Abstract

In this paper we investigate the problem of reverse engineering the specifications of a secret AES-like block cipher defined by a set of non-standard parameters. We allow the designer to modify all parameters of an AES (S-Box table, SR constants, MC coefficients as well as the RW and the RC values) provided that the SPN structure and sizes are preserved. We propose a chosen plaintext FIRE attack based on ineffective fault analysis (IFA) in the "byte stuck at 0" fault model. We describe a step-by-step procedure that recovers the AES-like secret parameters without requiring the knowledge of the encryption key. The soundness and the efficiency of each step is evaluated by simulations. As our attack assumes that no classical countermeasure against side-channel and fault analysis is implemented, it intends to demonstrate that protecting the implementation of such AES-like function is not a facultative option even if its specifications are not public.