Presentation is loading. Please wait.

Presentation is loading. Please wait.

Keyed, symmetric block cipher Designed in 1993. Can be used as a drop-in replacement for DES.

Similar presentations

Presentation on theme: "Keyed, symmetric block cipher Designed in 1993. Can be used as a drop-in replacement for DES."— Presentation transcript:


2 Keyed, symmetric block cipher Designed in 1993. Can be used as a drop-in replacement for DES.

3 As a fast, free alternative to existing encryption algorithms. Variable-length key. From 32 bits to 448 bits.

4 Analyzed considerably Gained acceptance as a strong encryption algorithm. Blowfish is unpatented and license-free, and is available free for all uses. No effective cryptanalysis has been found to date. More attention is now given to block ciphers with a larger block size, such as AES or Twofish.

5 Many other designs were proprietary. Encumbered by patents or kept as government secrets. Blowfish is unpatented, and will remain so in all countries. The algorithm is hereby placed in the public domain, and can be freely used by anyone.

6 Bruce Schneier (born January 15, 1963) American cryptographer, computer security specialist, and writer. Authored several books on computer security and cryptography Founder and chief technology officer of Counterpane Internet Security.

7 Original Blowfish paper Presented at the First Fast Software Encryption workshop in Cambridge, UK April 1994 issue of Dr. Dobb's Journal. September 1995 issue of Dr. Dobb's Journal. Blowfish--One Year Later

8 Two parts: Expansion of the key. Encryption of the data. Expansion of the key: Break the original key into a set of subkeys. Key of no more than 448 bits is separated into 4168 bytes. P-array and four 32-bit S-boxes. P-array contains 18 32-bit subkeys. Each S-box contains 256 entries.

9 The encryption of the data: 64-bit input is denoted with an x P-array is denoted with a Pi (where i is the iteration). 64-bit block size Key length - 32 bits to 448 bits (32-448 bits in steps of 8 bits; default 128 bits). 16-round Feistel cipher Large key-dependent S-boxes.

10 Each line - 32 bits. Algorithm keeps two sub-key arrays: The 18-entry P-array Four 256-entry S-boxes. S-boxes accept 8-bit input Produce 32-bit output. One entry of P-array is used every round. After final round, each half of data block is XORed with one of the two remaining unused P- entries.

11 Initialize the P-array and S-boxes XOR subkey with plaintext. (example) P1 XOR (first 32 bits of key), P2 XOR (second 32 bits of key),... New output of XL is apply to function. Output of function is XOR with XR bits Then perform swap operation. Repeat 16 times.

12 The Blowfish Algorithm

13 Diagram of Blowfish's F function

14 Blowfish's F-function. Splits the 32-bit input into four eight-bit quarters, and uses the quarters as input to the S-boxes. Outputs are added modulo 2 32 and XORed to produce the final 32-bit output. Blowfish is a Feistel network, it can be inverted simply by XORing P17 and P18 to the ciphertext block, then using the P-entries in reverse order.

15 The Function F

16 Key schedule Initialize the P-array and S-boxes with values derived from the hexadecimal digits of pi, which contain no obvious pattern. Secret key XORed with the P-entries in order. A 64-bit all-zero block is then encrypted with the algorithm as it stands. Resultant ciphertext Replaces P1 and P2. Encrypted again with the new subkeys P3 and P4 are replaced by the new ciphertext. Continues, replacing the entire P-array and all the S-box entries. Algorithm will run 521 times to generate all the subkeys - 4KB of data is processed.

17 None known publicly as of 2005 64-bit block size now too short birthday attack. Seems to be secure. Short block size does not pose any serious concerns for e-mail. May not be suitable in situations where large plaintexts must be encrypted.

18 1996, Serge Vaudenay found a known- plaintext attack requiring 28r + 1 known plaintexts to break. r is the number of rounds. Found a class of weak keys that can be detected and broken by the same attack with only 24r + 1 known plaintexts. This attack cannot be used against the full 16-round Blowfish

19 One of the fastest block ciphers in widespread use. Each new key requires pre- processing equivalent to encrypting about 4 kilobytes of text. This prevents its use in certain applications, but is not a problem in others.

20 Carbonite: Online back-up service. AEdit: A free Windows word processor incorporating text encryption. Coolfish: An encrypting text editor for Windows. Foopchat: Encrypted chat and advanced file sharing using a client/server architecture. JFile by Land-J Technologies: A database program for the PalmOS platform. Freedom by Zero-Knowledge: Privacy for web browsing, e-mail, chat, telnet, and newsgroups.

21 Wikipedia (The free encyclopedia) Site: Bruce Schneier Site: Prince of Songkla University, Hat Yai, Thailand

Download ppt "Keyed, symmetric block cipher Designed in 1993. Can be used as a drop-in replacement for DES."

Similar presentations

Ads by Google