170 likes | 586 Vues
Blowfish Algorithm. The Blowfish Encryption Algorithm. Keyed, symmetric block cipher Designed in 1993 . C an be used as a drop-in replacement for DES. The Blowfish Encryption Algorith m (cont.). As a fast, free alternative to existing encryption algorithms. Variable-length key.
E N D
The Blowfish Encryption Algorithm • Keyed, symmetric block cipher • Designed in 1993 . • Can be used as a drop-in replacement for DES.
The Blowfish Encryption Algorithm (cont.) • As a fast, free alternative to existing encryption algorithms. • Variable-length key. • From 32 bits to 448 bits.
The Blowfish Encryption Algorithm (cont.) • Analyzed considerably • Gained acceptance as a strong encryption algorithm. • Blowfish is unpatented and license-free, and is available free for all uses. • No effective cryptanalysis has been found to date. • More attention is now given to block ciphers with a larger block size, such as AES or Twofish.
The Blowfish Algorithm • Two parts: • Expansion of the key. • Encryption of the data. • Expansion of the key: • Break the original key into a set of subkeys. • Key of no more than 448 bits is separated into 4168 bytes. • P-array and four 32-bit S-boxes. • P-array contains 18 32-bit subkeys. • Each S-box contains 256 entries.
The Blowfish Algorithm: Key Expansion (cont) • The encryption of the data: • 64-bit input is denoted with an x • P-array is denoted with a Pi (where i is the iteration). • 64-bit block size • Key length - 32 bits to 448 bits (32-448 bits in steps of 8 bits; default 128 bits). • 16-round Feistel cipher • Large key-dependent S-boxes.
The Blowfish Algorithm: Key Expansion (cont) • Each line - 32 bits. • Algorithm keeps two sub-key arrays: • The 18-entry P-array • Four 256-entry S-boxes. • S-boxes accept 8-bit input • Produce 32-bit output. • One entry of P-array is used every round. • After final round, each half of data block is XORed with one of the two remaining unused P-entries.
The Blowfish Algorithm: Key Expansion (cont) • Initialize the P-array and S-boxes • XOR subkey with plaintext. • (example) P1 XOR (first 32 bits of key), P2 XOR (second 32 bits of key), ... • New output of XL is apply to function . • Output of function is XOR with XR bits • Then perform swap operation. • Repeat 16 times.
The Blowfish Algorithm: Encryption (cont) Diagram of Blowfish's F function
The Blowfish Algorithm: Encryption (cont) • Blowfish's F-function. • Splits the 32-bit input into four eight-bit quarters, and uses the quarters as input to the S-boxes. • Outputs are added modulo 232 and XORed to produce the final 32-bit output. • Blowfish is a Feistel network, it can be inverted simply by XORing P17 and P18 to the ciphertext block, then using the P-entries in reverse order.