BLOWFISH

Blowfish is a 64-bit block cipher invented by Bruce Schneier. Blowfish was designed for fast
ciphering on 32-bit microprocessors. Blowfish is also compact and has a variable key length which
can be increased to 448 bits.

Blowfish is suitable for applications where the key does not change frequently like communication
links or file encryptors. However, for applications like packet switching or as a one-way hash
function, it is unsuitable. Blowfish is not ideal for smart cards, which requires even more compact
ciphers. Blowfish is faster than DES when implemented on 32-bit microprocessors.

Round Structure

The algorithm is based on the Feistel structure and has two important parts: The round structure and the key
expansion function.
Key Scheduling Algorithm

The subkeys are computed using the following method:

1. The P-array and then the four S-Boxes are initialized with a fixed
string. The string is the hexadecimal digits of π.
2. P1 is XOR-ed with 32 bits of the key, P2 is XOR-ed with the next 32
bits of the key, and so on for all the bits of the key. If needed the key
bits are cycled to ensure that all the P- array elements are XOR-ed.
3. An all-zero string is encrypted with the Blowfish
algorithm, with the subkeys P1 to P18 obtained so
far in steps 1 and 2.
4. P1 and P2 are replaced by the 64-bit output of step 3.
5. The output of step 3 is now encrypted with the
updated subkeys to replace P3 and P4 with the
ciphertext of step 4.
6. This process is continued to replace all the P-arrays and the S-Boxes in
order.

This complex key-scheduling implies that for faster operations the subkeys
should be precomputed and stored in the cache for faster access.

Security analysis by Serge Vaudenay shows that for a Blowfish algorithm

implemented with known S-Boxes (note that in the original cipher the S-
Boxes are generated during the encryption process) and with r-rounds, a
differential attack can recover the P-array with 28r+1 chosen plaintexts.