Unformatted text preview: such as the Pentium and the PowerPC. Blowfish is not suitable for applications, such as packet switching, with frequent key changes, or as a oneway hash function. Its large memory requirement makes it infeasible for smart card applications. Description of Blowfish
Blowfish is a 64bit block cipher with a variablelength key. The algorithm consists of two parts: key expansion and data encryption. Key expansion converts a key of up to 448 bits into several subkey arrays totaling 4168 bytes. Data encryption consists of a simple function iterated 16 times. Each round consists of a keydependent permutation, and a key and datadependent substitution. All operations are additions and XORs on 32bit words. The only additional operations are four indexed array data lookups per round. Blowfish uses a large number of subkeys. These keys must be precomputed before any data encryption or decryption. The Parray consists of 18 32bit subkeys: P1, P2,..., P18 Four 32bit Sboxes have 256 entries each: S1,0, S1,1,..., S1,255 S2,0, S2,1,..., S2,255 S3,0, S3,1,..., S3,255 S4,0, S4,1,..., S4,255 The exact method used to calculate these subkeys will be described later in this section. Figure 14.2 Blowfish. Blowfish is a Feistel network (see Section 14.10) consisting of 16 rounds. The input is a 64bit data element, x. To encrypt: Divide x into two 32bit halves: xL, xR For i = 1 to 16: xL = xL • Pi xR = F(xL) • xR Swap xL and xR Swap xL and xR (Undo the last swap.) xR = xR • P17 xL = xL • P18 Recombine xL and xR Figure 14.3 Function F. Function F is as follows (see Figure 14.3): Divide xL into four eightbit quarters: a, b, c, and d F(xL) = ((S1,a + S2,b mod 232) • S3,c) + S4,d mod 232 Decryption is exactly the same as encryption, except that P1, P2,..., P18 are used in the reverse order. Implementations of Blowfish that require the fastest speeds should unroll the loop and ensure that all subkeys are stored in cache. See [568] for details. The subkeys are calculated using t...
View
Full
Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details