What is Blowfish?
Blowfish is a variable-length, symmetric, 64-bit block cipher. Designed by Bruce Schneier in 1993 as a "general-purpose algorithm," it was intended to provide a fast, free, drop-in alternative to the aging Data Encryption Standard (DES) and International Data Encryption Algorithm (IDEA) encryption algorithms.
Blowfish is significantly faster than DES and IDEA and is unpatented and available free for all uses. However, it couldn't completely replace DES due to its small block size, which is considered insecure.
Twofish, its successor, addressed the security problem with a larger block size of 128 bits. Nonetheless, full Blowfish encryption has never been broken, and the algorithm is included in many cipher suites and encryption products available today.
Blowfish features a 64-bit block size and takes a variable-length key, from 32 bits to 448 bits. It consists of 16 Feistel-like iterations, where each iteration operates on a 64-bit block that's split into two 32-bit words. Blowfish uses a single encryption key to both encrypt and decrypt data.
The Blowfish algorithm consists of two major parts:
- Data encryption. Data encryption happens through a 16-round Feistel network, with each round consisting of a key-dependent permutation and a key- and data-dependent substitution. Large, key-dependent S-boxes work with the substitution method and form an integral part of the data encryption system in Blowfish. All encryption operations are XORs -- a type of logic gate -- and additions on 32-bit words.
- Key expansion and subkeys. In the key expansion process, maximum size 448-bit keys are converted into several subkey arrays totaling 4,168 bytes. Subkeys form an integral part of the Blowfish algorithm, which uses a large number of them. These subkeys are pre-computed before encryption or decryption can take place.
In Blowfish, the P-array consists of 18 32-bit subkeys and four 32-bit S-boxes with 256 entries each. The subkeys are calculated as follows:
- The P-array and S-boxes are initialized with a fixed string of hexadecimal digits of pi.
- The first element in the P-array (P1) is now XORed with the first 32 bits of the key, P2 is XORed with the second 32-bits and so on, until all the elements in the P-array are XORed with the key bits.
- All-zero strings are encrypted by the algorithm as described in the above steps.
- P1 and P2 arrays are replaced with the output from step 3 above.
- This output is encrypted by Blowfish with modified subkeys.
- The output of step 5 modifies P3 and P4 in the P-array.
- This process continues until all the P-arrays and four S-boxes are modified.
In total, Blowfish runs 521 times to generate all the subkeys and processes -- about 4 kilobytes (KB) of data.
Blowfish encryption/decryption process example
Assume the message "Hi world" is to be encrypted with Blowfish. The following are the steps involved:
- Initially, the input "Hi world" consists of seven characters plus one space, which is equal to 64 bits or 8 bytes.
- The input is split into 32 bits. The left 32 bits -- "Hi w" -- are XORed with P1, which is generated by key expansion to create a value called P1. (Note: P denotes prime number, a number that is not divisible except by 1 and itself.)
- Then, P1 runs through a transformative F-function (F In) in which the 32 bits are split into 4 bytes each and passed to the four S-boxes.
- The first two values from the first two S-boxes are added to each other and XORed with the third value from the third S-box.
- This result is added to the output of the fourth S-box to produce 32 bits as output.
- The output of F In is XORed with the right 32 bits of the input message -- "orld" -- to produce output F1'.
- Then, F1' replaces the left half of the message, while P1' replaces the right half.
- This same process is repeated for successive members of P-array for 16 rounds in total.
- Finally, after 16 rounds, the outputs P16' and F16' are XORed with the last two entries of the P-array, i.e., P17 and P18. They are then recombined to produce the 64-bit ciphertext of the input message.
Advantages of Blowfish
One of the fastest and most compact block ciphers in public use, Blowfish uses a symmetric encryption key to turn data into ciphertext. Almost three decades after it was first developed, Blowfish is still widely used because it offers the following advantages:
- much faster and more efficient than DES and IDEA algorithms;
- unpatented and can be freely used by anyone even without a license;
- despite the complex initialization phase before encryption, the data encryption process is efficient on large microprocessors;
- provides extensive security for software and applications developed in Java;
- provides secure access for backup tools; and
- supports secure user authentication for remote access.
Disadvantages of Blowfish
There are some downsides to using Blowfish for encryption, including the following:
- Speed is affected when changing keys.
- The key schedule takes a long time.
- The small 64-bit block size makes the algorithm vulnerable to birthday attacks, a class of brute-force attacks.
- Each new key requires preprocessing equivalent to 4 KB of text, which affects its speed, making it unusable for some applications.
Applications of Blowfish
Blowfish is suitable for a wide range of applications, including the following:
- bulk encryption
- random bit generation
- packet encryption
- password hashing and management
- mobile processors
- email, file or disk encryption
- data backup
- Secure Shell
Blowfish is used by many popular products, such as CryptoDisk, PasswordWallet, Access Manager, Symantec NetBackup and SplashID. Many social media platforms and e-commerce websites also use Blowfish to protect user data.