Difference between revisions of "Cryptographic algorithm Blowfish"

From CryptoWiki
Jump to: navigation, search
(Method of calculating the subkeys)
Line 19: Line 19:
== Method of calculating the subkeys ==
== Method of calculating the subkeys ==
The exact method used to calculate these subkeys will be described later in this section.
Blowfish is a Feistel network consisting of 16 rounds. The input is a 64-bit data element, x.
Blowfish is a Feistel network consisting of 16 rounds. The input is a 64-bit data element, x.

Revision as of 16:16, 6 December 2013

Blowfish – a cryptographic algorithm developed in 1993 by Bruce Schneier.

Description of Blowfish

Blowfish is a 64-bit block cipher with a variable-length key. The algorithm consists of two parts: key expansion and data encryption.

Key expansion converts a key of up to 448 bits into several subkey arrays totaling 4168 bytes.

Data encryption consists of a simple function iterated 16 times. Each round consists of a keydependent permutation, and a key- and data-dependent substitution. All operations are additions and XORs on 32-bit words. The only additional operations are four indexed array data lookups per round.

Blowfish uses a large number of subkeys. These keys must be precomputed before any data encryption or decryption.

The P-array consists of 18 32-bit subkeys: P1, P2, … , P18.

Four 32-bit S-boxes have 256 entries each:



Method of calculating the subkeys

Blowfish is a Feistel network consisting of 16 rounds. The input is a 64-bit data element, x.

Figure 1. Blowfish.


To encrypt: Divide x into two 32-bit halves: Blow4.png, Blow5.png.

For i = 1 to 16:


Swap Blow4.png and Blow5.png(Undo the last swap.)


Recombine Blow4.png and Blow5.png

Function F is as follows (see Figure 2):

Figure 2. Function F.


Divide Blow4.png into four eight-bit quarters: a, b, c and d


Decryption is exactly the same as encryption, except that P1, P2, … , P18 are used in the reverse order.

The subkeys are calculated using the Blowfish algorithm. The exact method follows. 1. Initialize first the P-array and then the four S-boxes, in order, with a fixed string. This string consists of the hexadecimal digits of p. 2. XOR P1 with the first 32 bits of the key, XOR P2 with the second 32-bits of the key, and so on for all bits of the key (up to P18). Repeatedly cycle through the key bits until the entire P-array has been XORed with key bits. 3. Encrypt the all-zero string with the Blowfish algorithm, using the subkeys described in steps (1) and (2). 4. Replace P1 and P2 with the output of step (3). 5. Encrypt the output of step (3) using the Blowfish algorithm with the modified subkeys. 6. Replace P3 and P4 with the output of step (5). 7. Continue the process, replacing all elements of the P-array, and then all four S-boxes in order, with the output of the continuously changing Blowfish algorithm.

In total, 521 iterations are required to generate all required subkeys. Applications can store the subkeys - there’s no need to execute this derivation process multiple times.

Blowfish has established itself as a reliable algorithm implemented in many programs that do not require frequent changes of key and requires a high speed encryption / decryption.


  • Bruce Schneier. Applied Cryptography. Protocols, Algorithms and Source Code in C.