Blowfish Questions
Posted: Fri Oct 12, 2018 8:06 pm
I have a few questions regarding Blowfish; I'm hoping someone here might know more about cryptography. (And I'm hoping I can adequately articulate my questions!)
Is Blowfish secure?
Regarding Blowfish, Wikipedia says, "no effective cryptanalysis of it has been found to date," which would seem to suggest it's unbroken; however, it also says, "Four rounds of Blowfish are susceptible to a second-order differential attack; for a class of weak keys, 14 rounds of Blowfish can be distinguished from a pseudorandom permutation."
Two questions arise from that.
1. Is Blowfish secure?
2. Is it SPECIFICALLY 4 rounds and 14 rounds that are issues? That is, are 3 rounds or 13 rounds or even just 1 round sufficient to avoid any weakness? Or is it "more is better"; should one aim for 15+ rounds?
What's the point of a block cipher?
For a given key, any given 64-bit plaintext will always be translated to a given 64-bit cipher-text. This would seem to give an attacker quite a bit of information -- frequently occurring information in plaintext will also be frequently occurring in ciphertext. Shouldn't good ciphertext be indishtinguishable from random data? Am I not properly understanding what a block cipher is for?
That brings me to my next question.
Can Blowfish be made into a stream cipher?
If I set L to a "seed" (perhaps 0 for the first block) and R to a counter (again, 0 for the first block) I can XOR the returned R with the plain-text to get my first 32-bits of cipher-text. For the next round, I send back the L that the first round returned, and set R to my counter (1 in this round) and continue on like that for the whole file.
For conventional Blowfish, the encrypted blocks are fed through Blowfish's decryption algorithm to get plaintext; that won't work with my stream cipher. Instead, I basically "encrypt" it again; the values returned by Blowfish, when XOR'd with the ciphertext, will be the plaintext.
So -- I hope I can adequately convey this -- does this work? Or am I "breaking" Blowfish by trying to turn it into a stream cipher?
Is Blowfish secure?
Regarding Blowfish, Wikipedia says, "no effective cryptanalysis of it has been found to date," which would seem to suggest it's unbroken; however, it also says, "Four rounds of Blowfish are susceptible to a second-order differential attack; for a class of weak keys, 14 rounds of Blowfish can be distinguished from a pseudorandom permutation."
Two questions arise from that.
1. Is Blowfish secure?
2. Is it SPECIFICALLY 4 rounds and 14 rounds that are issues? That is, are 3 rounds or 13 rounds or even just 1 round sufficient to avoid any weakness? Or is it "more is better"; should one aim for 15+ rounds?
What's the point of a block cipher?
For a given key, any given 64-bit plaintext will always be translated to a given 64-bit cipher-text. This would seem to give an attacker quite a bit of information -- frequently occurring information in plaintext will also be frequently occurring in ciphertext. Shouldn't good ciphertext be indishtinguishable from random data? Am I not properly understanding what a block cipher is for?
That brings me to my next question.
Can Blowfish be made into a stream cipher?
If I set L to a "seed" (perhaps 0 for the first block) and R to a counter (again, 0 for the first block) I can XOR the returned R with the plain-text to get my first 32-bits of cipher-text. For the next round, I send back the L that the first round returned, and set R to my counter (1 in this round) and continue on like that for the whole file.
For conventional Blowfish, the encrypted blocks are fed through Blowfish's decryption algorithm to get plaintext; that won't work with my stream cipher. Instead, I basically "encrypt" it again; the values returned by Blowfish, when XOR'd with the ciphertext, will be the plaintext.
So -- I hope I can adequately convey this -- does this work? Or am I "breaking" Blowfish by trying to turn it into a stream cipher?