crypto

50 Articles

Hacking An NVIDIA CMP 170HX Crypto GPU For EM Sim Work

September 11, 2024 by 7 Comments

A few years back NVIDIA created a dedicated cryptocurrency mining GPU, the CMP 170HX. This was a heavily restricted version of its flagship A100 datacenter accelerator, using the same GA100 chip. It was intended for accelerating Ethash, the Etherium proof-of-work algorithm, and nothing else. [niconiconi] bought one to use for accelerating PCB electromagnetic simulations and put a lot of effort into repairing the card, converting it to water-cooling, and figuring out how best to use this nobbled GPU.

Typically, the GA100 silicon sits in the center of the mighty A100 GPU card and would be found in a server rack, cooled by forced air. This was not an option at home, so an off-the-shelf water-cooling block was wedged in. During this process, [niconconi] found that the board wouldn’t power on, so they went on a deep dive into the power supply tree with the help of a leaked A100 schematic. The repair and modifications can be found in the appendix, right down to the end of the article. It is a long read to get there.

Continue reading “Hacking An NVIDIA CMP 170HX Crypto GPU For EM Sim Work”

Undo Arduino Encryption With An Oscilloscope

July 14, 2024 by 16 Comments

Cryptography ain’t easy. Seemingly small details like how many times a computationally intensive loop runs can give the game away. [Lord Feistel] gives us a demo of how this could work with nothing more than poorly designed code, a resistor, and an oscilloscope.

The hardware side is, as mentioned, really simple. Put a resistor inline with the Arduino and monitor the voltage drop across the resistor with the scope. When the chip is working hard, it consumes more current, and code sections that take longer will show up as longer dips.

On the software end, it’s only a little more complicated.  The RSA encryption scheme involves a lot of exponentiation and modulo-taking. Here, [Lord Feistel] is targeting a naive way of computing the exponents quickly, and demonstrates how you can read the exponent straight out the chip’s power demand.

Implementing this attack against a real-world RSA algorithm, in the context of the Arduino doing other stuff, will be harder. And we don’t know if the algorithm implemented in “standard” Arduino libraries is smarter than this one. (If you know, let us know in the comments.) But still, this is a cool example of just how simple and straightforward it can be to eavesdrop on bad code.

If you only need to bypass encryption instead of breaking it, check out [Lord Feistel]’s other tutorial on power glitching that we featured previously. If you haven’t played around with the hardware side of security, it gets deep pretty quickly, but you can at least dip your toes in the shallow end with what you’ve got in your closet.

This Week In Security: Putty Keys, Libarchive, And Palo Alto

April 19, 2024 by 3 Comments

It may be time to rotate some keys. The venerable PuTTY was updated to 0.81 this week, and the major fix was a change to how ecdsa-sha2-nistp521 signatures are generated. The problem was reported on the oss-security mailing list, and it’s quite serious, though thankfully with a somewhat narrow coverage.

The PuTTY page on the vulnerability has the full details. To understand what’s going on, we need to briefly cover ECDSA, nonces, and elliptic curve crypto. All cryptography depends on one-way functions. In the case of RSA, it’s multiplying large primes together. The multiplication is easy, but given just the final result, it’s extremely difficult to find the two factors. DSA uses a similar problem, the discrete logarithm problem: raising a number to a given exponent, then doing modulo division.

Yet another cryptography primitive is the elliptic curve, which uses point multiplication as the one-way function. I’ve described it as a mathematical pinball, bouncing around inside the curve. It’s reasonably easy to compute the final point, but essentially impossible to trace the path back to the origin. Formally this is the Elliptic Curve Discrete Logarithm Problem, and it’s not considered to be quantum-resistant, either.

One of the complete schemes is ECDSA, which combines the DSA scheme with Elliptic Curves. Part of this calculation uses a nonce, denoted “k”, a number that is only used once. In ECDSA, k must be kept secret, and any repetition of different messages with the same nonce can lead to rapid exposure of the secret key.

And now we get to PuTTY, which was written for Windows back before that OS had any good cryptographic randomness routines. As we’ve already mentioned, re-use of k, the nonce, is disastrous for DSA. So, PuTTY did something clever, and took the private key and the contents of the message to be signed, hashed those values together using SHA-512, then used modulo division to reduce the bit-length to what was needed for the given k value. The problem is the 521-bit ECDSA, which takes a 521-bit k. That’s even shorter than the output of a SHA-512, so the resulting k value always started with nine 0 bits. Continue reading “This Week In Security: Putty Keys, Libarchive, And Palo Alto”

Hackaday Links Column Banner

Hackaday Links: January 8, 2023

January 8, 2023 by 12 Comments

Something odd is afoot in the mountains around Salt Lake City, Utah, at least according to local media reports of remote radio installations that have been popping up for at least the past year. The installations consist of a large-ish solar panel, a weatherproof box full of batteries — and presumably other electronics, including radios — and a mast bearing at least one antenna. Local officials aren’t quite sure who these remote setups belong to or what they’re intended to do, but the installations obviously represent a huge investment in resources.

The one featured in the story was located near the summit of Twin Peaks, which is about 11,000 feet (3,300 meters) in elevation, which with that much gear was probably a hell of a hike. Plus, the owner took great pains to make sure the site would withstand the weather, with antenna mast guy wires that must have required lugging a pretty big drill up with them. There aren’t any photos of the radios in the enclosure, but one photo shows a 900-MHz LORA antenna, while another shows what appears to be a panel antenna, perhaps pointing toward another site. So maybe a LORA mesh network? Some comments in the Twitter thread show most people are convinced this is a Helium crypto mining rig, but the Helium Explorer doesn’t show any hotspots listed in that area. Either way, the owners are out of luck, since their gear is being removed if it’s on public land.

Continue reading “Hackaday Links: January 8, 2023”

Hackaday Links Column Banner

Hackaday Links: July 10, 2022

July 10, 2022 by 9 Comments

We always like to call out a commercial success stemming from projects that got their start on Hackaday.io, and so we’re proud to announce the release of MAKE: Calculus by Joan Horvath and Rich Cameron, a book that takes a decidedly different approach to teaching calculus than traditional courses. Geared to makers and hackers, who generally tend to have a visual style of learning, the book makes heavy use of 3D-printed models to illustrate the relationships between functions. The project started five years ago as a 2017 Hackaday Prize entry, and resulted in a talk at the 2019 Supercon. Their book is now available for preorder, and might be a great way to reacquaint themselves with calc, or perhaps even to learn it for the first time. Continue reading “Hackaday Links: July 10, 2022”

Hackaday Links Column Banner

Hackaday Links: July 3, 2022

July 3, 2022 by 10 Comments

Looks like we might have been a bit premature in our dismissal last week of the Sun’s potential for throwing a temper tantrum, as that’s exactly what happened when a G1 geomagnetic storm hit the planet early last week. To be fair, the storm was very minor — aurora visible down to the latitude of Calgary isn’t terribly unusual — but the odd thing about this storm was that it sort of snuck up on us. Solar scientists first thought it was a coronal mass ejection (CME), possibly related to the “monster sunspot” that had rapidly tripled in size and was being hyped up as some kind of planet killer. But it appears this sneak attack came from another, less-studied phenomenon, a co-rotating interaction region, or CIR. These sound a bit like eddy currents in the solar wind, which can bunch up plasma that can suddenly burst forth from the sun, all without showing the usually telltale sunspots.

Then again, even people who study the Sun for a living don’t always seem to agree on what’s going on up there. Back at the beginning of Solar Cycle 25, NASA and NOAA, the National Oceanic and Atmospheric Administration, were calling for a relatively weak showing during our star’s eleven-year cycle, as recorded by the number of sunspots observed. But another model, developed by heliophysicists at the U.S. National Center for Atmospheric Research, predicted that Solar Cycle 25 could be among the strongest ever recorded. And so far, it looks like the latter group might be right. Where the NASA/NOAA model called for 37 sunspots in May of 2022, for example, the Sun actually threw up 97 — much more in line with what the NCAR model predicted. If the trend holds, the peak of the eleven-year cycle in April of 2025 might see over 200 sunspots a month.

So, good news and bad news from the cryptocurrency world lately. The bad news is that cryptocurrency markets are crashing, with the flagship Bitcoin falling from its high of around $67,000 down to $20,000 or so, and looking like it might fall even further. But the good news is that’s put a bit of a crimp in the demand for NVIDIA graphics cards, as the economics of turning electricity into hashes starts to look a little less attractive. So if you’re trying to upgrade your gaming rig, that means there’ll soon be a glut of GPUs, right? Not so fast, maybe: at least one analyst has a different view, based mainly on the distribution of AMD and NVIDIA GPU chips in the market as well as how much revenue they each draw from crypto rather than from traditional uses of the chips. It’s important mainly for investors, so it doesn’t really matter to you if you’re just looking for a graphics card on the cheap.

Speaking of businesses, things are not looking too good for MakerGear. According to a banner announcement on their website, the supplier of 3D printers, parts, and accessories is scaling back operations, to the point where everything is being sold on an “as-is” basis with no returns. In a long post on “The Future of MakerGear,” founder and CEO Rick Pollack says the problem basically boils down to supply chain and COVID issues — they can’t get the parts they need to make printers. And so the company is looking for a buyer. We find this sad but understandable, and wish Rick and everyone at MakerGear the best of luck as they try to keep the lights on.

And finally, if there’s one thing Elon Musk is good at, it’s keeping his many businesses in the public eye. And so it is this week with SpaceX, which is recruiting Starlink customers to write nasty-grams to the Federal Communications Commission regarding Dish Network’s plan to gobble up a bunch of spectrum in the 12-GHz band for their 5G expansion plans. The 3,000 or so newly minted experts on spectrum allocation wrote to tell FCC commissioners how much Dish sucks, and how much they love and depend on Starlink. It looks like they may have a point — Starlink uses the lowest part of the Ku band (12 GHz – 18 GHz) for data downlinks to user terminals, along with big chunks of about half a dozen other bands. It’ll be interesting to watch this one play out.

Hackaday Links Column Banner

Hackaday Links: January 30, 2022

January 30, 2022 by 12 Comments

After all the fuss and bother along the way, it seems a bit anticlimactic now that the James Webb Space Telescope has arrived at its forever home orbiting around L2. The observatory finished its trip on schedule, arriving on January 24 in its fully deployed state, after a one-month journey and a couple of hundred single-point failure deployments. The next phase of the mission is commissioning, and is a somewhat more sedate and far less perilous process of tweaking and trimming the optical systems, and getting the telescope and its sensors down to operating temperature. The commissioning phase will take five or six months, so don’t count on any new desktop photos until summer at the earliest. Until then, enjoy the video below which answers some of the questions we had about what Webb can actually see — here’s hoping there’s not much interesting to see approximately in the plane of the ecliptic.

Continue reading “Hackaday Links: January 30, 2022”