Blowfish

From Crypto++ Wiki
Jump to navigation Jump to search
Blowfish
Documentation
#include <cryptopp/blowfish.h>

Blowfish is a 64-bit (8 bytes) block cipher designed by Bruce Schneier. The cipher uses a variable size key, ranging from 32 to 448 bits. See Schneier's The Blowfish Encryption Algorithm for details.

Note: if your project is using encryption alone to secure your data, encryption alone is usually not enough. Please take a moment to read Authenticated Encryption and consider using an algorithm or mode like CCM, EAX or ChaCha20Poly1305.

Sample Programs

There are three sample programs. The first shows Blowfish key and block sizes. The second and third use filters in a pipeline). Pipelining is a high level abstraction and it handles buffering input, buffering output and padding for you.

If you are benchmarking then you may want to visit Benchmarks | Sample Program . It shows you how to use StreamTransformation::ProcessString method to process blocks at a time. Calling a cipher's ProcessString or ProcessBlock eventually call a cipher's ProcessAndXorBlock or AdvancedProcessBlocks, and they are the lowest level API you can use.

The Crypto++ implementation uses key sizes from 4 byte to 56 bytes in length. While Blowfish allows for bit increments on the key size, Crypto++ uses byte increments (8 bits). So it is not possible to specify a 12-bit key.

cout << "key length: " << Blowfish::DEFAULT_KEYLENGTH << endl;
cout << "key length (min): " << Blowfish::MIN_KEYLENGTH << endl;
cout << "key length (max): " << Blowfish::MAX_KEYLENGTH << endl;
cout << "block size: " << Blowfish::BLOCKSIZE << endl;

Output from the above snippet produces the following. Notice the default key size is 128 bits or 16 bytes.

key length: 16
key length (min): 4
key length (max): 56
block size: 8

The following program demonstrates CBC encryption using Blowfish. The key is declared on the stack using a SecByteBlock to ensure the sensitive material is zeroized. Similar could be used for both plain text and recovered text.

AutoSeededRandomPool prng;

SecByteBlock key(Blowfish::DEFAULT_KEYLENGTH);
prng.GenerateBlock(key, key.size());

byte iv[Blowfish::BLOCKSIZE];
prng.GenerateBlock(iv, sizeof(iv));

string plain = "CBC Mode Test";
string cipher, encoded, recovered;

/*********************************\
\*********************************/

try
{
    cout << "plain text: " << plain << endl;

    CBC_Mode< Blowfish >::Encryption e;
    e.SetKeyWithIV(key, key.size(), iv);

    // The StreamTransformationFilter adds padding
    //  as required. ECB and CBC Mode must be padded
    //  to the block size of the cipher.
    StringSource s1(plain, true, 
        new StreamTransformationFilter(e,
            new StringSink(cipher)
        ) // StreamTransformationFilter
    ); // StringSource
}
catch(const CryptoPP::Exception& e)
{
    cerr << e.what() << endl;
    exit(1);
}

/*********************************\
\*********************************/

// Pretty print
StringSource s2(cipher, true,
    new HexEncoder(
        new StringSink(encoded)
    ) // HexEncoder
); // StringSource

cout << "cipher text: " << encoded << endl;

/*********************************\
\*********************************/

try
{
    CBC_Mode< Blowfish >::Decryption d;
    d.SetKeyWithIV(key, key.size(), iv);

    // The StreamTransformationFilter removes
    //  padding as required.
    StringSource s3(cipher, true, 
        new StreamTransformationFilter(d,
            new StringSink(recovered)
        ) // StreamTransformationFilter
    ); // StringSource

    cout << "recovered text: " << recovered << endl;
}
catch(const CryptoPP::Exception& e)
{
    cerr << e.what() << endl;
    exit(1);
}

A typical output is shown below. Note that each run will produce different results because the key and initialization vector are randomly generated.

$ ./Driver.exe
key: 25FF1084AFAFAB92D80964039419748B
iv: 6C62666AA46BAFA3
plain text: CBC Mode Test
cipher text: 9B694B71042033089783BDE60C68898D
recovered text: CBC Mode Test

By switching to EAX mode, authenticity assurances can placed on the cipher text for nearly no programming costs. Below the StreamTransformationFilter was replaced by AuthenticatedEncryptionFilter and AuthenticatedDecryptionFilter.

EAX< Blowfish >::Encryption e;
e.SetKeyWithIV(key, key.size(), iv);

StringSource s1(plain, true, 
    new AuthenticatedEncryptionFilter(e,
        new StringSink(cipher)
    ) // StreamTransformationFilter
); // StringSource

...

EAX< Blowfish >::Decryption d;
d.SetKeyWithIV(key, key.size(), iv);

StringSource s2(cipher, true, 
    new AuthenticatedDecryptionFilter(d,
        new StringSink(recovered)
    ) // StreamTransformationFilter
); // StringSource

Typical output is as follows. Notice the additional cipher text bytes due to the MAC bytes. See EAX Mode for details.

$ ./Driver.exe
key: 24E4BE9071135FAFB8D868D1A4795A92
iv: 33300EB408849010
plain text: EAX Mode Test
cipher text: CAD6FA54B387D73344408DF500C63389C8B521B0DF
recovered text: EAX Mode Test

To manually insert bytes into the filter, perform multiple Puts. Though Get is used below, a StringSink could easily be attached and save the administrivia.

const size_t SIZE = 16 * 4;
string plain(SIZE, 0x00);

for(size_t i = 0; i < plain.size(); i++)
    plain[i] = 'A' + (i%26);
...

CBC_Mode < Blowfish >::Encryption encryption(key, sizeof(key), iv);
StreamTransformationFilter encryptor(encryption, NULL);

for(size_t j = 0; j < plain.size(); j++)
    encryptor.Put((byte)plain[j]);

encryptor.MessageEnd();
size_t ready = encryptor.MaxRetrievable();

string cipher(ready, 0x00);
encryptor.Get((byte*) &cipher[0], cipher.size());

Downloads

Blowfish-EAX-Filter.zip - Demonstrates encryption and decryption using Blowfish in EAX mode with filters (confidentiality and authenticity)

Blowfish-CBC-Filter.zip - Demonstrates encryption and decryption using Blowfish in CBC mode with filters (confidentiality only)

Blowfish-CTR-Filter.zip - Demonstrates encryption and decryption using Blowfish in CTR mode with filters (confidentiality only)

Blowfish-ECB-Filter.zip - Demonstrates encryption and decryption using Blowfish in ECB mode with filters (confidentiality only)