Acronym Definition
BFEF Bum Freak Egypt Far
BFEF Bachelor of Forest Engineering Field
BFEF Bacterial Filtration Efficiency Factor
BFEF Base Flood Elevation Factor
BFEF Battle for Endor Force
BFEF Battle for Europe Force
BFEF Beam Forming Electrode Formation
BFEF Best Fit Ephemeris Factor
BFEF Beyond Freaking Egypt Faraway
BFEF Big Freaking Emergency Free
BFEF Big Freaking Empty Free
BFEF Biofeedback Foundation of Europe Forum
BFEF BLACKER Front End Fun
BFEF Blood-Flow Effects Field
BFEF Blowfish File Encryption Format
BFEF Blown Film Extrusion Fun
BFEF Board for Fundamental Education Fundation
BFEF Bold Freehand Extrapolation Forecasting
BFEF Boyfriend Experience Fun
BFEF Brooklyn Funk Essentials Fun
BFEF Built for Excellence Free
BFEF Bundesamt für Energie Fun
BFEF Bureau for the Far East Function
BFEF Bureau Français de l'Epilepsie Function
BFEF Buyer Furnished Equipment Free
BFEF Best Failure of Equipment Family
BFEF Big Familial Erythrophagocytic Lymphohistiocytosis
BFEF Best Family of Equipment Failure
BFEF Best Federación Ecuatoriana de Fútbol (Spanish, Ecuador)
BFEF Best Forced Expiratory Flow (lung function)
BFEF Best Foundry Educational Foundation
BFEF Best Free Enterprise Fund
BFEF Best French Erotic Film
BFEF Basic Front Endpaper (book)
BFEF Big Frontal Eye Field
BFEF Best Fuel Examination Facility
BFEF Best Functional Evaluation Flight
BFEF Best Future Engineer Force
BFEF Blowfish File Encryption Format
Blowfish (cipher)
The round function (Feistel function) of Blowfish
General
Designer(s): Bruce Schneier
First published: 1993
Successor(s): Twofish
Cipher detail
Key size(s): 32-448 bits in steps of 8 bits; default 128 bits
Block size(s): 64 bits
Structure: Feistel network
Rounds: 16
Best public cryptanalysis
Four rounds of Blowfish are susceptible to a second-order differential attack (Rijmen,
1997); for a class of weak keys, 14 rounds of Blowfish can be distinguished from
a pseudorandom permutation (Vaudenay, 1996).
In cryptography, Blowfish is a keyed, symmetric block cipher, designed in 1993
by Bruce Schneier and included in a large number of cipher suites and encryption
products. Blowfish provides a good encryption rate in software and no effective
cryptanalysis of it has been found to date. However, the Advanced Encryption
Standard now receives more attention.
Schneier designed Blowfish as a general-purpose algorithm, intended as a
replacement for the aging DES and free of the problems associated with other
algorithms. At the time, many other designs were proprietary, encumbered by
patents or kept as government secrets. Schneier has stated that, "Blowfish is
unpatented, and will remain so in all countries. The algorithm is hereby placed
in the public domain, and can be freely used by anyone."
Notable features of the design include key-dependent S-boxes and a highly
complex key schedule.
BFEF Blowfish File Encryption Format
The algorithm
Blowfish has a 64-bit block size and a key length of anywhere from 32 bits to
448 bits. It is a 16-round Feistel cipher and uses large key-dependent S-boxes.
It is similar in structure to CAST-128, which uses fixed S-boxes.
The Feistel structure of BlowfishThe diagram to the left shows the action of
Blowfish. Each line represents 32 bits. The algorithm keeps two subkey arrays:
the 18-entry P-array and four 256-entry S-boxes. The S-boxes accept 8-bit input
and produce 32-bit output. One entry of the P-array is used every round, and
after the final round, each half of the data block is XORed with one of the two
remaining unused P-entries.
The diagram to the right shows Blowfish's F-function. The function splits the
32-bit input into four eight-bit quarters, and uses the quarters as input to the
S-boxes. The outputs are added modulo 232 and XORed to produce the final 32-bit
output.
Since Blowfish is a Feistel network, it can be inverted simply by XORing P17 and
P18 to the ciphertext block, then using the P-entries in reverse order.
Blowfish's key schedule starts by initializing the P-array and S-boxes with
values derived from the hexadecimal digits of pi, which contain no obvious
pattern (see nothing up my sleeve number). The secret key is then XORed with the
P-entries in order (cycling the key if necessary). A 64-bit all-zero block is
then encrypted with the algorithm as it stands. The resultant ciphertext
replaces P1 and P2. The ciphertext is then encrypted again with the new subkeys,
and P3 and P4 are replaced by the new ciphertext. This continues, replacing the
entire P-array and all the S-box entries. In all, the Blowfish encryption
algorithm will run 521 times to generate all the subkeys - about 4KB of data is
processed.
Cryptanalysis of Blowfish
There is no effective cryptanalysis on the full-round version of Blowfish known
publicly as of 2006, although the 64-bit block size is now considered too short,
because encrypting more than 232 data blocks can begin to leak information about
the plaintext in most modes of operation due to the birthday attack. While the
short block size does not pose any serious concerns for routine consumer
applications like e-mail, Blowfish may not be suitable in situations where large
plaintexts must be encrypted, as in data archival.
In 1996, Serge Vaudenay found a known-plaintext attack requiring 28r + 1 known
plaintexts to break, where r is the number of rounds. Moreover, he also found a
class of weak keys that can be detected and broken by the same attack with only
24r + 1 known plaintexts. This attack cannot be used against the full 16-round
Blowfish; Vaudenay used a reduced-round variant of Blowfish. Vincent Rijmen, in
his Ph.D. thesis, introduced a second-order differential attack that can break
four rounds and no more. There remains no known way to break the full 16 rounds,
apart from a brute-force search.
Blowfish in practice
Blowfish is one of the fastest block ciphers in widespread use, except when
changing keys. Each new key requires pre-processing equivalent to encrypting
about 4 kilobytes of text, which is very slow compared to other block ciphers.
This prevents its use in certain applications, but is not a problem in others.
In one application, it is actually a benefit: the password-hashing method used
in OpenBSD uses an algorithm derived from Blowfish that makes use of the slow
key schedule; the idea is that the extra computational effort required gives
protection against dictionary attacks.
In some implementations, Blowfish has a relatively large memory footprint of
just over 4 kilobytes of RAM. This is not a problem even for older smaller
desktop and laptop computers, but it does prevent use in the smallest embedded
systems such as early smartcards.
Blowfish is not subject to any patents and is therefore freely available for
anyone to use. This benefit has contributed to its popularity in cryptographic
software.
Also in GNU Privacy Guard Blowfish and Twofish are implemented and can be
activated by the user. Another Windows Software (Open Source) for Crypting and
decrypting of files with Blowfish and Twofish is Blowfish Advanced CS, English
(Some instructions; German, PDF).
Contact Information
Call our office today to set up an appointment. Learn more about how we can
help you, and learn more about the other services that we can offer you. All
messages we receive will be answered as soon as possible. We look forward to
hearing from you.
- Electronic mail
- General Information:
