FACTOID # 11: Oklahoma has the highest rate of women in State or Federal correctional facilities.
 
 Home   Encyclopedia   Statistics   States A-Z   Flags   Maps   FAQ   About 
   
 
WHAT'S NEW
 

SEARCH ALL

FACTS & STATISTICS    Advanced view

Search encyclopedia, statistics and forums:

 

 

(* = Graphable)

 

 


Encyclopedia > Blowfish (cipher)
Blowfish
The round function (Feistel function) of Blowfish
General
Designer(s): Bruce Schneier
First published: 1993
Successor(s): Twofish
Cipher detail
Key size(s): 32-448 bits in steps of 8 bits; default 128 bits
Block size(s): 64 bits
Structure: Feistel network
Rounds: 16
Best public cryptanalysis
Four rounds of Blowfish are susceptible to a second-order differential attack (Rijmen, 1997); for a class of weak keys, 14 rounds of Blowfish can be distinguished from a pseudorandom permutation (Vaudenay, 1996).

In cryptography, Blowfish is a keyed, symmetric block cipher, designed in 1993 by Bruce Schneier and included in a large number of cipher suites and encryption products. Blowfish provides a good encryption rate in software and no effective cryptanalysis of it has been found to date. However, the Advanced Encryption Standard now receives more attention. Image File history File links BlowfishFFunction. ... Bruce Schneier Bruce Schneier (born January 15, 1963) is an American cryptographer, computer security specialist, and writer. ... Year 1993 (MCMXCIII) was a common year starting on Friday (link will display full 1993 Gregorian calendar). ... In cryptography, Twofish is a symmetric key block cipher with a block size of 128 bits and key sizes up to 256 bits. ... In cryptography, the key size (alternatively key length) is the size of the digits used to create an encrypted text; it is therefore also a measure of the number of possible keys which can be used in a cipher, and the number of keys which must be tested to break... In modern cryptography, symmetric key ciphers are generally divided into stream ciphers and block ciphers. ... In cryptography, a Feistel cipher is a block cipher with a particular structure, named after IBM cryptographer Horst Feistel; it is also commonly known as a Feistel network. ... Cryptanalysis (from the Greek kryptós, hidden, and analýein, to loosen or to untie) is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so. ... Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. ... In cryptography, a weak key is a key which when used with a specific cipher, makes the cipher behave in some undesirable way. ... In cryptography, a pseudorandom permutation, abbreviated PRP, is an idealized block cipher. ... The German Lorenz cipher machine, used in World War II for encryption of very high-level general staff messages Cryptography (or cryptology; derived from Greek κρυπτός kryptós hidden, and the verb γράφω gráfo write or λεγειν legein to speak) is the study of message secrecy. ... A key is a piece of information that controls the operation of a cryptography algorithm. ... Symmetric-key algorithms are a class of algorithms for cryptography that use trivially related cryptographic keys for both decryption and encryption. ... Encryption Decryption In cryptography, a block cipher is a symmetric key cipher which operates on fixed-length groups of bits, termed blocks, with an unvarying transformation. ... Year 1993 (MCMXCIII) was a common year starting on Friday (link will display full 1993 Gregorian calendar). ... Bruce Schneier Bruce Schneier (born January 15, 1963) is an American cryptographer, computer security specialist, and writer. ... Cryptanalysis (from the Greek kryptós, hidden, and analýein, to loosen or to untie) is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so. ... In cryptography, the Advanced Encryption Standard (AES), also known as Rijndael, is a block cipher adopted as an encryption standard by the U.S. government. ...


Schneier designed Blowfish as a general-purpose algorithm, intended as a replacement for the aging DES and free of the problems associated with other algorithms. At the time, many other designs were proprietary, encumbered by patents or kept as government secrets. Schneier has stated that, "Blowfish is unpatented, and will remain so in all countries. The algorithm is hereby placed in the public domain, and can be freely used by anyone." The Data Encryption Standard (DES) is a cipher (a method for encrypting information) selected as an official Federal Information Processing Standard (FIPS) for the United States in 1976, and which has subsequently enjoyed widespread use internationally. ... The public domain comprises the body of all creative works and other knowledge—writing, artwork, music, science, inventions, and others—in which no person or organization has any proprietary interest. ...


Notable features of the design include key-dependent S-boxes and a highly complex key schedule. In cryptography, a substitution box (or S-box) is a basic component of symmetric key algorithms. ... The key-schedule of DES (<<< denotes a left rotation) In cryptography, the so-called product ciphers are a certain kind of ciphers, where the (de-)ciphering of data is done in rounds. The general setup of each round is the same, except for some hard-coded parameters and a part...

Contents

The algorithm

Blowfish has a 64-bit block size and a variable key length from 0 up to 448 bits [1]. It is a 16-round Feistel cipher and uses large key-dependent S-boxes. It is similar in structure to CAST-128, which uses fixed S-boxes. In modern cryptography, symmetric key ciphers are generally divided into stream ciphers and block ciphers. ... In cryptography, the key size (alternatively key length) is a measure of the number of possible keys which can be used in a cipher. ... In cryptography, a Feistel cipher is a block cipher with a symmetric structure, named after IBM cryptographer Horst Feistel; it is also commonly known as a Feistel network. ... In cryptography, a substitution box (or S-box) is a basic component of symmetric key algorithms. ... Three rounds of the CAST-128 block cipher In cryptography, CAST-128 (alternatively CAST5) is a block cipher used in a number of products, notably as the default cipher in some versions of GPG and PGP. It has also been approved for Canadian government use by the Communications Security Establishment. ...

The Feistel structure of Blowfish
The Feistel structure of Blowfish

The diagram to the left shows the action of Blowfish. Each line represents 32 bits. The algorithm keeps two subkey arrays: the 18-entry P-array and four 256-entry S-boxes. The S-boxes accept 8-bit input and produce 32-bit output. One entry of the P-array is used every round, and after the final round, each half of the data block is XORed with one of the two remaining unused P-entries. Made by Decrypt3 for Blowfish (cipher) File links The following pages link to this file: Blowfish (cipher) User:Matt Crypto/CryptoStats/ArticleHits Categories: GFDL images ... Made by Decrypt3 for Blowfish (cipher) File links The following pages link to this file: Blowfish (cipher) User:Matt Crypto/CryptoStats/ArticleHits Categories: GFDL images ... Exclusive disjunction (usual symbol xor) is a logical operator that results in true if one of the operands (not both) is true. ...


The diagram to the right shows Blowfish's F-function. The function splits the 32-bit input into four eight-bit quarters, and uses the quarters as input to the S-boxes. The outputs are added modulo 232 and XORed to produce the final 32-bit output. Modular arithmetic (sometimes called modulo arithmetic, or clock arithmetic because of its use in the 24-hour clock system) is a system of arithmetic for integers, where numbers wrap around after they reach a certain value — the modulus. ...


Since Blowfish is a Feistel network, it can be inverted simply by XORing P17 and P18 to the ciphertext block, then using the P-entries in reverse order.


Blowfish's key schedule starts by initializing the P-array and S-boxes with values derived from the hexadecimal digits of pi, which contain no obvious pattern (see nothing up my sleeve number). The secret key is then XORed with the P-entries in order (cycling the key if necessary). A 64-bit all-zero block is then encrypted with the algorithm as it stands. The resultant ciphertext replaces P1 and P2. The ciphertext is then encrypted again with the new subkeys, and P3 and P4 are replaced by the new ciphertext. This continues, replacing the entire P-array and all the S-box entries. In all, the Blowfish encryption algorithm will run 521 times to generate all the subkeys - about 4KB of data is processed. The key-schedule of DES (<<< denotes a left rotation) In cryptography, the so-called product ciphers are a certain kind of ciphers, where the (de-)ciphering of data is done in rounds. The general setup of each round is the same, except for some hard-coded parameters and a part... In mathematics and computer science, hexadecimal, base-16, or simply hex, is a numeral system with a radix, or base, of 16, usually written using the symbols 0–9 and A–F, or a–f. ... When a circles diameter is 1, its circumference is π. Pi or π is the ratio of a circles circumference to its diameter in Euclidean geometry, approximately 3. ... In cryptography, nothing up my sleeve numbers are any numbers which, by their construction, are above suspicion of hidden properties. ...




Cryptanalysis of Blowfish

There is no effective cryptanalysis on the full-round version of Blowfish known publicly as of 2006, although the 64-bit block size is now considered too short, because encrypting more than 232 data blocks (32 GiB) with it can begin to leak information about the plaintext in most modes of operation due to the birthday attack. While the short block size does not pose any serious concerns for routine consumer applications like e-mail, in applications where large amounts of data are encrypted, encryption keys must be rotated before the amount of encrypted data approaches the birthday bound.[citation needed] Cryptanalysis (from the Greek kryptós, hidden, and analýein, to loosen or to untie) is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so. ... 2006 is a common year starting on Sunday of the Gregorian calendar. ... The term gib may refer to: a castrated male cat or ferret an abbreviation for gibibyte (GiB) or gibibit (Gib) an abbreviation for Gibraltar an abbreviation for Gib Board, itself an abbreviation of Gibraltar Board, all Winston Wallboards[1] tradenames for drywall (plasterboard). ... This article is about cryptography. ... OFB redirects here. ... A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox, making use of a space-time tradeoff. ...


In 1996, Serge Vaudenay found a known-plaintext attack requiring 28r + 1 known plaintexts to break, where r is the number of rounds. Moreover, he also found a class of weak keys that can be detected and broken by the same attack with only 24r + 1 known plaintexts. This attack cannot be used against the regular Blowfish; it assumes knowledge of the key-dependent S-boxes. Vincent Rijmen, in his Ph.D. thesis, introduced a second-order differential attack that can break four rounds and no more. There remains no known way to break the full 16 rounds, apart from a brute-force search. [1] Year 1996 (MCMXCVI) was a leap year starting on Monday (link will display full 1996 Gregorian calendar). ... Serge Vaudenay (1968-) is a well-known French cryptographer. ... In cryptography, a weak key is a key which when used with a specific cipher, makes the cipher behave in some undesirable way. ... Together with Joan Daemen, Vincent Rijmen designed the Rijndael block cipher, which was selected as the Advanced Encryption Standard in 2000. ... Doctor of Philosophy, abbreviated Ph. ... In computer science, a brute-force search consists of systematically enumerating every possible solution of a problem until a solution is found, or all possible solutions have been exhausted. ...


Blowfish in practice

Blowfish is one of the fastest block ciphers in widespread use, except when changing keys. Each new key requires pre-processing equivalent to encrypting about 4 kilobytes of text, which is very slow compared to other block ciphers. This prevents its use in certain applications, but is not a problem in others. In one application, it is actually a benefit: the password-hashing method used in OpenBSD uses an algorithm derived from Blowfish that makes use of the slow key schedule; the idea is that the extra computational effort required gives protection against dictionary attacks. Encryption Decryption In cryptography, a block cipher is a symmetric key cipher which operates on fixed-length groups of bits, termed blocks, with an unvarying transformation. ... A key is a piece of information that controls the operation of a cryptography algorithm. ... A password is a form of secret authentication data that is used to control access to a resource. ... OpenBSD is a Unix-like computer operating system descended from Berkeley Software Distribution (BSD), a Unix derivative developed at the University of California, Berkeley. ... In cryptanalysis and computer security, a dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. ...


In some implementations, Blowfish has a relatively large memory footprint of just over 4 kilobytes of RAM. This is not a problem even for older smaller desktop and laptop computers, but it does prevent use in the smallest embedded systems such as early smartcards. RAM redirects here. ... What is an Embedded System? Electronic devices that incorporate a computer(usually a microprocessor) within their implementation. ... A smart card, or integrated circuit(s) card (ICC), is defined as any integrated circuitry embedded into a flat, plastic body. ...


Blowfish is not subject to any patents and is therefore freely available for anyone to use. This benefit has contributed to its popularity in cryptographic software.


See also

In cryptography, Twofish is a symmetric key block cipher with a block size of 128 bits and key sizes up to 256 bits. ... In cryptography, MacGuffin is a block cipher created in 1994 by Bruce Schneier and Matt Blaze at a Fast Software Encryption workshop. ... In cryptography, the Advanced Encryption Standard (AES), also known as Rijndael, is a block cipher adopted as an encryption standard by the U.S. government. ...

Notes and references

  1. ^ Serge Vaudenay (1996). "On the Weak Keys of Blowfish" (PostScript). Retrieved on 2006-08-23.
  • Vincent Rijmen, "Cryptanalysis and design of iterated block ciphers", doctoral dissertation, October 1997.
  • Bruce Schneier, Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish). Fast Software Encryption 1993: 191-204 [2].
  • Bruce Schneier, The Blowfish Encryption Algorithm -- One Year Later, Dr. Dobb's Journal, 20(9), p. 137, September 1995 [3].
  • Serge Vaudenay, "On the weak keys of Blowfish," Fast Software Encryption (FSE'96), LNCS 1039, D. Gollmann, Ed., Springer-Verlag, 1996, pp. 27--32.

For the literary term, see Postscript. ... Year 2006 (MMVI) was a common year starting on Sunday of the Gregorian calendar. ... {| style=float:right; |- | |- | |} is the 235th day of the year (236th in leap years) in the Gregorian calendar. ... Dr. Dobbs Journal (DDJ) is a monthly journal published in the United States by CMP Media. ...

External links


  Results from FactBites:
 
OpenSSL: Documents, blowfish(3) (573 words)
Blowfish is a block cipher that operates on 64 bit (8 byte) blocks of data.
Blowfish can be used in the same modes as DES (see des_modes(7)).
Blowfish is currently one of the faster block ciphers.
Blowfish encryption (522 words)
Blowfish is a keyed, symmetric cryptographic block cipher designed by Bruce Schneier in 1993 and placed in the public domain.
Blowfish is also one of the fastest block ciphers in public use, making it ideal for a product like SplashID that functions on a wide variety of processors found in mobile phones as well as in notebook and desktop computers.
Blowfish is one of the fastest block ciphers in widespread use, except when changing keys.
  More results at FactBites »

 
 

COMMENTARY     


Share your thoughts, questions and commentary here
Your name
Your comments

Want to know more?
Search encyclopedia, statistics and forums:

 


Press Releases |  Feeds | Contact
The Wikipedia article included on this page is licensed under the GFDL.
Images may be subject to relevant owners' copyright.
All other elements are (c) copyright NationMaster.com 2003-5. All Rights Reserved.
Usage implies agreement with terms, 1022, m