comments about secret data safety

This commit is contained in:
Kobi Gurkan 2020-04-27 14:29:11 +03:00 committed by poma
parent d79ba70c89
commit d0accedf87
No known key found for this signature in database
GPG Key ID: BA20CB01FE165657
2 changed files with 3 additions and 1 deletions

@ -28,7 +28,7 @@ main().catch(console.error)
## Security Warnings ## Security Warnings
This library does not make any guarantees about constant-time operations, memory access patterns, or resistance to side-channel attacks. This library does not make any guarantees about constant-time operations, memory access patterns, or resistance to side-channel attacks. To see possible measures to protect the secret data generated during the ceremony, see the [Powers of Tau readme][../powersoftau/README.md].
## License ## License

@ -56,6 +56,8 @@ Put your hash from output response to private gist (example: https://gist.github
Participants of the ceremony sample some randomness, perform a computation, and then destroy the randomness. **Only one participant needs to do this successfully to ensure the final parameters are secure.** In order to see that this randomness is truly destroyed, participants may take various kinds of precautions: Participants of the ceremony sample some randomness, perform a computation, and then destroy the randomness. **Only one participant needs to do this successfully to ensure the final parameters are secure.** In order to see that this randomness is truly destroyed, participants may take various kinds of precautions:
* putting the machine in a Faraday cage * putting the machine in a Faraday cage
* rebooting the machine afterwards
* rebooting the machine afterwards and disconnecting RAM
* destroying the machine afterwards * destroying the machine afterwards
* running the software on secure hardware * running the software on secure hardware
* not connecting the hardware to any networks * not connecting the hardware to any networks