Blowfish Algorithm Advantages and Disadvantages

globefish Algorithm Advantages and Disadvantages puffer is a separateed (piece of development that determines the functional output of a cryptographic algorithm or cipher), symmetric cryptographic block cipher. It was designed by Bruce Schneier in 1993. Since then it has been analyzed considerably, and it is slowly gaining acceptance as a strong encryption algorithm.Blowfish is license-free and is available free for all applys. It is as well as a symmetric block cipher that pot be used as a drop-in replacement for stilboestrol or IDEA. It takes a variable-duration divulge, from 32 bits to 448 bits, making it ideal for both domestic and exportable use.Blowfish is also one of the fastest block ciphers in in the public eye(predicate) use, making it ideal for a product that functions on a wide variety of processors found in mobile phones as well as in notebook and desktop computers. The first implementation of the Blowfish Algorithm in LabVIEW. With this set of subvis one can en crypt info in LabVIEW without the need of outside softw ar. This can be used to send data securely over Data socket as well as TCP and UDP communications along with nourish remote control systems from unauthorized access, by encrypting the control communications. .( B. Schneier, Applied Cryptography, John Wiley Sons, New York, 1994.)3.2 Strategies and MechanismsBlowfish has a 64-bit block size of it and a aboriginal length of somewhere from 32 bits to 448 bits. The algorithm consists of two parts. One is a headstone-expansion part and one to a greater extent is a data- encryption part. Key expansion converts a key of at most 448 bits into several subkey arrays totaling 4168 bytes. It is a 16-round Feistel cipher and uses large key-dependent S-boxes ( fundamental component of symmetric key algorithms which performs substitution). Each round consists of a keydependent permutation, and a keydependent substitution. It is also standardised in organize to CAST-128, which uses fix ed S-boxes.Blowfish is suitable for application where the key does not change frequently, like a communication link or an voluntary file encryptor. It is significantly faster than most encryption algorithm when on 32-bit microprocessor with large data caches. (Fast Software Encryption, Cambridge Security Workshop Proceedings December 1993)3.3 The Feistel structure of BlowfishA Fiestel network is a general manner of transforming any function (generally called F- function) into a permutation. It was inented by Horst Fiestel and has been used in many block chiper designed.The diagram below shows the action of Blowfish. Each line represents 32 bits. The algorithm keeps two subkey arrays the 18-entry P-array and quaternion 256-entry S-boxes. The S-boxes accept 8-bit input and produce 32-bit output. One entry of the P-array is used all(prenominal) round, and after the final round, each half of the data block is XORed with one of the two remaining unused P-entries.The diagram to the right shows Blowfishs F-function. The function splits the 32-bit input into four eight-bit quarters, and uses the quarters as input to the S-boxes. The outputs are added modulo 232 and XORed to produce the final 32-bit output.Since Blowfish is a Feistel network, it can be inverted simply by XO7Ring P17 and P18 to the cipher textbook block, then using the P-entries in reverse order. Blowfishs algorithm initialize with the P-array and S-boxes. The secret key is then XORed with the P-entries in order and then use the same method to encrypt all the zero string. The consequential ciphertext replaces P1 and P2 then encrypt the new P1 and P2 with the modified subkeys. Now the output is P3 and P4. Alto meether Blowfish algorithm bequeath reverberate 521 times in order to calculate new subkeys for the P-array and the four S-boxes. It is about 4KB data is processed.The puffer uses a large number of subkeys. These keys must be precomputed in the lead any data encryption or decryption.The P-array consists of 18 32-bit subkeysP1, P2, P3, P18.There are four 32-bit S-boxes with 256 entries eachS1,0, S1,1,, S1,255S2,0, S2,1,..,, S2,255S3,0, S3,1,, S3,255S4,0, S4,1,..,, S4,255.Figure 3 Feistel Network(John Wiley Sons, New York, 1994)As what mentioned above, blowfish has 16 rounds. The method of calculating itThe input is a 64-bit data element, x.Divide x into two 32-bit half xL, xR.Then, for i = 1 to 16xL = xL XOR PixR = F(xL) XOR xRSwap xL and xRAfter the sixteenth round, swap xL and xR again to undo the last swap.Then, xR = xR XOR P17 and xL = xL XOR P18.Finally, recombine xL and xR to get the ciphertext.3.4 Key ExpansionKey expansion converts a key of at most 448 bits into several subkey arrays totaling 4168 bytes. The figure and the explanation of the Key Explanation of Blowfish are showed belowExplanation for the Key Explanation of Blowfish figure Step 1Expand key to 576-bitXOR with P arrayStore results of 2 in P arrayStep 2datal = 0x00000000datar = 0x00000000for (i = 0 i Blowfish_encipher(datal, datar)bf_Pi = datalbf_Pi + 1 = datarfor (i = 0 i for (j = 0 j Blowfish_encipher(datal, datar)bf_Sij = datalbf_Sij + 1 = datar3.5 Application That Use Blowfish Method beneath are the applications that using Blowfish EncryptionAEdit A free Windows word processor incorporating text encryption.Coolfish An encrypting text editor for Windows.Foopchat Encrypted chat and advanced file manduction using a client/server architecture.JFile by Land-J Technologies A database program for the PalmOS platform.Freedom by Zero-Knowledge Privacy for web browsing, e-mail, chat, telnet, and newsgroups.JFile is one of the famous application that use blowfish method. JFile5 is the new version of the JFile. It is a flat-file database application for the PalmOS. There are 4 primary views in JFile 5.0. First is Main View, where it is the view that shows a numerate of all the JFile 5 databases that are lively installed on the Palm device. Second is New/Modify Database Struct ure View, this is the view when we are creating a new database, or modifying the structure of an existing database. Here is where we have to set the field names, the field types, the database name, and other elements of the database structure. The third view is Database View, this is the view that presented along when we tap on a database name from the Main View. The last view is Record View, this is the view that received when we tap a specific record from the Database View. In this JFile5 we can change the current method of security for each database by tapping the lock icon of the database on the main screen. There are three levels of security for databases in JFile5. The first level is the green/open lock where at this level the database contains no security, any user accessing the device can view and edit the database. The second level is the orangish/grey closed lock, at this level the database is protected by the Security applications war cry (if it is set). To access this database, we will need to provide the password set in the Security application. This security level is appropriate for handing the Palm temporarily to a colleague so they wont have easy access to the database, but the information is not encrypted in any way. The third level is the red/dark closed lock at this level we will choose an encryption password for the database. The entire database will be encrypted, and we MUST remember the password to access the database. Due to the encryption, certain operations within the database will be slower. In addition, we will need to insure that any PC/Mac side utilities that we use with JFile support the encryption method.There are also some new features in this JFile5 where the maximum number of databases increased to 120 and it is improved use of color in the application compared to JFile4. There are 5 different sorts and filter settings can be saved for quick and easy usage, it is also easier to use because of the updated user interface. It i s also has multiple locked columns for left/right scrolling in the main database view and the encryption of databases using 64-bit Blowfish algorithm. The VFS memory cards made easy movement of databases and have new calculated value field types. There are also default values for fields, read-only field options are also available with the Beam-Via-Coola (www.coola.com) support. They also enhanced resolution for Handera 330 devices, extensive keyboard input support and the Navigation of most parkland areas of JFile for JogDial equipped devices. The limitations for this JFile5 are 120 databases (1 in the demonstration version), 20 character maximum for field names, 50 fields maximum per databases, 4,000 characters per field of data, 10,000 characters per record of data and 16,000 records per database.3.6 Hardware ArchitecturePipelining is a famous technique for improving the throughput of computers, by using parallel elements so that several instructions can be worked on simultaneousl y. The basic idea of pipelining is to begin carrying out a new instruction before execution of an old one is completed. When pipelining is used, the number of steps in the basic algorithm is less important than fitting the steps into a framework so that they can be performed in parallel. The figure of the pippelining implementation are showed belowThese are processed separately (with delayed arithmetic carries shown in the figure as carry) and then combined at the end of processing. Even though more clock cycles are inevitable, the speed of the clock can be greatly improved, because smaller adders are required at each stage, with smaller internal extension service delays.(Malaysian Journal of Computer Science, Vol. 14 No. 1, June 2001, pp. 16-27)These are some examples of blowfish hardware architectureFigure 18 Chip SpecificationsWhat is this table? Explanation requisiteModeSpecification0Idle1Initial2Encrypt3DecryptTable 1 Mode SpecificationWhat is this figure? Explanation neede dThe controller is implemented as a Finite maintain Machine and described in a behavioral Verilog model. The figure and the explanation of the Finite State Machine are showed belowFigure 20 FSM of Controller(Bruce Schneier, Applied Cryptography, John Wiley Sons, Inc. 1996)Explanation of Finite State Machine figure e1 Finish make full data from fixed storage to SRAMe2 Finish initialization and mode = 1e3 Finish encryption and mode = 2e4 Finish decryption and mode = 3Datapath includes ROM modules, SRAM modules, and the main arithmetic units of Blowfish. The figure showed below is the architecture of the datapathFigure 21 The architecture of the datapathExplanation for the figure of the architecture The string is mapped to ROM_P and ROM_S-box. The P-array is mapped to SRAM_P, and the four S-boxes are mapped to SRAM_Sbox. Because the size of SRAM module is 2n words, P1 and P18 are implemented as registers, and the others are mapped to 1632 bits SRAM. We use a transmit register un der DataIn to expand 4-bit input to 64-bit input and a shift register over DataOut to reduce 64-bit output to 4-bit output. CORE implements the loop of the 16-round iteration. A pipeline stage is added to the output of the SRAM modules. The pipeline stages will double the performance of the Blowfish hardware but lead to the overhead of area.3.7 Advantages and DrawbacksBlowfish is one of the fastest block ciphers in general use, except when changing keys. Each new key requires pre-processing equivalent to encrypting about 4 kilobytes of text, which is very slow compared to other block ciphers. This prevents its use in certain applications, but is not a problem in others, such as SplashID. In an application, its actually a benefit especially the password-hashing method used in OpenBSD uses an algorithm derived from Blowfish that makes use of the slow key schedule. Blowfish is not subject to any patents and is therefore freely available for anyone to use. This has contributed to its po pularity in cryptographic software.The disadvantages of Blowfish are it must get key to the mortal out of band specifically not through the unsecured transmission channel. Each pair of users needs a unique, so as number of users increase, key management becomes complicated. For example N(N-1)/2 keys required. Blowfish cant provide authentication and non-repudiation as two people have same key. It also has weakness in decryption process over other algorithms in terms of time consumption and serially in throughput