Introduction to the

Blowfish is a symmetric key grouping encryption algorithm invented by Bruce Schneier in 1993, similar DES and AES are grouping encryption algorithm, Blowfish is used to replace DES algorithm, and Blowfish is no commercial restrictions, anyone can freely use.

In contrast, although AES is also a symmetric cryptographic algorithm with high cryptographic strength, it has to pay licensing fees to NIST if it is commercially available.

Blowfish,

Blowfish, like DES, uses the Feistel password for block encryption. Blowfish’s packet block size is 64bits, and variable key lengths can range from 32bits to 448bits.

Blowfish requires 16 rounds of Feistel encryption. Let’s get a sense of how Blowfish’s algorithm works:

The general process is to divide P(original data) into left and right parts, first take the left part and KR to do XOR operation, and then call F function based on the result obtained. Finally, XOR operation is performed between the output result of F function and the right part.

Switch the position of the left and right parts, continue to do this operation, a total of 16 rounds to get the final encryption results.

As you can see, the two most important variables in this whole encryption process are the Kr and F functions.

And we’ll talk about that in more detail.

The key array and S-Box

Key array

As you can see from the graph, KR ranges from K1 to K18. There is an array of 18 keys in total. The length of each key is 32 bits.

Let’s look at how the key array is generated.

First we use random numbers to initialize the key array. How do you generate a random enough 32-bit number?

A very common way to do this is to take the decimal part of the constant π and convert it to 16 net values, as shown below:

K₁ = 0x76a301d3

K₂ = 0xbc452aef

.

K₁₈ = 0xd7acc4a5

Remember the length of Blowfish’s variable key? From 32bits to 448bits, that is, from 1 to 14 32-bit numbers. Let’s call it Pi, so there are 14 mutable keys from P1 to P14.

Next we need to operate with K and P to generate the final K array.

We use K1 and P1 for XOR, K2 and P2 for XOR, all the way to K14 and P14.

Since P has only 14 values and K has 18 values, then we need to repeat the values of P, i.e. K15 and P1 are XOR, K16 and P2 are XOR, all the way to K18 and P4.

Take the value after XOR as the value of the new K array.

So now we have a new K array.

Note that this K array is not the final array, so let’s see.

S-box

Before we generate the final p-array, we’ll introduce a concept called S-Box.

In cryptography, the full name of the S-box is Substitution -box, which is a substitution box that allows you to substitute input for a different output.

The S-Box takes an input of N bits and converts it into an output of M bits.

Here n and m can be different.

Let’s take a look at the S-box example in DES:

The S-box above converts the 6-bits input to the 4-bits output.

The S-box can be fixed or dynamic. For example, S-boxes are static in DES, while S-boxes are dynamically generated in Blowfish and Twofish.

The F function in the Blowfish algorithm requires 4 S-boxes. The input of F function is 32bits. First divide the 32bits into 4 parts, which is 4 8bits.

S-Box is used to convert 8bits to 32bits.

Let’s take a closer look at the F function’s workflow:

The values generated by the S-box are added, followed by an XOR operation. Finally, we get the final 32bits.

The initial value of the S-box can also be initialized with the fractionalized part of the constant π, just like the k-array.

Generate the final K array

In the previous two sections, we generated the initialized K array and S-box.

Blowfish doesn’t think it’s safe or random enough.

We still need to do something to generate the final K array.

First we take a 64bits with all zeros, then K-array and S-box, apply Blowfish algorithm to generate a 64bits.

Divide the 64bits into two parts as new K1 and K2, respectively.

Then take this 64bits as input and call the Blowfish algorithm again as the new K3 and K4.

And so on, eventually all the elements in the K array are generated.

The array of 4 S-boxes is also generated according to the above process. So you get the final S-box.

blowfish

With the final K array and S-box, we can actually encrypt the file to be encrypted.

The whole process is represented by a pseudocode:

uint32_t P[18]; uint32_t S[4][256]; uint32_t f (uint32_t x) { uint32_t h = S[0][x >> 24] + S[1][x >> 16 & 0xff]; return ( h ^ S[2][x >> 8 & 0xff] ) + S[3][x & 0xff]; } void encrypt (uint32_t & L, uint32_t & R) { for (int i=0 ; i<16 ; i += 2) { L ^= P[i]; R ^= f(L); R ^= P[i+1]; L ^= f(R); } L ^= P[16]; R ^= P[17]; swap (L, R); } void decrypt (uint32_t & L, uint32_t & R) { for (int i=16 ; i > 0 ; i -= 2) { L ^= P[i+1]; R ^= f(L); R ^= P[i]; L ^= f(R); } L ^= P[1]; R ^= P[0]; swap (L, R); } / /... // initializing the P-array and S-boxes with values derived from pi; omitted in the example // ... { for (int i=0 ; i<18 ; ++i) P[i] ^= key[i % keylen]; uint32_t L = 0, R = 0; for (int i=0 ; i<18 ; i+=2) { encrypt (L, R); P[i] = L; P[i+1] = R; } for (int i=0 ; i<4 ; ++i) for (int j=0 ; j<256; j+=2) { encrypt (L, R); S[i][j] = L; S[i][j+1] = R; }}

The application of the blowfish

As you can see from the above process, it takes some time for Blowfish to generate the final K array and S-box, but once it is generated, or if the key is not changed, Blowfish is a very fast method of grouping encryption.

Each new key requires about 4 kilobytes of text preprocessing, which is slow compared to other block cipher algorithms.

So what’s good about being slow?

Yes, of course, because for a normal application, you don’t change keys very often. So preprocessing will only generate it once. It will be much faster when you use it later.

For a malicious attacker, each attempt at a new key requires lengthy preprocessing, so it is not cost-effective for the attacker to crack Blowfish’s algorithm. So Blowfish is protected against dictionary attacks.

Because Blowfish does not have any patent restrictions, it is free for anyone to use. This benefit has contributed to its popularity in cryptographic software.

For example, use Blowfish’s bcrypt algorithm, which we’ll cover in a later article.

The disadvantage of blowfish

Blowfish’s use of a 64-bit block size (compared to AES’s 128-bit block size) makes it vulnerable to birthday attacks, especially in an environment like HTTPS. In 2016, the Sweet32 attack demonstrated how a birthday attack can be used to perform plain text recovery (that is, decrypt ciphertext) on 64-bit block-size passwords.

Because Blowfish blocks are only 64bits, which is relatively small, the GnuPG project recommends against using Blowfish to encrypt files larger than 4 GB.

In addition, Blowfish is vulnerable to a known plaintext attack with reflective weak keys if it only has one round of encryption. However, our implementation uses 16-round encryption, so it is not vulnerable to this kind of attack. But Bruce Schneier, Blowfish’s inventor, recommends moving to Blowfish’s successor, Twofish.

This article has been included in http://www.flydean.com/blowfish/

The most popular interpretation, the most profound dry goods, the most concise tutorial, many you do not know the tips to wait for you to discover!

Welcome to pay attention to my public number: “procedures those things”, understand technology, more understand you!