From the article:
The dongle (Scrambler) uses 4 keys / passwords.
1 - 10 characters long is used to identify clusters (when more than one dongle is used to boost throughput).
2 - this is the actual key for SHA1-HMAC
3 - this is used for initialisation vectors.
4 - encryption key for remote commands ENSCRAMBLE and ENGETID. This key is shared with the client (Wordpress in our case) to provide end-to-end encryption of passwords sent for scrambling.
Here are the details from the article about key lengths, etc.
S-CRIB Scrambler Design Basics We use the same hardware as for our Password S-CRIB and only re-implemented the firmware to add required functionality. The keys / passwords now have 32 characters so they can be directly used with AES-256. Each password can give provide up to 199 bits of entropy as we use 76 different characters. The source of passwords is a combination of a "dongle key" (unique for each Scrambler) and a random SHA1 key generated using microsecond timer applied on communication between Scrambler and the host PC.
University of Cambridge's S-CRIB Scrambler resides in a Raspberry Pi...
No it doesn't. The S_CRIB Scrambler is a trusted hardware component implemented as a USB dongle that just happens to be plugged into a Raspberry Pi as a host server.
The current implementation uses Raspberry Pi as an "untrusted" host for web service. It is an inexpensive but sufficiently powerful platform for our password scrambling system.
This could just as easily be plugged into a server or any other PC. My point is that the device has nothing to do with and has no dependency on the Raspberry Pi and to imply otherwise is disingenuous.
Not if one stores a long, fixed salt in the device.
(Here fixed means fixed over all users.)
That sort of defeats the purpose of the salt.
10 random chars are good for 65bits. Log(92^10)/Log(2) = 65.24
Quick question. Where did the 92 come from? Uppercase + Lowercase + digits + special chars? I'm struggling to get to 92 here.
By keeping your mouth shut about these holes, you are pretty much guaranteeing that they will remain open for exploitation. People in positions with the authority to make decisions about patching the holes will remain oblivious, because let's face it, very few of said people have a fucking clue.
Security by obscurity does not work. I believe that we can all agree on that. On the other hand, responsible disclosure means talking to the people who can do something about a discovered issue should be the first step. Once the issue has been addressed, then a wider disclosure is reasonable.
The source for this figure is Richard Garriott, not IEEE. Plenty of people are IEEE members! (My cat's an IEEE member!)
I guess this goes to prove that great old chestnut—linear regression is never wrong, for very small amounts of never and asymptotic amounts of wrong.