About Blowfish Encryption Video made by: Tudor Mare Sorin Nita Valentina Sociu Stefan Stefanescu

How does the encryption works? Encryption with Blowfish has two main stages: sixteen iterations of the round function and an output operation. Diagram of Blowfish Encryption. Overall structure on the left, zoomed in view of round function on the right.

How does the encryption works? Blowfish round function - The round function in Blowfish encryption has four stages:  Key whitening of the left side of the input with the rth round key;  Application of the S-Boxes and combination of their results;  XOR of the right side of the input with the output of the F function (key whitening, S- Boxes and combination of S-Box output)  Swapping the sides of the output

How does the encryption works? 1. Round Function Like other Feistel functions, the output of this is XORed with the other side of the input (the right side in this case) and the two sides of the input are swapped before entering the next round.

How does the encryption works? 2. Output Function The final stage of the Blowfish cipher involves two steps: reversing the final swap and performing output whitening. In output whitening, the right side of the output (after being swapped) is XORed with the seventeenth round key and the left side is XORed with the eighteenth round key. The result of this is the Blowfish ciphertext.

How do we set the initial values? 1. Round keys The Blowfish key schedule relies heavily on the Blowfish encryption algorithm described in the previous section. The key schedule uses a value, P, consisting of eighteen words which contain (in order) the first eighteen words of the binary representation of the fractional part of pi (π). For example, the hexadecimal representation of pi begins with 3.243F6A8885A308D313198A2E037073, therefore:  P1=0x243F6A88,  P2=0x85A308D3, etc. This value, P, will become the round keys used in encryption.

How do we set the initial values? 2. S-Boxes Next, set the initial values of the S-Boxes in the same manner beginning with the 19th word of the fractional part of pi. The ordering should be that the entire first S-Box is filled in order before moving on to the next and so on. Since P contains 18 words and the S-Boxes each contain 256 words, a total of *256 = 1042 pi words are used, each 32-bit in size.

Generating Round Keys and S-box Generation of the round key is performed in rounds where each round generates two round key values. The process is as follows:  Initialize P and S-Boxes as described earlier.  XOR P1 with the first 32 key bits, P2 with the next 32 bits and so on until all of the key has been XORed (since the key is shorter than P, parts of it will be used multiple times to cover all of P)  Set the initial input to zero  Encrypt the input using the current version of P as the round keys  Set the first two unreplaced values of P to the value of the ciphertext from step 4  Set the input to the ciphertext from step 4  Repeat steps 4 through 6 until all of P has been replaced  Use the resulting value of P as the round keys in encryption  Repeat steps 4 through 6, replacing values of the S-Boxes two at a time until all S-Box values have been replaced.

Generating Round Keys and S-box Since P contains 18 words and the S-Boxes each contain 256 words, there is a total of *256 = 1042 values to replace, which will take 521 iterations of steps 4 through 6 of the above algorithm to complete. Also, since the S-Box values are used in all rounds of encryption and are set last, it is necessary to complete the key schedule before performing encryption (other ciphers like AES would allow the generation of round key i+1 while round i is being run).

Decryption with Blowfish Because Blowfish is a Feistel cipher, the same structure can be used for encryption and decryption as long as the round keys are used in reverse order. So, each half of the plaintext is alternately XORed with a round key and XORed with the output of the F function (ignoring the switches in sides of the halves since they do not change the value of the half). This is true in both encryption and decryption, and hence each XOR during decryption un-does the most recent XOR performed during encryption. (and is the reason that, in decryption, the final XOR should not be performed before beginning the round functions).

Advantages of Blowfish Blowfish is in the public domain, allowing it to be freely used for any purpose. Blowfish has low memory requirement and has a simple structure. After the key schedule has completed, Blowfish is a relatively fast block cipher due to the small number of rounds (sixteen) and the simplicity of the round operation (a few modular additions and XORs).

Drawbacks of Blowfish The key schedule in Blowfish is rather time-consuming (equivalent to encryption of about 4 KB of data). However, this can be an advantage in some circumstances as protection against brute-force attacks. The small block size of Blowfish (64 bits) is more vulnerable to birthday attacks than the 128 bits used by AES. Currently, the creator of Blowfish, Bruce Schneier, recommends that Blowfish be abandoned in favor of Twofish, a cipher of which he was part of the development team.