Blowfish Algorithm in Python

What is Blowfish?

Blowfish is a technique used for encryption, introduced by Bruce Schneier in 1993. It is an alternative to DES encryption Technique. This technique is faster than the DES technique and gives an effective symmetric key encryption. It has an 8-byte block size and supports a variable length key from 4 to 56 bytes. This technique is one of the first secure block cipher, an open-source technique with no patents, and is available to everyone.

The specifications of the blowfish algorithm are:

  • keySize: it has a keySize ranging from 32-bit to 448-bits
  • blockSize: it has a 64-bit blocksize
  • number of subkeys: it has 18 subkeys of array type
  • number of rounds: it has 16 rounds
  • number of substitution boxes: it has a total of 4 substitution boxes (each box with 512 entries of 32-bit each)

Features of Blowfish

  1. Fiestel Cipher: The blowfish algorithm uses a Fiestel Cipher Structure, splitting plain text into two halves. Then, it encrypts each of the halves using various mathematical operations.
  2. Block Cipher: The blowfish is a block cipher encryption algorithm. It operates on 64-bit blocks of plain text at a time.
  3. Variable key size: The blowfish algorithm offers a variable key size of up to 448 bits, which makes it more secure in comparison to other encryption algorithms.
  4. Symmetric Key Encryption: The blowfish algorithm uses a symmetric key encryption system. It defines that the encryption and decryption process uses the same key.

Now, let's understand the blowfish algorithm step-wise.

The blowfish algorithm contains two parts: Encryption and Decryption.

First, we will understand the process of Encryption.

Step 1: Sub-keys Generation

In this step, the key for encryption is created by applying the key expansion algorithm to the original key, resulting in a series of sub-keys. It needs 18 sub-keys (P[0].... P[17]) in both the encryption and decryption process. These sub-keys can be used for both processes, which are stored in P-array (each array element having a 32-bit entry). The sub-key generated is initialized with digits of pi(ind), where ind is the index of the key.

Then, the sub-keys are changed to their respective input key (18 sub-keys of 32-bits each).

Step 2: Substitution box initialization

The algorithm needs 4 substitution boxes (S[0]....S[4]) in both the encryption and decryption process (each substitution box having 256 entries of each 32-bit). The substitution key is initialized with the digits of pi(ind) after the P-array is initialized.

Step 3: Encryption

The encryption process contains two parts:

  • Rounds: The encryption process has 16 rounds in which each round takes inputs of the plain text from the previous round and its corresponding sub-key.
  • Post-processing: The output produced after the 16 rounds of encryption is processed, a final permutation is applied to it, and then gives the 64-bit cipher text.

Let's implement the encryption process in Python:

Python offers a pycrytodome library to implement the blowfish algorithm. The class cryto.cipher has the Blowfish package.

Now, let's understand the process of Decryption.

The decryption is a reverse process of encryption. The cipher text received after the encryption process is divided into 64-bit blocks, similar to the encryption process. The sub-keys generated in the decryption process are similar to the encryption process with the help of a key schedule.

For the decryption process, the cipher text is decrypted by passing the block through a function for a total of 16 times, with the help of 16 sub-keys in reverse order. The output of the function is then XORed with the cipher text block of 32 bits. This process is recursively completed for each 64-bit block of the cipher text till all the blocks have been decrypted.

Let's implement the decryption process in Python.

Applications of Blowfish Algorithm

The blowfish algorithm can be used in various applications that provide data protection and secure communication. Following are a few examples and applications of the blowfish algorithm:

  1. The Blowfish algorithm can be used to encrypt email messages, which protects the information from being leaked or stolen.
  2. The blowfish algorithm can also store the online accounts' passwords and secure them from being misused.
  3. It also encrypts the files during transfer and helps to prevent any unauthorized access.
  4. It can also encrypt the VPN traffic to provide secure communication between various devices.

Benefits of Blowfish Algorithm

  • The blowfish algorithm is the most commonly used algorithm used for encryption text.
  • It is a fast, secure, and efficient algorithm.
  • It is easy to implement and can be used with different programming languages and platforms.

Limitations of the Blowfish Algorithm

  • More new algorithms are introduced after the Blowfish algorithm, which makes it less secure.
  • The blowfish algorithm uses a 64-bit block size, making it more vulnerable to some cryptography attacks.