Prepared by,

Asst. Prof. Steffy Livera

BLOWFISH & RC4

BLOWFISH ALGORITHM
• It was created by Bruce Schneier in 1993 as a quick, cost-free replacement for the Data Encryption Standard
(DES) and International Data Encryption Algorithm (IDEA) encryption techniques.
• Blowfish is unpatented, substantially quicker than DES and IDEA, and freely accessible for all purposes.
• Follows Feistel structure.
• Block size of plain text is 64bits
• Scalable key : 32 to 448 bits
• Default key size is 128 bits
• No. of rounds are 16
1. blockSize: 64-bits
2. keySize: 32-bits to 448-bits variable size
3. number of subkeys: 18 [P-array]
4. number of rounds: 16
5. number of substitution boxes: 4 [each having 512 entries of 32-bits each]
Designed to meet the following criteria
• Fast
• Compact
• Simple
• Variable secure
Key Features of Blowfish Cipher
• Symmetric Block Cipher: Blowfish is a symmetric encryption algorithm, meaning the
same key is used for both encryption and decryption. It operates on 64-bit blocks of data.
• Variable Key Length: The key length in Blowfish is variable and can range from 32 bits
to 448 bits, offering flexibility depending on the security requirement. This makes it
adaptable to different levels of security, with longer keys providing stronger encryption.
• Feistel Network Structure: Blowfish uses a Feistel network, which is a common
structure in many block ciphers (e.g., DES). A Feistel network splits the input data into
two halves and applies a series of rounds to each half, transforming the data through
substitution and permutation.
• 16 Rounds of Encryption: Blowfish performs 16 rounds of encryption, where
each round involves a set of operations including XOR, substitution, and
permutation. More rounds make the cipher stronger against attacks.
• Subkey Generation: Blowfish uses a complex process to generate the subkeys
(also called round keys) from the initial key. It starts with an initial key expansion
step to generate 18 subkeys and uses an S-box expansion mechanism for further
substitution operations. The subkey generation process is computationally
expensive but ensures high security.
BLOWFISH

•Algorithm consists of 2 parts:

•Key expansion
•Data encryption
KEY EXPANSION
• Key expansion converts a key of up to 448 bits into several subkey arrays.
1. Keys are stored in an array. K1,k2,……kn (where 1<=14). Length of each block is 32 bits. So maximum,
32*14=448 bits
2. Initialise an array P (P1,P2,..P18)
3. Initialise the S-boxes (4)
4. Initialise each element of P-array and S-boxes with hexadecimal values
5. XOR operations are performed
6. Take 64 bit plain text
7. Sub key is generated
DATA ENCRYPTION
• It consists of a simple function iterated 16 times.
• Each round consists of a key-dependent permutation and a key-and data dependent substitution.
• All operations are additions and XORs on 32-bit words.
• The only additional operations are four indexed array data lookups per round.
• Blowfish uses many subkeys.
• These keys must be precomputed before any data encryption or decryption.
BLOWFISH
• Blowfish is a Feistel network
consisting of 16 rounds. The input is
a 64-bit data element, x.
• To encrypt:
BLOWFISH’S F FUNCTION
Security of Blowfish
1. Resistance to Cryptanalysis:
Blowfish was designed to be secure against a wide variety of attacks, including differential and linear
cryptanalysis. These attacks are commonly used against block ciphers, but Blowfish’s complex key
expansion and S-box substitution mechanisms provide strong defense.
2. Avalanche Effect:
Blowfish exhibits a strong avalanche effect, meaning that even a small change in the plaintext or key
causes a significant and unpredictable change in the ciphertext. This property is crucial for a secure cipher.
3. Flexibility of Key Length:
The variable key length allows users to choose the level of security they need, balancing encryption speed
and protection. A key length of 448 bits is considered secure, though shorter keys might be more vulnerable
to brute-force attacks.
Advantages of Blowfish
1. Speed and Efficiency:
Blowfish is designed to be very fast in software, especially on 32-bit microprocessors. It is more efficient than
older ciphers like DES, particularly when working with shorter keys.
2. Free and Unpatented:
Blowfish is in the public domain and free to use by anyone. It has no patent restrictions, making it widely
adopted in both commercial and open-source applications.
3. Secure Design:
Blowfish’s design, including 16 rounds of encryption, provides a high level of security, particularly when
used with long keys.
4. Compact:
It requires only a small amount of memory, making it suitable for use in hardware-constrained environments
STREAM CIPHER
RC4 CIPHER
• RC4 is a stream cipher and was invented by Ron Rivest in 1987.
• RC4 stands for Rivest Cipher 4.
• Variable key size stream cipher with byte-oriented operations.
• Algorithm is based on the use of a random permutation.
• Since RC4 is a stream cipher, it encrypts the stream of data byte by byte.
• RC4 stream cipher is one of the most widely used stream ciphers because of its simplicity and speed of
operation.
• RC4 algorithm works in OFB: key stream is independent of plaintext.
• SUPPOSE, K[] = 1,2,3,4 ie; k[0]=1,k[1]=2,k[2]=3,k[3]=4
• Then T [0]=1, T[1]=2, T[2]=3, T[3]=4, T[4]=1, T[5]=2,T[6]=3,….
• RSADSI claims that the RC4 algorithm is immune to differential and linear cryptanalysis, doesn’t seem to
have any small cycles, and is highly nonlinear. There are no public cryptanalytic results.
• The S-box slowly evolves with use: i ensures that every element changes and j ensures that the elements
change randomly.