Blowfish is a block cipher that was designed in 1993 by Bruce
Schneier as a fast, free alternative to existing encryption
algorithms. Like Skipjack
it can be used as a convenient and much faster substitute for DES.
Since then Blowfish has been extensively analyzed and no
significant weaknesses have been found. It is considered to be a
strong algorithm and has been implemented in over 130 commercial
applications. Bruce Schneier was also one of the designers of the Twofish
algorithm, which is one of the five finalists selected by NIST in
the Advanced Encryption Standard (AES) competition. Twofish was
developed as a successor to the Blowfish cipher, which does not
meet the design requirements of the AES.
Blowfish is a 64-bit block cipher, meaning that data is
encrypted and decrypted in 64-bit chunks. The key length can vary
from 32 to 448 bits. The algorithm uses 16 rounds, or iterations of
the main algorithm. It has been found that the number of rounds is
exponentially proportional to the amount of time required to find a
key using a brute-force attack. So as the number of rounds
increases, the security of the algorithm increases exponentially.
Private Encryptor's implementation of Blowfish allows the key to vary from
32 to 448 bits, as per the algorithm specification. Some early
implementations of Blowfish contained a subtle bug that allowed the
algorithm to be easily broken on a standard Pentium class PC. This
bug has been fixed in Private Encryptor's implementation.
The detailed description of the Blowfish algorithm is contained
in the original Blowfish
paper, written by Bruce Schneier, which was presented at the
First Fast Software Encryption workshop in Cambridge. The paper is
rather technical and a certain degree of mathematical proficiency
is required of the reader in order to understand it. For anyone who
wishes to write their own implementation of Blowfish, you can get
the S-Boxes by clicking here.