Cryptography Reference
In-Depth Information
1. Initialize the
P
-values (left-to-right) with the hexadecimal digits of
π
— that is, the digits to the right
of the “hexadecimal point.” They start off as
24 3f 6a 88 85 a3 08 d3
.... After the
P
-values are
filled, fill the S-boxes, in order with the digits of π. The pre-computed values can be found easily on the
Internet.
2. Starting with
P
1
, calculate
P
1
=
P
1
⊕
K
1
,
P
2
=
P
2
⊕
K
2
, and so forth. Here, the
K
-values represent the
originally inputted key values, up to 448 bits. There may be up to 14
K
-values, to correspond to the
P
-
values. It is necessary to XOR a
K
-value with each
P
-value, so repeat the values as necessary by starting
over with
K
1
, then
K
2
, and so on, again. For example, with a 128-bit key (representing
K
1
, ... ,
K
4
values),
after calculating
P
4
=
P
4
⊕
K
4
, then perform
P
5
=
P
5
⊕
K
1
, and so on.
3. Encrypt a 64-bit block consisting of all zeros
(00 00 00 00 00 00 00 00)
using the Blowfish
algorithm, with the
P
-values from the previous step.
4. Replace
P
1
and
P
2
with the output from the previous step's Blowfish run.
5. Take the output from Step 3 and encrypt it (with the new, modified
P
-values).
6. Replace
P
3
and
P
4
with the output from the previous step.
7. Repeat this process (encrypting the previous Blowfish output and replacing the next set of
P
-values),
filling all
P
-values and then the S-boxes (i.e., the 32-bit outputs of the S-box entry) in order. The order of
the S-boxes is defined to be
S
1,0
,
S
1,1
, ... ,
S
1,255
,
S
2,0
,
S
2,1
, ... ,
S
4255
.
This will require a total of 521 iterations in order to compute all values.
4.8.2 Blowfish Algorithm
The algorithm is based on the Feistel structure, with a total of 16 rounds. The key to the algorithm, as mentioned
above, is that the algorithm is kept very simple: For each round, only three XORs, two additions, and four S-box
lookups are required.
Blowfish Encryption Algorithm.
The basic cryptographic algorithm operates on a 64-bit input and produces a
64-bit output. The following shows the encryption portion. To obtain the decryption code, simply replace
P
i
in
the following with
P
19-
i
(with
P
17
and
P
18
at the end being replaced with
P
2
and
P
1
, respectively):
1. Split the plaintext into two halves: the left half (
L
0
) and the right half (
R
0
).
2. For each of 16 rounds (
i
= 1, 2, ... , 16):
(a) Set
L
i
=
L
i
-1
⊕
P
i
.
(b) Set
R
i
=
f
(
L
i
)
⊕
R
i
.
(c) Swap
L
i
and
R
i
.
3. Swap
L
16
and
R
16
(undoing the previous swap).
4. Set
R
17
=
R
16
⊕
P
17
.
5. Set
L
17
=
R
17
⊕
P
18
.
The output is the block obtained by recombining
L
17
and
R
17
. This main round procedure is shown in
Figure
Search WWH ::
Custom Search