Blowfish Encryption Scheme

INTRODUCTION: Blowfish, a symmetric block cipher developed by Bruce Schneier[SCHN93, SCHN94), is a Feistel network, iterating simple encryption and decryption functions of 16 times each. The block size is 64 bits, and the key can be any length up to 448 bits. Although there is a complex initialization phase required before any encryption can take place, the actual encryption of data is very efficient on large microprocessors. Blowfish was designed to have the following characteristics: Fast: Blowfish encrypts data on 32-bit microprocessors at a rate of 18 clock cycles per byte. Compact: Blowfish can run in less than 5K of memory. Simple: Blowfish's simple structure is easy to implement and eases the task of determining the strength of the algorithm. Variably secure: The key length is variable and can be as long as 448 bits. This allows a tradeoff between higher speed and higher security. Blowfish encrypts 64-bit blocks of plaintext into 64-bit blocks of ciphertext. Blowfish is implemented in numerous products and has received a fair amount of scrutiny. So far, the security of Blowfish is unchallenged. DESIGN DECISIONS Based on Schneier's design parameters, he have made these design decisions. The algorithm should: - Manipulate data in large blocks, preferably 32 bits in size (and not in single bits, such as DES). - Have either a 64-bit or a 128-bit block size. - Have a scalable key, from 32 bits to at least 256 bits. - Use simple operations that are efficient on microprocessors: e.g., exclusiveor, addition, table lookup, modular- multiplication. It should not use variablelength shifts or bit-wise permutations, or conditional jumps. - Be implementable on an 8-bit processor with a minimum of 24 bytes of RAM (in addition to the RAM required to store the key) and 1 kilobyte of ROM. - Employ precomputable subkeys. On large-memory systems, these subkeys can be precomputed for faster operation. Not precomputing the subkeys will result in