Blowfish algorithm description

Source: Internet
Author: User

1. BlowfishAlgorithmDescription (the data type in this document is based on tc2.0)

The blowfish algorithm is used to encrypt 64-bit strings.
The blowfish algorithm uses two "Boxes": ungigned long pbox [18] and unsigned long sbox [4,256].
In the blowfish algorithm, there is a core encryption function: bf_en (which will be described in detail later ). This function inputs 64-bit information, which is output in the form of 64-bit ciphertext. There are two steps to encrypt information using the blowfish algorithm:

1. Key preprocessing
2. Information Encryption

They are described as follows:
Key preprocessing:
The source keys of the blowfish algorithm-pbox and sbox are fixed. To encrypt a message, we need to select a key and use this key to convert pbox and sbox to obtain the key_pbox and key_sbox used for encryption. The specific change algorithm is as follows:

1) Fill key_sbox with sbox
2) use the key8 of your choice to group the exclusive or pbox, and fill the key_pbox with the exclusive or result. Key can be used cyclically.
For example, the selected key is "abcdefghijklmn ". The XOR process is:
Key_pbox [0] = pbox [0] ^ abcdefgh
Key_pbox [1] = pbox [1] ^ ijklmnab
Wait until the key_box is filled.
3) Use bf_en to encrypt a 64-bit information of 0, and replace key_pbox [0] And key_pbox [1] With the output result. I = 0
4) Replace the key_pbox [I], key_pbox [I + 1] After bf_en encryption, replace key_pbox [I + 2] And key_pbox [I + 3] With the output
5) I + 2, continue step 1 until all key_pbox is replaced
6) Use key_pbox [16] And key_pbox [17] For the first input (equivalent to the input of all 0 above). Use a similar method to replace key_sbox information encryption. Information Encryption is to use a function to divide the information to be encrypted into two 32-bit l, xr bf_en transforms the input information. The detailed process of the bf_en function is as follows:

For I = 1 to 16
XL = XL ^ pi
Xr = f (XL) ^ XR
Swap XL and XR (cancel this operation in the last round)
Xr = XR ^ P17
XL = XL ^ P18
Merge XL and XR again
For the function f, see:

8-bit 32-bit
| ----------- S box 1 -----------
| Add
| 8-bit 32-bit | ----
| ----------- S box 2 ----------- |
| Exclusive or ----
| 8-bit 32-bit |
| ----------- S box 3 --------------- | add
| --------------- 32-bit
| 8-bit 32-bit |
| ----------- S box 4 -----------------------

Divides XL into four eight groups: A, B, C, and D.
Output: F (XL) = (S [1, A] + s [2, B]) mod 4294967296) ^ s [3, C]) + s [4, d]) mod 4294967296
(Power 32 of 2) (Power 32 of 2)
After merging, the output result is the ciphertext we need.
Using the blowfish algorithm for decryption also requires two processes.
1. Key preprocessing
2. Information decryption
The key preprocessing process is exactly the same as the encryption process.
The process of information decryption is to use the key_pbox in reverse order of the Information encryption process.

It can be seen that different keys can be selected and different results can be obtained by encrypting the same information using the blowfish algorithm.
To crack the blowfish algorithm, you must obtain the key of the blowfish algorithm. Therefore, using the blowfish algorithm for encryption is the key selection and key confidentiality. You can use the _ weakkey function in bf_sdk to check the key selection. The following describes the function:

Source Text:
Bytes ---------------------------------------------------------------------------------------
_ Weakkey
Function: test if the generated boxes are weak
Argument: None
Return: AX = status (1 = weak, 0 = good)
Affects: ax, BX, CX, dx, Si, Di, Direction Flag
Description: After "_ initcrypt" You shoshould test the boxes with this function.
If they provide a weakness which a cryptoanalyst cocould use
Break the cipher a "1" is returned. In this case you shoshould
Reload the original boxes and let the user choose a different
Bytes ---------------------------------------------------------------------------------------
Bytes ---------------------------------------------------------------------------------------
_ Weakkey
Function: test whether the generated box is secure.
Parameter: None
Return: AX = 1 unsafe; AX = 0 secure
Impact: ax, BX, CX, dx, Si, Di, Direction Flag
Description: after using the "_ initcrypt" function to generate a boxes for encryption, you should use this function to test whether the generated boxes are secure. If the boxes generated by the key is insecure-the key can be obtained by the password analyst by analyzing boxes, you should use another key to generate a safe boxes for encryption.

Bytes ---------------------------------------------------------------------------------------

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.