Probable copy-paste error in PSPICE's AES-256 implementation shrinks effective keyspace to 2^32 and leads to a practical crack of proprietary semiconductor model files
[https://www.reddit.com/r/netsec/comments/1ry14jw/a\_copypaste\_bug\_that\_broke\_pspice\_aes256/](https://www.reddit.com/r/netsec/comments/1ry14jw/a_copypaste_bug_that_broke_pspice_aes256/)
>PSpice is a SPICE circuit simulator from Cadence Design Systems that encrypts proprietary semiconductor model files to protect vendor IP and prevent reuse in third-party SPICE simulators. The encryption scheme is proprietary and undocumented.
>Many third-party component vendors distribute SPICE models exclusively as PSpice-encrypted files, locking them to a single simulator and preventing their use in open-source and alternative tools...
>The attack:
>
>2. For each of the 2\^32 candidate 4-byte values, construct the full 32-byte key (4 candidate bytes + known suffix + zeros) and decrypt the sub-block.
>3. If the first 10 bytes of the decrypted sub-block equal `"0001.0000 "`, the candidate is correct.
>Exhaustive search of all 2\^32 candidates takes seconds with AES-NI, or under 1 second on a GPU.