Blowfish is a keyed, symmetric block cipher, designed in 1993 by Bruce Schneier and included in a large number of cipher suites and encryption products. Blowfish provides a good encryption rate in software and no effective cryptanalysis of it has been found to date. However, the Advanced Encryption Standard now receives more attention.
Schneier designed Blowfish as a generalpurpose algorithm, intended as an alternative to the aging DES and free of the problems and constraints associated with other algorithms. At the time Blowfish was released, many other designs were proprietary, encumbered by patents or were commercial/government secrets. Schneier has stated that, "Blowfish is unpatented, and will remain so in all countries. The algorithm is hereby placed in the public domain, and can be freely used by anyone."
Notable features of the design include keydependent Sboxes and a highly complex key schedule.
Contents
The algorithm
Blowfish has a 64bit block size and a variable key length from 32 up to 448 bits.^{[2]} It is a 16round Feistel cipher and uses large keydependent Sboxes. It is similar in structure to CAST128, which uses fixed Sboxes.
The diagram to the left shows the action of Blowfish. Each line represents 32 bits. The algorithm keeps two subkey arrays: the 18entry Parray and four 256entry Sboxes. The Sboxes accept 8bit input and produce 32bit output. One entry of the Parray is used every round, and after the final round, each half of the data block is XORed with one of the two remaining unused Pentries.
The diagram to the upper right shows Blowfish's Ffunction. The function splits the 32bit input into four eightbit quarters, and uses the quarters as input to the Sboxes. The outputs are added modulo 2^{32} and XORed to produce the final 32bit output.
Decryption is exactly the same as encryption, except that P1, P2,..., P18 are used in the reverse order. This is not so obvious because xor is commutative and associative. A common mistake is to use inverse order of encryption as decryption algorithm (i.e. first XORing P17 and P18 to the ciphertext block, then using the Pentries in reverse order).
Blowfish's key schedule starts by initializing the Parray and Sboxes with values derived from the hexadecimal digits of pi, which contain no obvious pattern (see nothing up my sleeve number). The secret key is then, byte by byte, cycling the key if necessary, XORed with all the Pentries in order. A 64bit allzero block is then encrypted with the algorithm as it stands. The resultant ciphertext replaces P_{1} and P_{2}. The same ciphertext is then encrypted again with the new subkeys, and P_{3} and P_{4} are replaced by the new ciphertext. This continues, replacing the entire Parray and all the Sbox entries. In all, the Blowfish encryption algorithm will run 521 times to generate all the subkeys  about 4KB of data is processed.
Full article ▸
