • 6
  2. How many stations must be compromised to break Zcash’s encryption?
    • 6
  3. What is the rationale for keeping the ceremony secret?
    • To make it more difficult for an attacker to make the kinds of preparations that would be necessary to mount a successful side channel attack.
  4. What is a side-channel attack’?
    • An indirect spying attack where you interpret from the computational straining effects of a machine, what it is computing.
  5. OPINION: Does this story give you more or less trust in the security of Zcash?
    • The only part of the story that affects my trust of zcash, is that because the current state cannot be audited fully we have to trust the creators of zcash that every piece of this highly complex genesis ceremony is designed with flawless security and then that the highly complex ceremony is executed flawlessly by those same creators…
2 Likes
  1. There were 6 ‘stations’ (5 “immobile” + 1 moving inside a car)
  2. One would need all 6 pieces to rebuild the bad-key parameter.
  3. To avoid some outsider to be able to prepare a “side channel attack”
  4. A ‘side channel attack’ is a kind of “long distant” or “non contact” security/information attack to extract secret or any usable information from a system through a non supposed to used information source like a voltage surge or from a fan noise or hd-led light oscillation reverse decoding.
  5. TLDR: the story give me more trust in the security of Zcash.
    IMHO (In My Humble Opinion) this story is a little ‘romanticized’ to enhance the importance of ‘security’ in itself so that Zcash stands out from the own ceremony, and for me is a nice story and really nice way to grab your attention on the importance that ‘privacy’ should have and has to Zcash founders.

Ear the podcast with this Zcash Ceremony story.

at the end of the podcast ‘Zooko Wilcox’ says to the journalist that the “Ceremony” would be repeated again because of Zcash protocol upgrade would need new parameters being generated again…
And the official Zcash Ceremony

2 Likes
  1. 6 stations, 5 were immobile and one was mobile.
  2. All six.
  3. They increase the security of the procedure, because only a few people were aware about it.
  4. Side channel attacks are attempts to spy on a device without actually having access to it but just by observing its activity & working to understand the causes.
  5. Based on 1 article i am not able to give you my opinion.
1 Like

1.6 statios
2.the 6 stations must be comprimised
3.to make it more difficult to mont a attack,
4.an attack, not directly on a the pc, but by listening to the noise it was making while doing calculations, voltage differences and other electrical observations to determine what program it was running. i still don’t see how you steal any critical info though, you just deduct a computer is running a program
5.probably less. basically if you need to destroy info to keep it secret, that seems less reliable to me

1 Like
1. How many ‘stations’ were there for the genesis ceremony?

6 each responsible for generating a part of the key.

2. How many stations must be compromised to break Zcash’s encryption?

All 6 of them

3. What is the rationale for keeping the ceremony secret?

To minimize the ability for attackers to compromise the ceremony as they would not know the details of where and when until the last minute.

4. What is a ‘side channel attack’?

Measuring physical characteristics of electronic components like the sound they generate to infer information about what the computer is doing.

5. OPINION: Does this story give you more or less trust in the security of Zcash?

Sounds a little sensationalist. If a leading researcher on side channel attacks was part of the team then why wouldn’t they take physical measures to prevent that kind of attack? (like sound proofing) For me it seems like 1 step forward in trust and 1 step back.

1 Like
  1. 6
  2. All of them
  3. A special cryptographic key is generated from which to get initial parameters for the protocol which could never be known by anyone or the security would be compromised.
  4. An attack from a device not connected to the network or any other device.
  5. I was leary of it before, now I would certainly not rely on its security.
1 Like
  • How many ‘stations’ were there for the genesis ceremony?
    6 stations.

  • How many stations must be compromised to break Zcash’s encryption?
    All six of the participating stations.

  • What is the rationale for keeping the ceremony secret?
    Protection of the code.

  • What is a ‘side channel attack’?
    The idea behind side channel attacks is that you don’t have to have direct access to a computer’s data in order to spy on it.

  • OPINION: Does this story give you more or less trust in the security of Zcash?
    More trust.

1 Like

1. How many ‘stations’ were there for the genesis ceremony?
There were six stations for the genesis ceremony.

2. How many stations must be compromised to break Zcash’s encryption?
All six stations must be compromised to break Zcash’s encryption.

3. What is the rationale for keeping the ceremony secret?
The rationale for keeping the ceremony a secret was to make it more difficult for bad actors to plan an attack.

4. What is a side-channel attack’?
A side-channel attack is an attack that uses a computer’s physical components to gather information such as patterns in the electricity pull, voltage fluctuations, and coil whine.

5. OPINION: Does this story give you more or less trust in the security of Zcash?
This story has given me more trust in the security of Zcash. It seems like overkill, however, to perform such an outrageous ceremony—not to mention the fact that very few people understand the technology. On the flip side, very few people understood Bitcoin during its inception(many refuse to even now). I will say that this story certainly made Zcash much more interesting than some modestly-tweaked Bitcoin protocol privacy coin.

1 Like
  1. How many ‘stations’ were there for the genesis ceremony?
    Five “immobile” and one mobile stations.

  2. How many stations must be compromised to break Zcash’s encryption?
    All stations.

  3. What is the rationale for keeping the ceremony secret?
    To “minimize” the possibility that the bad key gets leaked.

  4. What is a side-channel attack’?
    A way of “stealing” information form a system using an unintended pathway that leaks information from one system to another (usually both are software programs).

  5. OPINION: Does this story give you more or less trust in the security of Zcash?
    As long as the process violates the “verify, then trust” principle (I think that the secretism of the whole process makes it difficult to verify it), and there were some strange things happening during the ceremony the story gives me a poor trust in the security of Zcash.

2 Likes

Q1: 6 in total

Q2: Each had a “different ingredient for the cake” so all 6 must be compromised

Q3: To ensure the bad key did not get out into hands that it should not be in

Q4: A side attack is when you dont have direct access to a computer and its info and instead look for physical clues to paint a picture of what the CPU is doing/running.

Q5: Trust IMO is earned and information coming from sources is only good if you can trust the source. Why did Wilcox not seem too concerned about stopping the attack if he went thru hell and high water to set up a ceremony to make sure no one could get the bad key? Did he have info that we do not have? Who is “they” referring to when he later says “they are very far from winning”? A business competitor, the NSA, the KGB, MI6 who knows for sure? If you are like most people then you most likely carry your phone on your person or at the very least know where its at most of the time so how did this journalist just randomly misplace his phone and not find it weird that it was just lying there on the bed? Also they had cameras set up shooting the entire room “allegedly” so why not run them back to see how it ended on the bed? What about the weird texts he said he received days prior to the ceremony and Google is already known to be compromised so why use Hangouts in the first place? IDK things here seem a little off or it might just be my overactive mind having too much fun.

1 Like