performance analysis of blowfish

algorithm for cryptosystems

By-
RAJESHWARI N PATIL
USN-2MM12LDS12


Professor Department of Electronics and Communication Engineering
Marata Mandals Engineering College Belgaum
Belgaum Karnataka, India
CONTENTS
2-Aug-14

2
Introduction
Literature Survey
Problem definition and Formulation
Objectives of Project
Methodology
Facilities required for proposed work
Result And Discussion
Advantages
Applications
Conclusion
Bibliography






I.INTRODUCTION

2-Aug-14 3

In the last few years, lot of research has been taken
place in encryption algorithms which are smart enough
to distinguish between existing symmetric and a
symmetric algorithms.
Currently we are using blowfish algorithm in embedded
systems.
Cipher: it is a secret system of writing that you use to
send messages
Converting their messages in to ciphers





II. LITERATURE SURVEY
2-Aug-14 4
In the survey, Many Books, IEEE papers and Internet have
provided valuable information that was very useful during the
project work.
[4] B. Schneier.discusses the requirements for a standard
encryption algorithm.
[5] Mr. C. R. Patel, Prof. N. B. Gohil , 3 Prof.discussesd
applications of Encryption algorithm plays a vital role for
information security guarantee in recent growing internet and
communication network applications
[6] Abdel-Karim Al Tamimi has discussed about Performance
Analysis of Data Encryption Algorithms ,Blowfish has a better
performance than other common encryption algorithms used


III. PROBLEM DEFINITION
AND FORMULATION
In symmetric algorithm, the advantages are low area, resource
and power consumption but pose significant key management
problems in large traffic networks. Its speed is high in encrypting
large amount of data (64bit).
In asymmetric algorithm, the significant key management
problem can be solved but has low speed in encrypting the large
amount of data.
Blowfish algorithm is more popularly used. These ensure
confidential and authenticate data transfer over insecure
communication media.

2-Aug-14 5
IV.OBJECTIVES OF PROJECT

The main objectives for the project as:
To design an Blowfish algorithm for cryptosystems.
Performance analysis of blowfish algorithm.
Implementation of blowfish algorithm using Mat lab.

2-Aug-14 6
2-Aug-14 7





V. METHODOLOGY

Image( .bmp,
.jpg & .tif )
Image
Encryption
Model
KEY
Decrypted(
Original
Image )
Image
Decryption
Model
KEY
Cipher Code


(an encrypted
Image)
PRESENT BLOWFISH ALGORITHM
Blowfish is a symmetric encryption algorithm, meaning that it
uses the same secret key to both encrypt and decrypt messages.

Blowfish is also a block cipher, meaning that it divides a
message up into fixed length blocks during encryption and
decryption.

The block length for Blowfish is 64 bits; messages that aren't a
multiple of eight bytes in size must be padded.

Blowfish is public domain, and was designed by Bruce
Schneier expressly for use in performance-constrained
environments such as embedded systems.


2-Aug-14 8
Cont............
The Blowfish Encryption Algorithm Keyed, Symmetric block
cipher designed in 1993.
Can be used as a Drop-in replacement for DES.
As a fast , free alternative to existing encryption algorithms.
Characteristics
64-bit block cipher
Variable length key (32 bits to 448 bits)
Complex subkey generation
Key-dependent S-boxes
Simple operations fast implementation
o Modulo 2
32
addition
o Bitwise XOR





2-Aug-14 9







THE BLOWFISH ALGORITHM
Two parts:

Expansion of the key.
Encryption of the data.

Expansion of the key:

Break the original key into a set of subkeys.
Key of no more than 448 bits is separated into 4168 bytes.
P-array and four 32-bit S-boxes.
P-array contains 18 32-bit subkeys.
Each S-box contains 256 entries.


2-Aug-14 10
Cont..........
The encryption of the data:

64-bit input is denoted with an x.
P-array is denoted with a Pi (where i is the iteration).
64-bit block size
Key length - 32 bits to 448 bits (32-448 bits in steps of 8 bits;
default 128 bits).
16-round Feistel cipher.
Large key-dependent S-boxes.






2-Aug-14 11
The Blowfish Algorithm: Key
Expansion(cont)
Each line - 32 bits.
Algorithm keeps two sub-key arrays:
The 18-entry P-array
Four 256-entry S-boxes.
S-boxes accept 8-bit input
Produce 32-bit output.
One entry of P-array is used every
round.
After final round, each half of data block
is XORed with one of the two remaining
unused P-entries.
2-Aug-14 12
The Blowfish Algorithm: Key
Expansion(cont)
Initialize the P-array and S-boxes
XOR subkey with plaintext.
(example) P1 XOR (first 32 bits of key), P2 XOR (second 32
bits of key), ...
New output of XL is apply to function .
Output of function is XOR with XR bits
Then perform swap operation.
Repeat 16 times.

2-Aug-14 13
The Blowfish Algorithm flow chart
2-Aug-14 14
The Blowfish Algorithm: Encryption
(cont)
2-Aug-14 15
The Blowfish Algorithm: Encryption
(cont)
Blowfish's F-function:

Splits the 32-bit input into four eight-bit quarters, and uses
the quarters as input to the S-boxes.

Outputs are added modulo 2
32
and XORed to produce the
final 32-bit output.

Blowfish is a Feistel network, it can be inverted simply by
XORing P17 and P18 to the cipher text block, then using
the P-entries in reverse order.

2-Aug-14 16
The Function F
2-Aug-14 17
The Blowfish Algorithm: Encryption
(cont)
Key schedule
Initialize the P-array and S-boxes with values derived from the
hexadecimal digits of pi, which contain no obvious pattern.
Secret key
XORed with the P-entries in order. A 64-bit all-zero block is
then encrypted with the algorithm as it stands.
Resultant ciphertext
Replaces P1 and P2.
Encrypted again with the new subkeys
P3 and P4 are replaced by the new ciphertext.
Continues, replacing the entire P-array and all the S-box
entries.
Algorithm will run 521 times to generate all the subkeys - 4KB
of data is processed.


2-Aug-14 18
Cryptanalysis of Blowfish
None known publicly as of 2005
64-bit block size now too short
birthday attack.
Seems to be secure.
Short block size does not pose any serious concerns for e-
mail.
May not be suitable in situations where large plaintexts must
be encrypted.

2-Aug-14 19
IMPLEMENTATION
Blowfish requires about 5KB of memory. A careful
implementation on a 32-bit processor can encrypt or decrypt a
64-bit message in approximately 12 clock cycles.
for example, a 128-bit message takes about (2 x 12) clocks.
Blowfish works with keys up to 448 bits in length.

Blowfish is a variable-length key, 64-bit block cipher. The
algorithm consists of two parts:
A key-expansion part and a data- encryption part. Key
expansion converts a key of at most 448 bits into several
subkey arrays totaling 4168 bytes.
Data encryption occurs via a 16-round Feistel network. Each
round consists of a key-dependent permutation, and a key- and
data-dependent substitution.


2-Aug-14 20
2-Aug-14 21
2-Aug-14 22
2-Aug-14 23
All operations are XORs and additions on 32-bit words. The
only additional operations are four indexed array data
lookups per round.

Sub keys:
Blowfish uses a large number of subkeys. These keys must
be precomputed before any data encryption or decryption.

The P-array consists of 18 32-bit subkeys:
P1, P2,..., P18.

There are four 32-bit S-boxes with 256 entries each:
S1,0, S1,1,..., S1,255;
S2,0, S2,1,..,, S2,255;
S3,0, S3,1,..., S3,255;
S4,0, S4,1,..,, S4,255.
except that P1, P2,..., P18 are used in the reverse order.

2-Aug-14 24
Encryption:
Blowfish is a Feistel network consisting of 16 rounds .

The input is a 64-bit data element, x.
Divide x into two 32-bit halves: xL, xR
For i = 1 to 16:
xL = xL XOR Pi
xR = F(xL) XOR xR
Swap xL and xR
Next i
Swap xL and xR (Undo the last swap.)
xR = xR XOR P17
xL = xL XOR P18
Recombine xL and xR
Function F
Divide xL into four eight-bit quarters: a, b, c, and d
F(xL) = ((S1,a + S2,b mod 232) XOR S3,c) + S4,d mod 232

2-Aug-14 25
Generating the Subkeys:
The subkeys are calculated using the Blowfish algorithm,. The
exact method is as follows:

Initialize first the P-array and then the four S-boxes, in order,
with a fixed string. This string consists of the hexadecimal digits
of pi (less the initial 3).
For example:
P1 = 0x243f6a88
P2 = 0x85a308d3
P3 = 0x13198a2e
P4 = 0x03707344

XOR P1 with the first 32 bits of the key, XOR P2 with the
second 32-bits of the key, and so on for all bits of the key
(possibly up to P14). Repeatedly cycle through the key bits until
the entire P-array has been XORed with key bits.




2-Aug-14 26

Encrypt the all-zero string with the Blowfish algorithm, using the
subkeys described in steps (1) and (2).

Replace P1 and P2 with the output of step (3).

Encrypt the output of step (3) using the Blowfish algorithm with
the modified subkeys.

Replace P3 and P4 with the output of step (5).

Continue the process, replacing all entries of the P- array, and then
all four S-boxes in order, with the output of the continuously-
changing Blowfish algorithm.
Below are two figures that demonstrate the
Feistel

2-Aug-14 27
Network that Blowfish uses as well as
the operations performed with in the
Feistel or F-Function

2-Aug-14 28
Feistel Networks
2-Aug-14 29
A Feistel network is a general method of transforming any function
(usually called an Ffunction) into a permutation. It was invented by
Horst Feistel and has been used in many block cipher designs.

The working of a Feistal Network is given below:
Split each block into halves

Right half becomes new left half

New right half is the final result when the left half is XORd
with the result of applying f to the right half and the key.

Note that previous rounds can be derived even if the function f is
not invertible.
2-Aug-14 30
The source code for computing the P
and S arrays and only briefly
summarize the procedure as follows:
2-Aug-14 31


P is an array of eighteen 32-bit integers.
S is a two-dimensional array of 32-bit integer of dimension
4x256.
Both arrays are initialized with constants, which happen to be the
hexadecimal digits of (a pretty decent random number source).
The key is divided up into 32-bit blocks and XORed with the
initial elements of the P and S arrays. The results are written back
into the array.
A message of all zeros is encrypted; the results of the encryption
are written back to the P and S arrays. The P and S arrays are now
ready for use.
Using the example code

2-Aug-14 32
firmware upgrades and data logs are seldom exactly 64
bits in length.

To encrypt long strings of data using Blowfish, carve the
message up into 64-bit blocks, encrypt each block and save
the results.

Pad the message with a value of your choosing to end on a
64-bit boundary.
VI.FACILITIES REQUIRED FOR
PROPOSED WORK
2-Aug-14 33
SOFTWERE REQUIRED
Mat lab 2012a

HARDWARE REQUIRED
P3 processor or higher version
Processor should be P3 or higher version to support MATLAB
software to run on the operating system to give better execution
speed.
Minimum 20GB hard disk
At least, 20GB hard disk is necessary.
256GB RAM
System speed and its support for application programs execution
speed is depend on RAM. Higher version of RAM provides better
compatibility.



VII.RESULT AND DISCUSSION

2-Aug-14 34
Implementation in Mat lab .
Increased Variable-length key, From 32 bits to 448 bits.
More security.
Simple design for encryption and decryption.
Used for many application where security is necessary.
Outcome result
INPUT IMAGE
2-Aug-14 35
ENCRYPTED IMAGE
2-Aug-14 36
OUTPUT IMAGE
2-Aug-14 37
GUI OF THE BLOWFISH
ALGORITHM
2-Aug-14 38
COMPARISON OF BLOWFISH
ALGORITHM
2-Aug-14 39

ALOGRITHMc

CREATED BY

KEY SIZE(BITS)

BLOCK SIZE(BITS)

DES

IBM IN 1975

56

64

3DES

IBM IN 1978

112 OR 168

64

RIJNDAEL

JOAN DAEMEN & VINCENT
RIJMEN IN 1998

256

128

BLOWFISH

BRUCE SCHNEIER IN 1993

32-448

64
VIII.ADVANTAGES
2-Aug-14 40
We are implementing blowfish algorithm which is strongest and
fastest in data processing/storing compare to other algorithms.

Blowfish algorithm is highly secured because it has longer key
length (more no of key size).

Blowfish algorithm is to use the full menu of Strong
operations supported in modern computers to achieve better
security properties and provide high speed.

The Blowfish algorithm is an excellent choice for encryption,
since it's lightweight, public domain, and considered secure even
after extensive analysis.

IX.APPLICATIONS
2-Aug-14 41
Secure Communication
Smart Cards
RFID.
ATM networks.
Image encryption

Secure Storage
Confidential Cooperate Documents
Government Documents
FBI Files
Personal Storage Devices

Person Information Protection
X.CONCLUSIONS

2-Aug-14 42
In this project implementation of blowfishgorithm using a
Mat lab have been discussed which is essential for
Multimedia communication over a insecure channel.
Both colour and black & white image of any size saved
in tagged image file format (TIF), Bit map (bmp),
Portablenetwork graphics (PNG), Joint Photographic
Experts group (jpg), ect. can be encrypted & decrypted
using blowfish algorithm.
The Blowfish algorithm is an excellent choice for encryption,
since it's lightweight, public domain, and considered secure even
after extensive analysis

X. BIBLIOGRAPHY
[1] B. Schneier, Description of a New Variable-Length Key, 64-Bit Block Cipher
(Blowfish),Fast Software Encryption, Cambridge Security Workshop
Proceedings (December 1993), Springer-Verlag, 1994
[4] B. Schneier Description of a New Variable-Length Key, 64-Bit Block Cipher
(Blowfish) Fast Software Encryption, Cambridge Security Workshop
Proceedings (December 1993), Springer-Verlag, 1994, pp. 191-204.
[5] Mr. C. R. Patel, Prof. N. B. Gohil , Prof. Vandana Shah Fpga Hardware
Based Des & Blowfish Symmetric Cipher Algorithms For Encryption &
Decryption Of Secured Wireless Data Communication ISSN: 0975 6779|
NOV 12 TO OCT 13 | VOLUME 02, ISSUE - 02 Page
[6] Abdel-Karim Al Tamimi Performance Analysis of Data Encryption
Algorithms
http://www.cse.wustl.edu/~jain/cse56706/ftp/encryption_perf/index.html
Text Books-
[1] William Stallings, "Cryptography and Network Security: Principles and
Practices." 5th edition, 2011.



2-Aug-14 43
2-Aug-14 44
thanK you..