Blowfish

ALGORITHM
 History
• Blowfish is an encryption technique designed
by Bruce Schneier in 1993 as an alternative to DES
Encryption Technique.

• It is significantly faster than DES and provides a

good encryption rate with no effective cryptanalysis
technique found to date.

• It is one of the first, secure block cyphers not

subject to any patents and hence freely available
for anyone to use. It is symmetric block cipher
algorithm.

• The name "Blowfish" is not related to the fish but

rather comes from the fact that Schneier named
many of his early encryption algorithms after fish.
The specific choice of "Blowfish" was likely
influenced by the fact that it sounded interesting and
distinctive.
 KEY FEATURES
1. Symmetric-Key Algorithm: Blowfish uses the same
key for both encryption and decryption processes,
making it a symmetric-key algorithm. This means that
the party encrypting the data and the party decrypting
it must possess the same secret key.
2. Block Cipher: Blowfish operates on fixed-size blocks
of data. The standard block size is 64 bits, but it can
work with smaller blocks as well. If the input data is
not a multiple of the block size, padding is typically
applied to the data before encryption.
3. Variable-Length Key: One of the unique features of
Blowfish is its ability to accept variable-length
encryption keys, making it adaptable to different
security requirements. The key length can range from
32 to 448 bits, and it’s expanded during encryption to
generate a series of subkeys.
4. Feistel Network Structure: Blowfish employs a Feistel
network structure in which data is divided into two
halves, subjected to a series of rounds of operations, and
then recombined. This structure allows for efficient
encryption and decryption processes.
5. F-Function: The F-function is a core component of the
Blowfish algorithm. It involves a combination of XOR
(exclusive OR), substitution, and permutation operations,
which contribute to the algorithm’s strength and security.
6. Key Expansion: Before the actual encryption process,
Blowfish generates a series of subkeys based on the
provided key. These subkeys are used during the
encryption and decryption rounds to introduce
complexity and security.
7. Complexity and Security: Blowfish is designed to be
highly secure against various cryptographic attacks. The
complex F-function and key expansion process make it
resistant to brute force and differential cryptanalysis.
How does The Blowfish Algorithm
work?
Step 1. Key Generation and Subkey Creation

• 18 subkeys{P[0]…P[17]} are needed in both encryption as well as decryption process and the same
subkeys are used for both the processes.
• These 18 subkeys are stored in a P-array with each array element being a 32-bit entry.
• It is initialized with the digits of pi(?).
• The hexadecimal representation of each of the subkeys is given by:
How does The Blowfish Algorithm
work?
Step 2: Initialise Substitution Boxes:

• 4 Substitution boxes (S-boxes) are

needed{S[0]…S[4]} in both encryption as
well as decryption process with each S-
box having 256 entries{S[i][0]…S[i][255]}
where each entry is 32-bit.
• It is initialized with the digits of pi after
initializing the P-array.

Source:
https://github.com/Ray784/Blowfish-S-
boxes
How does The Blowfish Algorithm
work?
Step 3: Encryption:

Once the subkeys are generated, the algorithm proceeds

with the encryption of the data block. The data block is
divided into two 32 bit halves, L (left) and R (right). A
series of rounds (typically 16) are performed on these
halves to ensure strong encryption.

Feistel Network Rounds:

The algorithm employs a Feistel network structure, which

involves applying a series of operations to the L and R
halves in each round. These operations include XOR
(exclusive OR) with the current subkey, applying the F
function to R, and swapping L and R.
How does The Blowfish Algorithm
work?
Step 3: Encryption:

F function Operation:

• The current subkey Pi is XORed with L.

• The F function takes the 32 bit output of the
XOR operation and applies several steps
How does The Blowfish Algorithm
work?
Step 3: Encryption:

F function Operation:

• L is divided into four 8 bit quarters. Each quarter is

used to index a specific S box, and the resulting
values are combined.

• Here the function “add” is addition modulo 2^32

Permutation The results from the S boxes are

combined and transformed using the P array.
How does The Blowfish Algorithm
work?
Step 4: Post Processing: The output after the 16 rounds is processed as shown below:
Decryption Side

Similar to encryption, rounds involve applying operations to L and R, but this time in reverse
order using the corresponding subkey.

1.F function Operation (Decryption) The F function is applied in reverse, with the subkey XOR
and S box steps inverted. This reverse operation successfully decrypts the data block.

2.Final Round (Decryption) After all decryption rounds, the decrypted L and R halves are
combined to obtain the original data block.
Conclusion
• The Blowfish algorithm’s security lies not only in its use of the Feistel network structure and the F function but
also in its intricate subkey generation process. By meticulously expanding the original key into a series of subkeys
and performing numerous rounds of operations, Blowfish ensures that the encrypted data remains secure and
resistant to various attacks.

• Blowfish is considered secure and has not been "cracked" in the sense of a practical cryptanalysis attack that
would compromise its security significantly. However, it's essential to note that Blowfish is an aging algorithm, and
its successor, Twofish, was designed by the same author, Bruce Schneier, to provide a higher security margin.

• While Blowfish remains unbroken, it's recommended to use more modern encryption algorithms like Advanced
Encryption Standard (AES) for new applications due to their widespread adoption, extensive analysis, and ongoing
support. AES has become the industry standard for symmetric-key encryption and is considered highly secure.

• Keep in mind that the security of any cryptographic algorithm can be affected by advances in technology,
computing power, and new cryptographic attacks. Therefore, it's essential to stay informed about the latest
developments and consider using algorithms that are widely recognized and recommended by the cryptographic
community.
 Thanks!
Do you have any questions?
[email protected]
www.iamsridhariyer.com
youtube: @sridhariyer